aroma.seedcompany.com Open in urlscan Pro
3.126.202.50 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://aroma.seedcompany.com/
Submission: On February 05 via manual (February 5th 2022, 9:24:19 am UTC) from DE — Scanned from DE

Summary HTTP 128 Redirects Behaviour Indicators

Summary

This website contacted 58 IPs in 10 countries across 66 domains to perform 128 HTTP transactions. The main IP is 3.126.202.50, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is aroma.seedcompany.com.

This is the only time aroma.seedcompany.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	3.126.202.50 3.126.202.50	16509 (AMAZON-02) (AMAZON-02)
3	65.9.78.104 65.9.78.104	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
1	104.111.232.231 104.111.232.231	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2600:9000:215... 2600:9000:2156:3a00:1d:11cf:5800:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
19	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
7	143.204.214.7 143.204.214.7	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1	52.21.234.110 52.21.234.110	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:400c:c08::9d	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
4	2a01:111:f100... 2a01:111:f100:2000::a83e:30c1	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	151.101.14.109 151.101.14.109	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2006	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2016	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1 3	34.96.102.137 34.96.102.137	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2 3	185.167.164.51 185.167.164.51	198622 (ADFORM) (ADFORM)
1	37.157.5.73 37.157.5.73	198622 (ADFORM) (ADFORM)
6	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2 17	37.157.3.29 37.157.3.29	198622 (ADFORM) (ADFORM)
1	37.157.2.238 37.157.2.238	198622 (ADFORM) (ADFORM)
1 2	3.251.21.8 3.251.21.8	16509 (AMAZON-02) (AMAZON-02)
1	104.111.218.85 104.111.218.85	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	52.28.9.143 52.28.9.143	16509 (AMAZON-02) (AMAZON-02)
1	185.86.137.132 185.86.137.132	201081 (SMARTADSE...) (SMARTADSERVER)
2 2	18.157.252.145 18.157.252.145	16509 (AMAZON-02) (AMAZON-02)
1 2	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
1	2.18.234.233 2.18.234.233	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	18.192.154.244 18.192.154.244	16509 (AMAZON-02) (AMAZON-02)
1	52.30.114.170 52.30.114.170	16509 (AMAZON-02) (AMAZON-02)
1 2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
4 4	77.243.60.138 77.243.60.138	42697 (NETIC-AS) (NETIC-AS)
2 2	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
5 5	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
5 6	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
2	3.125.70.222 3.125.70.222	16509 (AMAZON-02) (AMAZON-02)
3 3	34.254.143.3 34.254.143.3	16509 (AMAZON-02) (AMAZON-02)
1	2a02:6ea0:c70... 2a02:6ea0:c700::4	60068 (CDN77 ^_^) (CDN77 ^_^)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1 2	52.30.140.199 52.30.140.199	16509 (AMAZON-02) (AMAZON-02)
2	104.111.215.191 104.111.215.191	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1 1	54.77.170.127 54.77.170.127	16509 (AMAZON-02) (AMAZON-02)
1	52.218.26.147 52.218.26.147	16509 (AMAZON-02) (AMAZON-02)
3 3	51.79.83.225 51.79.83.225	16276 (OVH) (OVH)
1 2	2606:4700:10:... 2606:4700:10::ac43:db6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 5	139.162.152.253 139.162.152.253	63949 (LINODE-AP...) (LINODE-AP Linode)
1 1	51.77.65.176 51.77.65.176	16276 (OVH) (OVH)
1 1	91.210.226.73 91.210.226.73	48314 (IP-PROJECTS) (IP-PROJECTS)
1	52.215.32.43 52.215.32.43	16509 (AMAZON-02) (AMAZON-02)
2 3	185.33.220.243 185.33.220.243	29990 (ASN-APPNEX) (ASN-APPNEX)
1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	65.9.63.40 65.9.63.40	16509 (AMAZON-02) (AMAZON-02)
2 2	54.236.81.149 54.236.81.149	14618 (AMAZON-AES) (AMAZON-AES)
2 2	52.18.235.26 52.18.235.26	16509 (AMAZON-02) (AMAZON-02)
1 1	3.68.148.208 3.68.148.208	16509 (AMAZON-02) (AMAZON-02)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	18.198.254.252 18.198.254.252	16509 (AMAZON-02) (AMAZON-02)
1	141.95.3.40 141.95.3.40	16276 (OVH) (OVH)
2 2	35.190.16.14 35.190.16.14	15169 (GOOGLE) (GOOGLE)
1	104.111.242.245 104.111.242.245	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	88.99.213.228 88.99.213.228	24940 (HETZNER-AS) (HETZNER-AS)
1	2600:9000:205... 2600:9000:2057:c000:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2 2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
1	46.19.11.36 46.19.11.36	51790 (SIEL) (SIEL)
1 2	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
128	58

1 3.126.202.50 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-202-50.eu-central-1.compute.amazonaws.com

aroma.seedcompany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 65.9.78.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-78-104.ams1.r.cloudfront.net

builder-assets.unbounce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.232.231 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-232-231.deploy.static.akamaitechnologies.com

cloud.typography.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2156:3a00:1d:11cf:5800:93a1 (United States)

ASN16509 (AMAZON-02, US)

d34qb8suadcc4g.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 143.204.214.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-214-7.fra53.r.cloudfront.net

d9hhrg4mnvzow.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.21.234.110 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-234-110.compute-1.amazonaws.com

events.ub-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a01:111:f100:2000::a83e:30c1 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

epiphany.masterworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.14.109 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

extend.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.96.102.137 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 137.102.96.34.bc.googleusercontent.com

dev.visualwebsiteoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.167.164.51 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

a2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.5.73 (Denmark)

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 37.157.3.29 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.2.238 (Denmark)

ASN198622 (ADFORM, DK)

a1.seadform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.251.21.8 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-251-21-8.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.218.85 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-218-85.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.28.9.143 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-9-143.eu-central-1.compute.amazonaws.com

ih.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.137.132 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.157.252.145 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-252-145.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.0.31 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-233.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.192.154.244 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-154-244.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.30.114.170 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-114-170.eu-west-1.compute.amazonaws.com

rtb.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 77.243.60.138 (Aalborg, Denmark) 4 redirects

ASN42697 (NETIC-AS, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.233.201 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.71.131.137 (United States) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.162 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.125.70.222 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-70-222.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.254.143.3 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
loada.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::4 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

load77.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.30.140.199 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-140-199.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.215.191 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.77.170.127 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-170-127.eu-west-1.compute.amazonaws.com

api.adrtx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.26.147 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1.amazonaws.com

s3-eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.79.83.225 (Beauharnois, Canada) 3 redirects

ASN16276 (OVH, FR)
PTR: pikafka-us-2.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::ac43:db6 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 139.162.152.253 (Frankfurt am Main, Germany) 4 redirects

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1419-253.members.linode.com

cm.adsafety.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.77.65.176 (Germany) 1 redirects

ASN16276 (OVH, FR)
PTR: tags12.adsafety.net

tags.adsafety.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.210.226.73 (Germany) 1 redirects

ASN48314 (IP-PROJECTS, DE)

ads.smartstream.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.215.32.43 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-32-43.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.220.243 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.63.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-63-40.fra56.r.cloudfront.net

pdw-adf.userreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.236.81.149 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-236-81-149.compute-1.amazonaws.com

a.audrte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.18.235.26 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-235-26.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.68.148.208 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-68-148-208.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.198.254.252 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-254-252.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.3.40 (France)

ASN16276 (OVH, FR)
PTR: p30.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.16.14 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 14.16.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.99.213.228 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.88-99-213-228.clients.your-server.de

sync.1dmp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:c000:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.19.11.36 (Ljubljana, Slovenia)

ASN51790 (SIEL, SI)
PTR: ilog.vsn.si

match.contentexchange.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.18 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	adform.net 4 redirects a2.adform.net — Cisco Umbrella Rank: 7530 s2.adform.net — Cisco Umbrella Rank: 5692 c1.adform.net — Cisco Umbrella Rank: 608 dmp.adform.net — Cisco Umbrella Rank: 2434 track.adform.net — Cisco Umbrella Rank: 3933	40 KB
19	youtube.com www.youtube.com — Cisco Umbrella Rank: 92	1 MB
12	doubleclick.net 6 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 96 googleads.g.doubleclick.net — Cisco Umbrella Rank: 46 static.doubleclick.net — Cisco Umbrella Rank: 356 cm.g.doubleclick.net — Cisco Umbrella Rank: 197	3 KB
9	cloudfront.net d34qb8suadcc4g.cloudfront.net d9hhrg4mnvzow.cloudfront.net	2 MB
7	gstatic.com fonts.gstatic.com www.gstatic.com	94 KB
6	adsafety.net 5 redirects cm.adsafety.net — Cisco Umbrella Rank: 6205 tags.adsafety.net — Cisco Umbrella Rank: 83568	10 KB
6	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	777 B
5	adsrvr.org 5 redirects match.adsrvr.org — Cisco Umbrella Rank: 329	2 KB
4	exelator.com 3 redirects loadm.exelator.com — Cisco Umbrella Rank: 1077 load77.exelator.com — Cisco Umbrella Rank: 3641 loada.exelator.com — Cisco Umbrella Rank: 23037	3 KB
4	semasio.net 4 redirects uipglob.semasio.net — Cisco Umbrella Rank: 1250	3 KB
4	masterworks.com epiphany.masterworks.com — Cisco Umbrella Rank: 283587	101 KB
3	adnxs.com 2 redirects secure.adnxs.com — Cisco Umbrella Rank: 404	3 KB
3	onaudience.com 3 redirects pixel.onaudience.com — Cisco Umbrella Rank: 1510	1 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 146	201 KB
3	visualwebsiteoptimizer.com 1 redirects dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 5205	2 KB
3	google.com www.google.com — Cisco Umbrella Rank: 13	27 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	20 KB
3	unbounce.com builder-assets.unbounce.com — Cisco Umbrella Rank: 16804	39 KB
2	3lift.com 1 redirects eb2.3lift.com — Cisco Umbrella Rank: 389	721 B
2	tapad.com 2 redirects pixel.tapad.com — Cisco Umbrella Rank: 419	904 B
2	1dmp.io 1 redirects sync.1dmp.io — Cisco Umbrella Rank: 12235	804 B
2	weborama.fr 2 redirects redirect.frontend.weborama.fr — Cisco Umbrella Rank: 10065	519 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 876	1 KB
2	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 205	2 KB
2	audrte.com 2 redirects a.audrte.com — Cisco Umbrella Rank: 3719	1 KB
2	zeotap.com 1 redirects spl.zeotap.com — Cisco Umbrella Rank: 1427 mwzeom.zeotap.com — Cisco Umbrella Rank: 1680	894 B
2	bluekai.com tags.bluekai.com — Cisco Umbrella Rank: 466	891 B
2	crwdcntrl.net 1 redirects sync.crwdcntrl.net — Cisco Umbrella Rank: 719	1016 B
2	eyeota.net ps.eyeota.net — Cisco Umbrella Rank: 916	688 B
2	mathtag.com 2 redirects pixel.mathtag.com — Cisco Umbrella Rank: 1240	1 KB
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 590	2 KB
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 287	1 KB
2	yahoo.com 1 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 283	604 B
2	advertising.com 2 redirects pixel.advertising.com — Cisco Umbrella Rank: 327	677 B
2	adscale.de 2 redirects ih.adscale.de — Cisco Umbrella Rank: 3772	691 B
2	360yield.com 1 redirects ad.360yield.com — Cisco Umbrella Rank: 675	827 B
2	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 109	36 KB
2	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 206	6 KB
2	googletagmanager.com 1 redirects www.googletagmanager.com — Cisco Umbrella Rank: 78	43 KB
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 293 fonts.googleapis.com — Cisco Umbrella Rank: 47	26 KB
1	contentexchange.me match.contentexchange.me — Cisco Umbrella Rank: 22080	49 B
1	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 707	238 B
1	teads.tv sync.teads.tv — Cisco Umbrella Rank: 868	172 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 596	1009 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1751	456 B
1	agkn.com 1 redirects aa.agkn.com — Cisco Umbrella Rank: 442	340 B
1	userreport.com pdw-adf.userreport.com — Cisco Umbrella Rank: 17324	444 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 552	542 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 408	338 B
1	smartstream.tv 1 redirects ads.smartstream.tv — Cisco Umbrella Rank: 38133	849 B
1	amazonaws.com s3-eu-west-1.amazonaws.com	390 B
1	adrtx.net 1 redirects api.adrtx.net — Cisco Umbrella Rank: 22188	406 B
1	openx.net eu-u.openx.net — Cisco Umbrella Rank: 2015	274 B
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 316
1	gumgum.com rtb.gumgum.com — Cisco Umbrella Rank: 1288	209 B
1	stickyadstv.com ads.stickyadstv.com — Cisco Umbrella Rank: 677	712 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 578	163 B
1	rubiconproject.com token.rubiconproject.com — Cisco Umbrella Rank: 689	214 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 3238	522 B
1	seadform.net a1.seadform.net — Cisco Umbrella Rank: 17830	343 B
1	google.de www.google.de — Cisco Umbrella Rank: 5557	501 B
1	vimeocdn.com extend.vimeocdn.com — Cisco Umbrella Rank: 10735	6 KB
1	ub-analytics.com events.ub-analytics.com — Cisco Umbrella Rank: 22904	343 B
1	typography.com cloud.typography.com — Cisco Umbrella Rank: 5992	277 B
1	seedcompany.com aroma.seedcompany.com	10 KB
0	mookie1.com Failed ib.mookie1.com Failed
128	66

	Domain	Requested by
19	www.youtube.com	aroma.seedcompany.com www.youtube.com www.googletagmanager.com
12	c1.adform.net	2 redirects a2.adform.net c1.adform.net
7	d9hhrg4mnvzow.cloudfront.net	aroma.seedcompany.com
6	cm.g.doubleclick.net	5 redirects c1.adform.net
6	www.facebook.com	aroma.seedcompany.com
5	cm.adsafety.net	4 redirects c1.adform.net
5	match.adsrvr.org	5 redirects
5	fonts.gstatic.com	www.youtube.com fonts.googleapis.com
4	dmp.adform.net	c1.adform.net
4	uipglob.semasio.net	4 redirects
4	epiphany.masterworks.com	aroma.seedcompany.com
3	secure.adnxs.com	2 redirects c1.adform.net
3	pixel.onaudience.com	3 redirects
3	a2.adform.net	2 redirects aroma.seedcompany.com
3	connect.facebook.net	aroma.seedcompany.com connect.facebook.net
3	dev.visualwebsiteoptimizer.com	1 redirects aroma.seedcompany.com
3	googleads.g.doubleclick.net	1 redirects www.youtube.com
3	www.google.com	aroma.seedcompany.com www.youtube.com
3	www.google-analytics.com	aroma.seedcompany.com www.google-analytics.com
3	builder-assets.unbounce.com	aroma.seedcompany.com
2	eb2.3lift.com	1 redirects c1.adform.net
2	pixel.tapad.com	2 redirects
2	sync.1dmp.io	1 redirects c1.adform.net
2	redirect.frontend.weborama.fr	2 redirects
2	pm.w55c.net	2 redirects
2	dpm.demdex.net	2 redirects
2	a.audrte.com	2 redirects
2	tags.bluekai.com	c1.adform.net
2	sync.crwdcntrl.net	1 redirects c1.adform.net
2	loadm.exelator.com	2 redirects
2	ps.eyeota.net	c1.adform.net
2	pixel.mathtag.com	2 redirects
2	dsum-sec.casalemedia.com	1 redirects c1.adform.net
2	x.bidswitch.net	2 redirects
2	ups.analytics.yahoo.com	1 redirects c1.adform.net
2	pixel.advertising.com	2 redirects
2	ih.adscale.de	2 redirects
2	ad.360yield.com	1 redirects c1.adform.net
2	www.gstatic.com	www.youtube.com
2	i.ytimg.com	www.youtube.com
2	yt3.ggpht.com	www.youtube.com
2	static.doubleclick.net	www.youtube.com
2	www.googletagmanager.com	1 redirects aroma.seedcompany.com
2	d34qb8suadcc4g.cloudfront.net	aroma.seedcompany.com d34qb8suadcc4g.cloudfront.net
1	track.adform.net	aroma.seedcompany.com
1	match.contentexchange.me	c1.adform.net
1	s.ad.smaato.net	c1.adform.net
1	sync.teads.tv	c1.adform.net
1	id5-sync.com	c1.adform.net
1	dsp.adfarm1.adition.com	1 redirects
1	aa.agkn.com	1 redirects
1	pdw-adf.userreport.com	c1.adform.net
1	simage2.pubmatic.com	c1.adform.net
1	beacon.krxd.net	c1.adform.net
1	ads.smartstream.tv	1 redirects
1	tags.adsafety.net	1 redirects
1	mwzeom.zeotap.com	c1.adform.net
1	spl.zeotap.com	1 redirects
1	loada.exelator.com	1 redirects
1	s3-eu-west-1.amazonaws.com	c1.adform.net
1	api.adrtx.net	1 redirects
1	eu-u.openx.net	c1.adform.net
1	idsync.rlcdn.com	c1.adform.net
1	load77.exelator.com	c1.adform.net
1	rtb.gumgum.com	c1.adform.net
1	ads.stickyadstv.com	c1.adform.net
1	rtb-csync.smartadserver.com	c1.adform.net
1	token.rubiconproject.com	c1.adform.net
1	ad.yieldlab.net	c1.adform.net
1	a1.seadform.net	aroma.seedcompany.com
1	s2.adform.net	aroma.seedcompany.com
1	www.google.de	aroma.seedcompany.com
1	extend.vimeocdn.com	www.googletagmanager.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	events.ub-analytics.com	aroma.seedcompany.com
1	fonts.googleapis.com	builder-assets.unbounce.com
1	cloud.typography.com	aroma.seedcompany.com
1	ajax.googleapis.com	aroma.seedcompany.com
1	aroma.seedcompany.com
0	ib.mookie1.com Failed	c1.adform.net
128	80

This site contains no links.

Subject Issuer	Validity	Valid
*.typography.com DigiCert SHA2 Secure Server CA	`2021-05-27` - `2022-06-01`	a year	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.vimeocdn.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-05-18` - `2022-06-19`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-11-14` - `2022-02-12`	3 months	crt.sh
*.masterworks.com Go Daddy Secure Certificate Authority - G2	`2021-11-03` - `2022-10-30`	a year	crt.sh
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2	`2020-06-19` - `2022-07-06`	2 years	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.seadform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-11-04`	a year	crt.sh
*.yieldlab.net DigiCert SHA2 Secure Server CA	`2022-01-14` - `2023-01-13`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
ads.stickyadstv.com DigiCert SHA2 Secure Server CA	`2021-09-19` - `2022-09-20`	a year	crt.sh
*.eyeota.net R3	`2022-01-04` - `2022-04-04`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-11-24` - `2022-04-26`	5 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-11-03` - `2022-11-02`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
*.userreport.com Amazon	`2022-01-19` - `2023-02-17`	a year	crt.sh
*.id5-sync.com R3	`2021-12-20` - `2022-03-20`	3 months	crt.sh
teads.tv R3	`2022-01-03` - `2022-04-03`	3 months	crt.sh
s.ad.smaato.net Amazon	`2021-09-21` - `2022-10-20`	a year	crt.sh
*.contentexchange.me Sectigo RSA Domain Validation Secure Server CA	`2021-05-05` - `2022-06-04`	a year	crt.sh

This page contains 3 frames:

Primary Page: http://aroma.seedcompany.com/
Frame ID: 00341A0746B0DD138F8452BB65FC1C8C
Requests: 52 HTTP requests in this frame

Frame: https://www.youtube.com/embed/RDq88JEbv6U?enablejsapi=1&origin=http%3A%2F%2Faroma.seedcompany.com
Frame ID: D68D18A236115F57324F63689FE5DF3F
Requests: 34 HTTP requests in this frame

Frame: https://c1.adform.net/imatch/pixels?uid=1722494121027241842&agencyId=5212&advertiserId=237778&src=tp&rnd=767937
Frame ID: 3AD84CC0806FFB248BD113358D353189
Requests: 45 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Aroma Prayer

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

128
Requests

60 %
HTTPS

28 %
IPv6

66
Domains

80
Subdomains

58
IPs

10
Countries

4552 kB
Transfer

9770 kB
Size

102
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 7

http://www.googletagmanager.com/gtm.js?id=GTM-MGXTKBN HTTP 302
https://www.googletagmanager.com/gtm.js?id=GTM-MGXTKBN

Request Chain 35

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 45

http://dev.visualwebsiteoptimizer.com/j.php?a=385707&u=http%3A%2F%2Faroma.seedcompany.com%2F&r=0.10792816906320502 HTTP 301
https://dev.visualwebsiteoptimizer.com/j.php?a=385707&u=http%3A%2F%2Faroma.seedcompany.com%2F&r=0.10792816906320502

Request Chain 47

https://a2.adform.net/serving/scripts/trackpoint/async/ HTTP 301
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Request Chain 58

https://a2.adform.net/Serving/TrackPoint/?pm=1149425&ADFdivider=%7C&ord=311680429992&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=e30&loc=http%3A%2F%2Faroma.seedcompany.com%2F HTTP 302
https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=1149425&ADFdivider=%7C&ord=311680429992&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=e30&loc=http%3A%2F%2Faroma.seedcompany.com%2F

Request Chain 64

https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=1722494121027241842&Expiration=1645262654 HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=1722494121027241842&Expiration=1645262654

Request Chain 67

https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=1722494121027241842&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__ HTTP 302
https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=1722494121027241842&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__&nut&uu=3b63a80a098f48e1914afa66ae945d5d HTTP 307
https://c1.adform.net/serving/cookie/match?party=9&uid=642d6c10f750102350a8109fac6d38663a6b1150da875b5fad05598e49425174

Request Chain 69

https://pixel.advertising.com/ups/55944/sync?uid=1722494121027241842&_origin=1 HTTP 302
https://pixel.advertising.com/ups/55944/sync?uid=1722494121027241842&_origin=1&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/55944/sync?uid=1722494121027241842&_origin=1&apid=UP626556a5-8665-11ec-9efb-02f57c87c92e HTTP 302
https://ups.analytics.yahoo.com/ups/55944/sync?uid=1722494121027241842&_origin=1&apid=UP626556a5-8665-11ec-9efb-02f57c87c92e&verify=true

Request Chain 71

https://x.bidswitch.net/sync?dsp_id=70&user_id=1722494121027241842 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=70&user_id=1722494121027241842 HTTP 302
https://rtb.gumgum.com/usersync?b=bsw&i=4211ffd3-4f0a-400e-94ab-78efabe97dad

Request Chain 72

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=1722494121027241842&expiration=1645262654 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=1722494121027241842&expiration=1645262654&C=1

Request Chain 73

https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=1722494121027241842&sInitiator=external HTTP 302
https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=1722494121027241842&sInitiator=external HTTP 302
https://pixel.mathtag.com/sync/img?mt_exid=10041&gdpr=&gdpr_consent=&redir=https%3A%2F%2Fuipglob.semasio.net%2Fmediamath%2F1%2Finfo%3FsType%3Dsync%26sExtCookieId%3D[MM_UUID]%26sInitiator%3Dinternal HTTP 302
https://uipglob.semasio.net/mediamath/1/info?sType=sync&sExtCookieId=294961fe-423d-4e00-be75-480e1796e9c6&sInitiator=internal&gdpr=&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=semasio&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=semasio&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
https://uipglob.semasio.net/tradedesk/1/info?sType=sync&gdpr=1&gdpr_consent=&sInitiator=internal&sExtCookieId=dbc2e2f6-5512-4de8-9696-44153ec92b1c HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=RTI3MTMzQzk0NDc5MEI5NQ&gdpr=1&gdpr_consent=

Request Chain 75

https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=1722494121027241842 HTTP 302
https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=1722494121027241842&xl8blockcheck=1 HTTP 302
https://load77.exelator.com/pixel.gif

Request Chain 77

https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=1722494121027241842 HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=1722494121027241842

Request Chain 80

https://api.adrtx.net/thirdparty/click?p=adfo HTTP 302
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif

Request Chain 81

https://pixel.onaudience.com/?mapped=1722494121027241842&partner=68 HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25 HTTP 302
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=5da5b301802e8c2cf95b608e602b50a3 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
https://pixel.onaudience.com/?partner=147&mapped=e1953fd5-2396-46da-93aa-c81682086a92&icm HTTP 302
https://spl.zeotap.com/?zdid=1332&zcluid=44fecaf97292a5be HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=252083f9-987b-4cbe-7e5b-faae5acf2418&reqId=96859981-f063-462b-69a1-275e1bba16d7&zcluid=44fecaf97292a5be&zdid=1332 HTTP 302
https://mwzeom.zeotap.com/mw?google_gid=CAESEB-RB__aNz90sJzdFStu4wM&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=252083f9-987b-4cbe-7e5b-faae5acf2418&reqId=96859981-f063-462b-69a1-275e1bba16d7&zcluid=44fecaf97292a5be&zdid=1332

Request Chain 82

https://cm.adsafety.net/?_cmsrc=adformx&idt=100&did=1722494121027241842 HTTP 302
https://tags.adsafety.net/v1/cm?cm_uid=CM12022020509ca82df685093a29d2e9&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dct%26_chainsrc%3Dcommon%26idt%3D%5B%25IDT%25%5D%26did%3D%5B%25DID%25%5D HTTP 302
https://cm.adsafety.net/?_cmsrc=ct&_chainsrc=common&idt=100&did=84250a7150f8fe3553115cef882f52b3 HTTP 302
https://ads.smartstream.tv/cm/?cmsrc=cm&cm_uid=CM12022020509ca82df685093a29d2e9&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dstv%26_chainsrc%3Dcommon&gdpr_consent= HTTP 302
https://cm.adsafety.net/?_cmsrc=stv&_chainsrc=common&idt=100&did=84250a7150f8fe3553115cef882f52b3&idt_did_status=added&gdpr_consent=&gdpr=0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=dataxtrade_dmp&google_cm&google_hm=Q00xMjAyMjAyMDUwOWNhODJkZjY4NTA5M2EyOWQyZTk HTTP 302
https://cm.adsafety.net/?_cmsrc=dbmx&midt=100&mdid=CAESELzS3sAux0uyQpc2bGnqSsQ&google_cver=1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=28&cid=CM12022020509ca82df685093a29d2e9 HTTP 302
https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=1722494121027241842

Request Chain 84

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=MTcyMjQ5NDEyMTAyNzI0MTg0Mg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm=&google_ula=1641347&party=1&google_hm=MTcyMjQ5NDEyMTAyNzI0MTg0Mg&google_tc= HTTP 302
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMTMwd6BEWFb9eeh07LBEYg&google_cver=1&google_ula=1641347,0

Request Chain 86

https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%3Fparty%3D3%26id%3D%24UID%26redirect%3D1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=3&id=795153433433940836&redirect=1 HTTP 302
https://secure.adnxs.com/setuid?entity=91&code=1722494121027241842

Request Chain 89

https://a.audrte.com/a?adform_uid=1722494121027241842 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D&gdpr=0&gdpr_consent=&google_gid=CAESEFHLb4LTD2EguWm_zLCxgmQ&google_cver=1 HTTP 302
https://ps.eyeota.net/match?bid=kh51m51&uid=7e4yyKf3L6pRdi7iaQAbENUQw&gdpr=0&gdpr_consent=

Request Chain 90

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=1722494121027241842&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=1722494121027241842&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=1007&cid=53760394428642278480499748216319494882&noredirect=1

Request Chain 91

https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=1722494121027241842 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=164960904053000121484

Request Chain 92

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7061154099826456724

Request Chain 94

https://pixel.mathtag.com/sync/img?redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1066%26cid%3D%5BMM_UUID%5D HTTP 302
https://c1.adform.net/serving/cookie/match?party=1066&cid=294961fe-423d-4e00-be75-480e1796e9c6

Request Chain 95

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
https://c1.adform.net/serving/cookie/match?party=1084&cid=TrcQPhZF1NghiK5

Request Chain 96

https://match.adsrvr.org/track/cmf/generic?ttd_pid=71ei9rr&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=71ei9rr&ttd_tpi=1 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=e1953fd5-2396-46da-93aa-c81682086a92

Request Chain 97

https://global.ib-ibi.com/image.sbmx?go=302927&pid=567&xid=1722494121027241842 HTTP 302
https://ib.mookie1.com/image.sbmx?go=302927&pid=567&xid=1722494121027241842

Request Chain 99

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D HTTP 302
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=794123162 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=oRuppqj7NlkY472G7.VBle

Request Chain 101

https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=1722494121027241842 HTTP 302
https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=1722494121027241842&cs=1

Request Chain 103

https://pixel.tapad.com/idsync/ex/receive?partner_id=2032&partner_device_id=1722494121027241842&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2032&partner_device_id=1722494121027241842&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://c1.adform.net/serving/cookie/match?party=2007&cid=67152122-c5cf-414e-83de-d79ca98a2332

Request Chain 105

https://eb2.3lift.com/xuid?mid=7354&xuid=1722494121027241842&dongle=AD20 HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=7354&xuid=1722494121027241842&dongle=AD20&gdpr=1&cmp_cs=&us_privacy=

Request Chain 109

http://www.google-analytics.com/collect?v=1&_v=j96&a=1018947153&t=timing&_s=2&dl=http%3A%2F%2Faroma.seedcompany.com%2F&ul=en-us&de=UTF-8&dt=Aroma%20Prayer&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=4929&pdt=1&dns=1&rrt=0&srt=15&tcp=7&dit=627&clt=627&_gst=577&_gbt=664&_u=IEBAAEABAAAAAC~&jid=&gjid=&cid=1920564580.1644053052&tid=UA-108415468-6&_gid=1713622629.1644053052&z=516990816 HTTP 307
https://www.google-analytics.com/collect?v=1&_v=j96&a=1018947153&t=timing&_s=2&dl=http%3A%2F%2Faroma.seedcompany.com%2F&ul=en-us&de=UTF-8&dt=Aroma%20Prayer&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=4929&pdt=1&dns=1&rrt=0&srt=15&tcp=7&dit=627&clt=627&_gst=577&_gbt=664&_u=IEBAAEABAAAAAC~&jid=&gjid=&cid=1920564580.1644053052&tid=UA-108415468-6&_gid=1713622629.1644053052&z=516990816

128 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
aroma.seedcompany.com/ 61 KB
10 KB 23ms
15ms Document
text/html 3.126.202.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://aroma.seedcompany.com/
Protocol: HTTP/1.1
Server: 3.126.202.50 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-202-50.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 0b09e7aaf835703eb00940131725f7b267d4649ac93de08468faf25edddc8558

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Sat, 05 Feb 2022 09:24:11 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
p3p: CP="This is not a privacy policy."
x-unbounce-pageid: d3365b05-921a-4d8f-9db6-2c60fb640f66
etag: "b:e5c5dcb20bc4205469c53ae3a408dc35"
last-modified: Fri, 05 Feb 2021 17:12:39 GMT
x-unbounce-visitorid: 8322f21b-9412-4648-be16-2c780997fe50
x-unbounce-variant: b
content-location: http://aroma.seedcompany.com/
link: <http://aroma.seedcompany.com/>; rel="canonical"
content-encoding: gzip
x-proxy-backend: page-server
connection: close

GET
H/1.1 200
OK main-7b78720.z.css
builder-assets.unbounce.com/published-css/ 15 KB
3 KB 46ms
14ms Stylesheet
text/css 65.9.78.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://builder-assets.unbounce.com/published-css/main-7b78720.z.css
Requested by: Host: aroma.seedcompany.com
URL: http://aroma.seedcompany.com/
Protocol: HTTP/1.1
Server: 65.9.78.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-78-104.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://aroma.seedcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sat, 05 Feb 2022 01:12:18 GMT
Content-Encoding: gzip
Age: 29514
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 2902
Last-Modified: Tue, 18 Jan 2022 22:28:54 GMT
Server: AmazonS3
ETag: "43729a62fb549c1f6784cd5cc32082e0"
x-amz-version-id: kJDetr_gaa4mXuLbtL4sIGZNSy2Uu.RY
Via: 1.1 e328b143eb69c36369a2def78300d502.cloudfront.net (CloudFront)
Cache-Control: max-age=31536000
X-Amz-Cf-Pop: AMS1-C1
Accept-Ranges: bytes
Content-Type: text/css
X-Amz-Cf-Id: sRSBmnniTQLitooNuI15-qtgnVPeiZ01TemDQWbE3rUk6EunRbPDVw==

GET
H/1.1 200
OK jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.4.2/ 70 KB
25 KB 18ms
11ms Script
text/javascript 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js

Requested by

Host: aroma.seedcompany.com
URL: http://aroma.seedcompany.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://aroma.seedcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 04 Feb 2022 14:59:06 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 66305
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 24715
X-XSS-Protection: 0
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Vary: Accept-Encoding
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Sat, 04 Feb 2023 14:59:06 GMT

GET
H/1.1 200
OK jquery-shims.bundle-0983003.z.js Show response
builder-assets.unbounce.com/published-js/ 6 KB
3 KB 46ms
15ms Script
application/javascript 65.9.78.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://builder-assets.unbounce.com/published-js/jquery-shims.bundle-0983003.z.js
Requested by: Host: aroma.seedcompany.com
URL: http://aroma.seedcompany.com/
Protocol: HTTP/1.1
Server: 65.9.78.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-78-104.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0983003c2827bd0b24985d096cb40456780a70afc96c5913bf1217529c18254b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://aroma.seedcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sat, 22 May 2021 21:32:49 GMT
Content-Encoding: gzip
Age: 22333883
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 1993
Last-Modified: Tue, 04 May 2021 23:39:58 GMT
Server: AmazonS3
ETag: "a05a2b23a4c2ca8d49a4ee58eb8d54ea"
x-amz-version-id: 0jdE1z4pVysKHfF.y2wdQ_g12dgNpnLG
Via: 1.1 a06d82f018833bef3e7f2e9fd230e5ee.cloudfront.net (CloudFront)
Cache-Control: max-age=31536000
X-Amz-Cf-Pop: AMS1-C1
Accept-Ranges: bytes
Content-Type: application/javascript
X-Amz-Cf-Id: MyDQBH6D70KRIz_WiQBS_tAw6-oB8LzwvEZLvdzB4HgL_yaUUzC7IQ==

GET
H/1.1 200
OK fonts.css
cloud.typography.com/6149712/758524/css/ 17 B
277 B 533ms
326ms Stylesheet
text/css 104.111.232.231
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cloud.typography.com/6149712/758524/css/fonts.css
Requested by: Host: aroma.seedcompany.com
URL: http://aroma.seedcompany.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.232.231 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-232-231.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: f2e53e56c4c3f42d0f7654ddedfa5cb642a4c2a6389435c6e4ae65fbfafd9f12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://aroma.seedcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sat, 05 Feb 2022 09:24:12 GMT
Server: AkamaiNetStorage
ETag: "f130fd70bd4cfa88cacd6d9b4c8c0f19:1628389682.03244"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=300
Connection: keep-alive
Content-Length: 17

GET
H2 200 ub.js Show response
d34qb8suadcc4g.cloudfront.net/ 5 KB
2 KB 48ms
7ms Script
application/javascript 2600:9000:2156:3a00:1d:11cf:5800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d34qb8suadcc4g.cloudfront.net/ub.js?1618514266
Requested by: Host: aroma.seedcompany.com
URL: http://aroma.seedcompany.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3a00:1d:11cf:5800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0bbb0c157e8aad81455cc5e2d258b835053a0b404b32632adaed6a9075042bc4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://aroma.seedcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 03 May 2021 00:38:38 GMT
content-encoding: gzip
last-modified: Thu, 15 Apr 2021 19:15:08 GMT
server: AmazonS3
age: 24050734
etag: "f6420c864830b5860bfaadd47a2bb21b"
x-cache: Hit from cloudfront
x-amz-version-id: bKC28ufbc849z_LglraHgQe9TbPw1SIU
via: 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: application/javascript
content-length: 1856
x-amz-cf-id: 6Mc4antZc6KMfT7y4MLniSjHR7eZfQPRs6qUIhyvHJw4iqEDlKX85Q==

GET
H/1.1 200
OK main.bundle-5c6e41c.z.js Show response
builder-assets.unbounce.com/published-js/ 104 KB
33 KB 14ms
13ms Script
application/javascript 65.9.78.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://builder-assets.unbounce.com/published-js/main.bundle-5c6e41c.z.js
Requested by: Host: aroma.seedcompany.com
URL: http://aroma.seedcompany.com/
Protocol: HTTP/1.1
Server: 65.9.78.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-78-104.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5c6e41cab44d3fc8958df6b852e4e728360a81d7a5fc3079b36e677cc07f8edb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://aroma.seedcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sun, 15 Aug 2021 18:29:16 GMT
Content-Encoding: gzip
Age: 15000896
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 33645
Last-Modified: Thu, 14 Jan 2021 00:04:10 GMT
Server: AmazonS3
ETag: "bb50eefe0cf9244bc17fe34bb55821bb"
x-amz-version-id: ipR703zeXb6Y9CZFo9gIWbPXuPKHmpp3
Via: 1.1 a06d82f018833bef3e7f2e9fd230e5ee.cloudfront.net (CloudFront)
Cache-Control: max-age=31536000
X-Amz-Cf-Pop: AMS1-C1
Accept-Ranges: bytes
Content-Type: application/javascript
X-Amz-Cf-Id: dJgXK51g4kRfxckLDzrWU2Ga4TGozne4vzdP5tmQB9pprVnn3tqXJg==

GET
H2

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

49 KB
20 KB

31ms
8ms

Script
text/javascript

2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: aroma.seedcompany.com
URL: http://aroma.seedcompany.com/

Protocol

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://aroma.seedcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 6558
date: Sat, 05 Feb 2022 07:34:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sat, 05 Feb 2022 09:34:54 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS

GET
H2

200

gtm.js Show response
www.googletagmanager.com/
Redirect Chain

http://www.googletagmanager.com/gtm.js?id=GTM-MGXTKBN
https://www.googletagmanager.com/gtm.js?id=GTM-MGXTKBN

112 KB
43 KB

54ms
31ms

Script
application/javascript

2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MGXTKBN

Requested by

Host: aroma.seedcompany.com
URL: http://aroma.seedcompany.com/

Protocol

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d03851676326a27b4fafb7d6cfd8618f866c4c9def11d9a48e7c2cc4b5a438bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://aroma.seedcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 09:24:12 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43370
x-xss-protection: 0
last-modified: Sat, 05 Feb 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 05 Feb 2022 09:24:12 GMT

Redirect headers

Location: https://www.googletagmanager.com/gtm.js?id=GTM-MGXTKBN
Date: Sat, 05 Feb 2022 09:24:12 GMT
Cross-Origin-Resource-Policy: cross-origin
Server: Google Tag Manager
Content-Length: 251
X-XSS-Protection: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 RDq88JEbv6U Show response
www.youtube.com/embed/ Frame D68D 60 KB
26 KB 87ms
66ms Document
text/html 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/RDq88JEbv6U

Requested by

Host: aroma.seedcompany.com
URL: http://aroma.seedcompany.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

086f48f8140b744d88a9fc6145da50432b2b901175649e3ddff1b170bf23e039

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://aroma.seedcompany.com/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 05 Feb 2022 09:24:12 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
report-to: {"group":"ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"}]}
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://aroma.seedcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK 33f024df-180818-tscokenya-estherhavens-2094_11hc0zk1hc0rx00003t000.jpg
d9hhrg4mnvzow.cloudfront.net/aroma.seedcompany.com/ 2 MB
2 MB 520ms
491ms Image
image/jpeg 143.204.214.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://d9hhrg4mnvzow.cloudfront.net/aroma.seedcompany.com/33f024df-180818-tscokenya-estherhavens-2094_11hc0zk1hc0rx00003t000.jpg
Requested by: Host: aroma.seedcompany.com
URL: http://aroma.seedcompany.com/
Protocol: HTTP/1.1
Server: 143.204.214.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-7.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cad7eef2e51ce16470118802b861ce11c0ebd67e71154ec28d8db8cb7af0a88c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://aroma.seedcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sat, 05 Feb 2022 09:24:13 GMT
Via: 1.1 89cb19c6f2c9ed0983294d3b12e80e42.cloudfront.net (CloudFront)
Last-Modified: Fri, 05 Feb 2021 17:12:39 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA53-C1
ETag: "521f644e29718648ae9f39ed1a305d21"
X-Cache: Miss from cloudfront
x-amz-version-id: iQzitfI40A0PdYleqNHZPDkr43XIfPpU
Cache-Control: max-age=31557600
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/jpeg
Content-Length: 1648239
X-Amz-Cf-Id: 9JSi6ZNX0LDCra4GW5SFj3xLk7pgKjqpzxjfZLIimnc_Ovf4j0zhfQ==

GET
H/1.1 200
OK 31de6abb-tscomexico-caritina-2-1-copy_100000013x0b600001r000.jpg
d9hhrg4mnvzow.cloudfront.net/aroma.seedcompany.com/ 672 KB
673 KB 521ms
493ms Image
image/jpeg 143.204.214.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://d9hhrg4mnvzow.cloudfront.net/aroma.seedcompany.com/31de6abb-tscomexico-caritina-2-1-copy_100000013x0b600001r000.jpg
Requested by: Host: aroma.seedcompany.com
URL: http://aroma.seedcompany.com/
Protocol: HTTP/1.1
Server: 143.204.214.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-7.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e67cbd28783acb58429b333b5f67c49fd4497b02e9e86d0f705ce8ebd07784de

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://aroma.seedcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sat, 05 Feb 2022 09:24:13 GMT
Via: 1.1 89cb19c6f2c9ed0983294d3b12e80e42.cloudfront.net (CloudFront)
Last-Modified: Fri, 05 Feb 2021 17:12:39 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA53-C1
ETag: "04e11f3729d1e8bd5d708fa98a2f3560"
X-Cache: Miss from cloudfront
x-amz-version-id: IP5l.zUfbEF.NgGj2zw7H0Nxf..JW9GO
Cache-Control: max-age=31557600
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/jpeg
Content-Length: 688199
X-Amz-Cf-Id: cyO8YLu5KZpx5C_i10-0Hz8Wy-irsUxe2Ij682B5aVmN9BLwvtNh2A==

GET
H2 200 sp-2.14.0.js Show response
d34qb8suadcc4g.cloudfront.net/ 98 KB
30 KB 8ms
8ms Script
application/javascript 2600:9000:2156:3a00:1d:11cf:5800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d34qb8suadcc4g.cloudfront.net/sp-2.14.0.js
Requested by: Host: d34qb8suadcc4g.cloudfront.net
URL: https://d34qb8suadcc4g.cloudfront.net/ub.js?1618514266
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3a00:1d:11cf:5800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://aroma.seedcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 23:20:35 GMT
content-encoding: gzip
last-modified: Wed, 04 Nov 2020 01:35:32 GMT
server: AmazonS3
age: 29153018
etag: "73de733c308b8b5e44d2a6242dc4bd99"
x-cache: Hit from cloudfront
x-amz-version-id: rVTqklA1qqyT_0VdOCY323BKPISR0uej
via: 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: application/javascript
content-length: 30399
x-amz-cf-id: zrciGE9YgvvBadEZL-B7lHY-L1R1ZMeTMcS_dCX-vHcfhHMA7vpOcA==

GET
BLOB 200
OK f7794bb3-0b05-4792-ae4a-d92e92908ed6
http://aroma.seedcompany.com/ 5 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://aroma.seedcompany.com/f7794bb3-0b05-4792-ae4a-d92e92908ed6
Requested by: Host: builder-assets.unbounce.com
URL: http://builder-assets.unbounce.com/published-js/main.bundle-5c6e41c.z.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9c29517d31f5827419cfb4f4ff8cd13b478ec5345cfbb24e4f02072c723a87e7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://aroma.seedcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Length: 5603
Content-Type: text/css

GET
H2 200 css
fonts.googleapis.com/ 9 KB
1 KB 40ms
16ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:regular%7CMontserrat:regular,100,100italic,700

Requested by

Host: builder-assets.unbounce.com
URL: http://builder-assets.unbounce.com/published-js/main.bundle-5c6e41c.z.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

88b404517e2a4842e01f814886fc886e4b2a2b17faea56ec6dba01ab7a98689d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://aroma.seedcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 05 Feb 2022 09:24:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 05 Feb 2022 09:24:12 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 05 Feb 2022 09:24:12 GMT

GET
H/1.1 200
OK bbebbf30-prayforzeroguide2020-cover_108i0au08f0au001000028.png
d9hhrg4mnvzow.cloudfront.net/aroma.seedcompany.com/ 51 KB
52 KB 459ms
452ms Image
image/png 143.204.214.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://d9hhrg4mnvzow.cloudfront.net/aroma.seedcompany.com/bbebbf30-prayforzeroguide2020-cover_108i0au08f0au001000028.png
Requested by: Host: aroma.seedcompany.com
URL: http://aroma.seedcompany.com/
Protocol: HTTP/1.1
Server: 143.204.214.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-7.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 764cf626d0cf127d45d28fdb7750cfb268f3a248b04eba79d586e76ee904b446

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://aroma.seedcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sat, 05 Feb 2022 09:24:13 GMT
Via: 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
Last-Modified: Fri, 05 Feb 2021 17:12:39 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA53-C1
ETag: "f18ac835f66a458323bc0d93ab7f6796"
X-Cache: Miss from cloudfront
x-amz-version-id: cRyP0LGfvsmGrSVnqQKyWWNZvrwtAL9N
Cache-Control: max-age=31557600
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 52370
X-Amz-Cf-Id: PCulw-uLOjYtGvqFENUNQKHAqUl8f-nfuBb7-Y0Dy5fpW_F1YQ39wg==

GET
H/1.1 200
OK 8040bfa2-noun-brain-401581_105l05k000000000000028.png
d9hhrg4mnvzow.cloudfront.net/aroma.seedcompany.com/ 2 KB
3 KB 461ms
454ms Image
image/png 143.204.214.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://d9hhrg4mnvzow.cloudfront.net/aroma.seedcompany.com/8040bfa2-noun-brain-401581_105l05k000000000000028.png
Requested by: Host: aroma.seedcompany.com
URL: http://aroma.seedcompany.com/
Protocol: HTTP/1.1
Server: 143.204.214.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-7.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 03276f2f9c8e93b7e1a450189f123b6f873692974eea8eb4cdf8b02d58771607

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://aroma.seedcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sat, 05 Feb 2022 09:24:13 GMT
Via: 1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
Last-Modified: Fri, 05 Feb 2021 17:12:39 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA53-C1
ETag: "65c9d37eca740d1efe6961c9ea50e390"
X-Cache: Miss from cloudfront
x-amz-version-id: DLYSFxVNCHiCLtDoywIozrx5AC_WbQag
Cache-Control: max-age=31557600
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 2137
X-Amz-Cf-Id: zWoBYh7mzn4jkBJYDVZ2ANTEgdeqMIG7_KLKx8Ybk43EE3q_asKhZg==

GET
H/1.1 200
OK f344566f-noun-connect-2766337_105k05k000000000000028.png
d9hhrg4mnvzow.cloudfront.net/aroma.seedcompany.com/ 2 KB
3 KB 460ms
452ms Image
image/png 143.204.214.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://d9hhrg4mnvzow.cloudfront.net/aroma.seedcompany.com/f344566f-noun-connect-2766337_105k05k000000000000028.png
Requested by: Host: aroma.seedcompany.com
URL: http://aroma.seedcompany.com/
Protocol: HTTP/1.1
Server: 143.204.214.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-7.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a7d9d2c6e86e736858efb0a042841eda3dc410746dc83ea71bf26a3a8088aff9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://aroma.seedcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sat, 05 Feb 2022 09:24:13 GMT
Via: 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
Last-Modified: Fri, 05 Feb 2021 17:12:39 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA53-C1
ETag: "c76e55d5657731f0c90d389f0b232220"
X-Cache: Miss from cloudfront
x-amz-version-id: fwjGcJvOqwu21hZsgl6Sg8PtgAH.TmvO
Cache-Control: max-age=31557600
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 2024
X-Amz-Cf-Id: pS78MUOtVITWj0T67HQLCeG115BLa9iIcfyCM3BHYr6iyH1i7m_s9A==

GET
H/1.1 200
OK 5ee2c7d5-noun-celebrate-938020_105k05j000000000000028.png
d9hhrg4mnvzow.cloudfront.net/aroma.seedcompany.com/ 1 KB
2 KB 463ms
456ms Image
image/png 143.204.214.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://d9hhrg4mnvzow.cloudfront.net/aroma.seedcompany.com/5ee2c7d5-noun-celebrate-938020_105k05j000000000000028.png
Requested by: Host: aroma.seedcompany.com
URL: http://aroma.seedcompany.com/
Protocol: HTTP/1.1
Server: 143.204.214.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-7.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9b7aff6b77117ceaf1b3df0d1c2a0d34c277adda9da4c2a88ba5c8ffef1ce9d9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://aroma.seedcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sat, 05 Feb 2022 09:24:13 GMT
Via: 1.1 8b5bc0831e6dab612582614c3009efa6.cloudfront.net (CloudFront)
Last-Modified: Fri, 05 Feb 2021 17:12:39 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA53-C1
ETag: "f9ba86905d966be98f8a05f614856d5c"
X-Cache: Miss from cloudfront
x-amz-version-id: HOCO4c4Pvao3JHnan07GcMeqqF2ppFt2
Cache-Control: max-age=31557600
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 1532
X-Amz-Cf-Id: ti0nD4XzUcx8V-XPywthX-LsY8QbMP5MluMBBmoZkw0AGM3l-GDntw==

GET
H/1.1 200
OK 9490e5a8-seed-company-logo-white_1062015000000000000028.png
d9hhrg4mnvzow.cloudfront.net/aroma.seedcompany.com/ 2 KB
2 KB 460ms
460ms Image
image/png 143.204.214.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://d9hhrg4mnvzow.cloudfront.net/aroma.seedcompany.com/9490e5a8-seed-company-logo-white_1062015000000000000028.png
Requested by: Host: aroma.seedcompany.com
URL: http://aroma.seedcompany.com/
Protocol: HTTP/1.1
Server: 143.204.214.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-7.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bb9f1d6b550b5b2468a7a0671bd30e5f702496fb2c9278e869f36349bcfc3d6e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://aroma.seedcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sat, 05 Feb 2022 09:24:13 GMT
Via: 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
Last-Modified: Fri, 05 Feb 2021 17:12:39 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA53-C1
ETag: "77e1e328ffe6c7d08d556a6d01fc5351"
X-Cache: Miss from cloudfront
x-amz-version-id: At0UoAps3YCWFPeVg5aJozSk11gQLoZN
Cache-Control: max-age=31557600
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 1802
X-Amz-Cf-Id: h3TLOY1_Yg3c40_2I6B8bGNZkwqk6o10T2bLnC3s3Pf3ZO3Czo-eig==

GET
H/1.1 200
OK i
events.ub-analytics.com/ 43 B
343 B 206ms
94ms Image
image/gif 52.21.234.110
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://events.ub-analytics.com/i?stm=1644053052211&e=pv&url=http%3A%2F%2Faroma.seedcompany.com%2F&page=Aroma%20Prayer&tv=js-2.14.0&tna=sp-ub&aid=landing_page&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&eid=d102c1dd-763f-4e69-99df-c55b4fa7b115&dtm=1644053052210&vp=1600x1200&ds=1600x2943&vid=1&sid=e2746e29-94a0-484b-bdb1-5ba8c6d6ce01&duid=364c5120-0ffd-4a9b-b779-9492157a478a&uid=8322f21b-9412-4648-be16-2c780997fe50&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoianNfdHJhY2tlcl9jb250ZXh0X3YxLjEuanNvbiIsImRhdGEiOnsicGFnZUlkIjoiZDMzNjViMDUtOTIxYS00ZDhmLTlkYjYtMmM2MGZiNjQwZjY2IiwidmFyaWFudElkIjoiYiIsImV2ZW50VHlwZSI6InZpc2l0IiwiZXZlbnRNZXRhZGF0YSI6W10sInJvdXRpbmdTdHJhdGVneSI6IndlaWdodGVkIn19XX0
Requested by: Host: aroma.seedcompany.com
URL: http://aroma.seedcompany.com/
Protocol: HTTP/1.1
Server: 52.21.234.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-234-110.compute-1.amazonaws.com
Software: akka-http/10.0.9 /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://aroma.seedcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sat, 05 Feb 2022 09:24:12 GMT
Server: akka-http/10.0.9
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
212 B 15ms
14ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1018947153&t=pageview&_s=1&dl=http%3A%2F%2Faroma.seedcompany.com%2F&dp=%2Fb&ul=en-us&de=UTF-8&dt=Aroma%20Prayer&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=293687712&gjid=1539359213&cid=1920564580.1644053052&tid=UA-108415468-6&_gid=1713622629.1644053052&_r=1&_slc=1&z=1032959599

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://aroma.seedcompany.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 09:24:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://aroma.seedcompany.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
445 B 99ms
36ms XHR
text/plain 2a00:1450:400c:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-108415468-6&cid=1920564580.1644053052&jid=293687712&gjid=1539359213&_gid=1713622629.1644053052&_u=IEBAAEAAAAAAAC~&z=928709882

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://aroma.seedcompany.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 05 Feb 2022 09:24:12 GMT
content-type: text/plain
access-control-allow-origin: http://aroma.seedcompany.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 www-player-webp.css
www.youtube.com/s/player/0cd11746/ Frame D68D 341 KB
47 KB 25ms
10ms Stylesheet
text/css 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/0cd11746/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/RDq88JEbv6U

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c13dadae2e9def300c7bdddb2aad15c4dc23128558e90334ddefa00fc181f47b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/RDq88JEbv6U
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 07:33:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6623
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47735
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 01:18:07 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 05 Feb 2023 07:33:49 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/0cd11746/www-embed-player.vflset/ Frame D68D 273 KB
84 KB 23ms
8ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/0cd11746/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/RDq88JEbv6U

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63ef265ba04cf38d04a6823bdd535b004b2495c8a5f761bdece6c8ee6d493759

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/RDq88JEbv6U
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 16:00:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 149029
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 85894
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 01:18:07 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 03 Feb 2023 16:00:23 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/0cd11746/player_ias.vflset/de_DE/ Frame D68D 2 MB
535 KB 32ms
17ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/0cd11746/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/RDq88JEbv6U

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29d9447c90e6c9c74c6d01fdec5d9d1f2890eae36e3fac469aa59ca2b5c790ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/RDq88JEbv6U
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 16:00:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 149035
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 547581
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 01:18:07 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 03 Feb 2023 16:00:17 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/0cd11746/fetch-polyfill.vflset/ Frame D68D 8 KB
3 KB 33ms
19ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/0cd11746/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/RDq88JEbv6U

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/RDq88JEbv6U
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 16:00:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 149029
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2830
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 01:18:07 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 03 Feb 2023 16:00:23 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame D68D 15 KB
15 KB 52ms
24ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/RDq88JEbv6U

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 17:06:41 GMT
x-content-type-options: nosniff
age: 317851
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 01 Feb 2023 17:06:41 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v27/ 16 KB
16 KB 42ms
15ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:regular%7CMontserrat:regular,100,100italic,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cce577471c2586f3e0c2518fff84a970d33f61491fb8c629341b86f238cf07c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://aroma.seedcompany.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 09:52:04 GMT
x-content-type-options: nosniff
age: 84728
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16692
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:32:10 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 04 Feb 2023 09:52:04 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v23/ 30 KB
31 KB 34ms
8ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v23/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:regular%7CMontserrat:regular,100,100italic,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://aroma.seedcompany.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 02:06:50 GMT
x-content-type-options: nosniff
age: 199042
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30876
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 00:11:59 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 03 Feb 2023 02:06:50 GMT

GET
H2 200 JTUFjIg1_i6t8kCHKm459Wx7xQYXK0vOoz6jq6R8WXh0pg.woff2
fonts.gstatic.com/s/montserrat/v23/ 12 KB
12 KB 50ms
24ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v23/JTUFjIg1_i6t8kCHKm459Wx7xQYXK0vOoz6jq6R8WXh0pg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:regular%7CMontserrat:regular,100,100italic,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fca7f08ac437136a4d8a9beab2bffa6ff7de4bfd94ad7a54a8b6eb90cbf4cd22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://aroma.seedcompany.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 03:42:55 GMT
x-content-type-options: nosniff
age: 193277
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11920
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 00:12:08 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 03 Feb 2023 03:42:55 GMT

GET
H/1.1 200
OK 18b85536-6018-404d-970f-3aedacc045a1.js Show response
epiphany.masterworks.com/containers/ 247 KB
66 KB 572ms
103ms Script
application/javascript 2a01:111:f100:2000::a83e:30c1
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: http://epiphany.masterworks.com/containers/18b85536-6018-404d-970f-3aedacc045a1.js
Requested by: Host: aroma.seedcompany.com
URL: http://aroma.seedcompany.com/
Protocol: HTTP/1.1
Server: 2a01:111:f100:2000::a83e:30c1 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 6ea4aa830801ed397769e676a1284ed1d5109dcd6c5d9f3979975559f1db4f1c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://aroma.seedcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 09:24:12 GMT
content-encoding: gzip
vary: Accept-Encoding, Accept-Encoding, Cookie
cache-control: public, must-revalidate, max-age=360
x-robots-tag: none
transfer-encoding: chunked
content-type: application/javascript; charset=utf-8

GET
H2 200 56675688.js Show response
extend.vimeocdn.com/ga/ 17 KB
6 KB 49ms
6ms Script
text/javascript 151.101.14.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://extend.vimeocdn.com/ga/56675688.js
Requested by: Host: www.googletagmanager.com
URL: http://www.googletagmanager.com/gtm.js?id=GTM-MGXTKBN
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: b2b2ad1d953b1341442dca10555ebf44343c74fa9755492be52bf521f61dab11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://aroma.seedcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 09:24:12 GMT
content-encoding: gzip
age: 50399295
x-cache: HIT
x-cache-hits: 323117
content-length: 5672
x-served-by: cache-fra19154-FRA
x-vimeo-dc: ge
last-modified: Mon, 29 Jun 2020 23:08:13 GMT
server: Apache
x-timer: S1644053052.316658,VS0,VE0
etag: "43cc-5a94122101140"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 30 Jun 2030 01:35:50 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 56ms
32ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-108415468-6&cid=1920564580.1644053052&jid=293687712&_u=IEBAAEAAAAAAAC~&z=1760438280

Requested by

Host: aroma.seedcompany.com
URL: http://aroma.seedcompany.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://aroma.seedcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 09:24:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 54ms
30ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-108415468-6&cid=1920564580.1644053052&jid=293687712&_u=IEBAAEAAAAAAAC~&z=1760438280

Requested by

Host: aroma.seedcompany.com
URL: http://aroma.seedcompany.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://aroma.seedcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 09:24:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame D68D
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

30ms
15ms

XHR
application/json

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/RDq88JEbv6U

Protocol

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b481d037674c025976cb1072bcc8eb0eb84d0d56fc6cf4975a7caee62566ff9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 09:24:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 05 Feb 2022 09:24:12 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame D68D 29 B
587 B 43ms
7ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0cd11746/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 09:18:50 GMT
x-content-type-options: nosniff
age: 322
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 05 Feb 2022 09:33:50 GMT

GET
H3 200 remote.js Show response
www.youtube.com/s/player/0cd11746/player_ias.vflset/de_DE/ Frame D68D 97 KB
30 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/0cd11746/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0cd11746/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab87e52955287d3ffa1abca259d9303ef67af9129aec71659447e64f9abf2c7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/RDq88JEbv6U
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 16:00:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 149035
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30787
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 01:18:07 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 03 Feb 2023 16:00:17 GMT

GET
H3 200 cO59X2DxNYL4vvKEGehIiQOU9ahpG5-d3QbKaZOglVQ.js Show response
www.google.com/js/th/ Frame D68D 35 KB
13 KB 25ms
7ms Script
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/cO59X2DxNYL4vvKEGehIiQOU9ahpG5-d3QbKaZOglVQ.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0cd11746/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70ee7d5f60f13582f8bef28419e848890394f5a8691b9f9ddd06ca6993a09554

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 12:45:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74339
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13653
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 15:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 Feb 2023 12:45:13 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/0cd11746/player_ias.vflset/de_DE/ Frame D68D 26 KB
7 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/0cd11746/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0cd11746/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2c8e978634f01b644c437241c8c89c5cb9b21d70675694da3c4abde318c35aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/RDq88JEbv6U
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 16:00:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 149019
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7614
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 01:18:07 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 03 Feb 2023 16:00:33 GMT

GET
DATA 200
OK truncated
/ Frame D68D 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AKedOLTQnpvuCMgC1E7BnctWlza8C9FBQ8PV0sRSqtYRMQ=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame D68D 3 KB
3 KB 44ms
20ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLTQnpvuCMgC1E7BnctWlza8C9FBQ8PV0sRSqtYRMQ=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/RDq88JEbv6U

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

546df519650ccd1c9afda3d5e218295ff5d32516714d7b9bd7977ea4b1fc6238

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 09:24:12 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3065
x-xss-protection: 0
server: fife
etag: "v615"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 01 Feb 2022 18:21:02 GMT

GET
H2 200 sddefault.webp
i.ytimg.com/vi_webp/RDq88JEbv6U/ Frame D68D 18 KB
18 KB 117ms
87ms Image
image/webp 2a00:1450:4001:808::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/RDq88JEbv6U/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/RDq88JEbv6U

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9c424bf162a6f138653e75580c05817dcd922e263d295530294d14243f053f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 09:24:12 GMT
x-content-type-options: nosniff
server: sffe
etag: "1612539839"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17954
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 05 Feb 2022 11:24:12 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame D68D 4 KB
3 KB 74ms
52ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0cd11746/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 09:24:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 05 Feb 2022 09:24:12 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame D68D 0
9 B 7ms
7ms Image
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?uQgzew
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/RDq88JEbv6U
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/RDq88JEbv6U
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 09:24:12 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2

200

j.php Show response
dev.visualwebsiteoptimizer.com/
Redirect Chain

http://dev.visualwebsiteoptimizer.com/j.php?a=385707&u=http%3A%2F%2Faroma.seedcompany.com%2F&r=0.10792816906320502
https://dev.visualwebsiteoptimizer.com/j.php?a=385707&u=http%3A%2F%2Faroma.seedcompany.com%2F&r=0.10792816906320502

3 KB
1 KB

26ms
9ms

Script
application/javascript

34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/j.php?a=385707&u=http%3A%2F%2Faroma.seedcompany.com%2F&r=0.10792816906320502
Requested by: Host: aroma.seedcompany.com
URL: http://aroma.seedcompany.com/
Protocol: H2
Server: 34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 39c9ed972792fe55ce5f8f5e08777432e9661c50aa3b48cb3105a1d6ba152bb9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://aroma.seedcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 05 Feb 2022 09:24:12 GMT
via: 1.1 google
server: gfra1
content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type: application/javascript; charset=UTF-8

Redirect headers

Location: https://dev.visualwebsiteoptimizer.com/j.php?a=385707&u=http%3A%2F%2Faroma.seedcompany.com%2F&r=0.10792816906320502
Date: Sat, 05 Feb 2022 09:24:13 GMT
Via: 1.1 google
server: gfra1
Timing-Allow-Origin: *
Content-Length: 166
Content-Type: text/html

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
26 KB 25ms
8ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: aroma.seedcompany.com
URL: http://aroma.seedcompany.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://aroma.seedcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 26236
x-xss-protection: 0
pragma: public
x-fb-debug: +XJ5x8HYB+0nlgb0VhwYYo07X0otJoajRikZPxn8PKZ4rkO6dxrd2uWy+SrCeBRwFO4GppKyO00eWxlqEeHq4g==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Sat, 05 Feb 2022 09:24:13 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/
Redirect Chain

https://a2.adform.net/serving/scripts/trackpoint/async/
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

81 KB
29 KB

88ms
19ms

Script
application/x-javascript

37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: aroma.seedcompany.com
URL: http://aroma.seedcompany.com/
Protocol: H2
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: ee94251fea8b03da5d0dc6f8489a529c1a2d2a031d874b0ec61866784e3c73c3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://aroma.seedcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 09:24:13 GMT
content-encoding: gzip
last-modified: Wed, 26 Jan 2022 14:10:54 GMT
server: nginx
etag: W/"61f1566e-14282"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

Redirect headers

location: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
date: Sat, 05 Feb 2022 09:24:13 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/html

GET
H/1.1 200
OK ppms.js Show response
epiphany.masterworks.com/ 72 KB
24 KB 95ms
95ms Script
application/javascript 2a01:111:f100:2000::a83e:30c1
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

http://epiphany.masterworks.com/ppms.js

Requested by

Host: aroma.seedcompany.com
URL: http://aroma.seedcompany.com/

Protocol

HTTP/1.1

Server

2a01:111:f100:2000::a83e:30c1 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2c3a87f9593e6086a09449e1893bf11d0f02c5aa5115513799b7d58522289c0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://aroma.seedcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 09:24:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 19 Jan 2022 20:16:05 GMT
etag: W/"61e87185-11ece"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=21600
transfer-encoding: chunked
expires: Sat, 05 Feb 2022 15:24:13 GMT

GET
H2 200 audience-manager.api.min.js Show response
epiphany.masterworks.com/audiences/static/widget/ 26 KB
11 KB 293ms
97ms Script
application/javascript 2a01:111:f100:2000::a83e:30c1
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://epiphany.masterworks.com/audiences/static/widget/audience-manager.api.min.js
Requested by: Host: aroma.seedcompany.com
URL: http://aroma.seedcompany.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:111:f100:2000::a83e:30c1 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 743d35adf85f34d2841882d200572d89fb8ad5cb211efd6467bbfae1a1702b3f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://aroma.seedcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 09:24:13 GMT
content-encoding: gzip
last-modified: Mon, 05 Jul 2021 08:52:46 GMT
etag: W/"60e2c85e-690a"
content-type: application/javascript

GET
H3 200 1968214746757738 Show response
connect.facebook.net/signals/config/ 308 KB
87 KB 130ms
120ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1968214746757738?v=2.9.52&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bfa8c0136ddef0908c2d8b7cf9ab7c6874d8f8797431e03b56beaf0db470c79b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://aroma.seedcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: rIlCj/GhRkL63Ihx7mEN37Nuhk15bKoFvqeKX1AjNYUfoSDoJ/DmHOZnyeQef36Jg5Qe+SBTFUDC5/t0h9ECuA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sat, 05 Feb 2022 09:24:13 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 v.gif
dev.visualwebsiteoptimizer.com/ 35 B
52 B 106ms
97ms Image
image/gif 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=385707&d=aroma.seedcompany.com&u=D040DC122357332E9B792CDAFE6761967&h=33a0c271526bb956ae27db389269a6ac&t=false&r=0.14239719811315843

Requested by

Host: aroma.seedcompany.com
URL: http://aroma.seedcompany.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv1c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://aroma.seedcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 09:24:12 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv1c
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

GET
H/1.1 200
OK ppms.php
epiphany.masterworks.com/ 43 B
163 B 226ms
226ms Image
image/gif 2a01:111:f100:2000::a83e:30c1
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://epiphany.masterworks.com/ppms.php?action_name=Aroma%20Prayer&idsite=18b85536-6018-404d-970f-3aedacc045a1&rec=1&r=784158&h=9&m=24&s=13&url=http%3A%2F%2Faroma.seedcompany.com%2F&_id=5b7cf9f93fc872fd&_idts=1644053053&_idvc=1&_idn=0&_viewts=1644053053&send_image=1&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&dimension1=&dimension2=&dimension5=&gt_ms=16&pv_id=ydk46I
Requested by: Host: aroma.seedcompany.com
URL: http://aroma.seedcompany.com/
Protocol: HTTP/1.1
Server: 2a01:111:f100:2000::a83e:30c1 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://aroma.seedcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 09:24:13 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H3 200 734814240055581 Show response
connect.facebook.net/signals/config/ 308 KB
87 KB 53ms
53ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/734814240055581?v=2.9.52&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

dfe9b2f2c929f5f9bd001231d5d48876c010638ab5b5059057ea5fb6a3639f66

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://aroma.seedcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: 1WQbyWRhd6T5KHqa+OGZcmUzxkRK3hh6MBl5W8NsQmRqsEvqeWCV6/Yu6EizVYH9Ktry4WH6Yf0CFpzltTTypg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sat, 05 Feb 2022 09:24:13 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
295 B 26ms
8ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1968214746757738&ev=PageView&dl=http%3A%2F%2Faroma.seedcompany.com%2F&rl=&if=false&ts=1644053053365&sw=1600&sh=1200&v=2.9.52&r=stable&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%222359868184282499%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22USD%22%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%222472626922803097%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&fbp=fb.1.1644053053364.186805187&it=1644053053123&coo=false&exp=p1&rqm=GET

Requested by

Host: aroma.seedcompany.com
URL: http://aroma.seedcompany.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://aroma.seedcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 09:24:13 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Sat, 05 Feb 2022 09:24:13 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 26ms
9ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=734814240055581&ev=PageView&dl=http%3A%2F%2Faroma.seedcompany.com%2F&rl=&if=false&ts=1644053053366&sw=1600&sh=1200&v=2.9.52&r=stable&ec=0&o=30&fbp=fb.1.1644053053364.186805187&it=1644053053123&coo=false&exp=p1&rqm=GET

Requested by

Host: aroma.seedcompany.com
URL: http://aroma.seedcompany.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://aroma.seedcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 09:24:13 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Sat, 05 Feb 2022 09:24:13 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 26ms
9ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1968214746757738&ev=ViewContent&dl=http%3A%2F%2Faroma.seedcompany.com%2F&rl=&if=false&ts=1644053053367&sw=1600&sh=1200&v=2.9.52&r=stable&ec=1&o=30&fbp=fb.1.1644053053364.186805187&it=1644053053123&coo=false&exp=p1&rqm=GET

Requested by

Host: aroma.seedcompany.com
URL: http://aroma.seedcompany.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://aroma.seedcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 09:24:13 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Sat, 05 Feb 2022 09:24:13 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 27ms
10ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=734814240055581&ev=ViewContent&dl=http%3A%2F%2Faroma.seedcompany.com%2F&rl=&if=false&ts=1644053053368&sw=1600&sh=1200&v=2.9.52&r=stable&ec=1&o=30&fbp=fb.1.1644053053364.186805187&it=1644053053123&coo=false&exp=p1&rqm=GET

Requested by

Host: aroma.seedcompany.com
URL: http://aroma.seedcompany.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://aroma.seedcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 09:24:13 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Sat, 05 Feb 2022 09:24:13 GMT

GET
H2

200

/ Show response
a2.adform.net/Serving/TrackPoint/
Redirect Chain

https://a2.adform.net/Serving/TrackPoint/?pm=1149425&ADFdivider=%7C&ord=311680429992&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=e30&loc=http%3A%2F%2Faroma.seedcompany.com%2F
https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=1149425&ADFdivider=%7C&ord=311680429992&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=e30&loc=http%3A%2F%2Faroma.seedcompany.com%2F

843 B
1 KB

275ms
274ms

Script
text/javascript

185.167.164.51
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=1149425&ADFdivider=%7C&ord=311680429992&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=e30&loc=http%3A%2F%2Faroma.seedcompany.com%2F

Requested by

Host: aroma.seedcompany.com
URL: http://aroma.seedcompany.com/

Protocol

Server

185.167.164.51 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

6eb241301c7b39a1b09cacb76003349cc4a07bb8564b6ce1f341ca901beec04d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://aroma.seedcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 09:24:14 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 682
expires: -1

Redirect headers

pragma: no-cache
date: Sat, 05 Feb 2022 09:24:13 GMT
server: nginx
location: https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=1149425&ADFdivider=%7C&ord=311680429992&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=e30&loc=http%3A%2F%2Faroma.seedcompany.com%2F
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: text/html; charset=utf-8
expires: -1

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 18ms
8ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1968214746757738&ev=Microdata&dl=http%3A%2F%2Faroma.seedcompany.com%2F&rl=&if=false&ts=1644053053868&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Aroma%20Prayer%22%2C%22meta%3Akeywords%22%3A%22Seed%20Company%2C%20Pray%20for%20Zero%22%2C%22meta%3Adescription%22%3A%22Monthly%20webcasts%20to%20fuel%20your%20prayers%20for%20the%20Bibleless.%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Aroma%20Prayer%20Webcast%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fgo.seedcompany.com%2Faroma%2F%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fgallery.mailchimp.com%2F9747aaed806a398f98dee7604%2Fimages%2Fd4a330ac-a11f-427d-95f5-c44020e1bc9e.jpg%22%2C%22og%3Aimage%3Awidth%22%3A%222500%22%2C%22og%3Aimage%3Aheight%22%3A%221667%22%2C%22og%3Adescription%22%3A%22Monthly%20webcasts%20to%20Fuel%20Your%20Prayers%20for%20the%20Bibleless!%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.52&r=stable&ec=2&o=30&fbp=fb.1.1644053053364.186805187&it=1644053053123&coo=false&es=automatic&tm=3&exp=p1&rqm=GET

Requested by

Host: aroma.seedcompany.com
URL: http://aroma.seedcompany.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://aroma.seedcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 09:24:13 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Sat, 05 Feb 2022 09:24:13 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 17ms
8ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=734814240055581&ev=Microdata&dl=http%3A%2F%2Faroma.seedcompany.com%2F&rl=&if=false&ts=1644053053869&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Aroma%20Prayer%22%2C%22meta%3Akeywords%22%3A%22Seed%20Company%2C%20Pray%20for%20Zero%22%2C%22meta%3Adescription%22%3A%22Monthly%20webcasts%20to%20fuel%20your%20prayers%20for%20the%20Bibleless.%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Aroma%20Prayer%20Webcast%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fgo.seedcompany.com%2Faroma%2F%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fgallery.mailchimp.com%2F9747aaed806a398f98dee7604%2Fimages%2Fd4a330ac-a11f-427d-95f5-c44020e1bc9e.jpg%22%2C%22og%3Aimage%3Awidth%22%3A%222500%22%2C%22og%3Aimage%3Aheight%22%3A%221667%22%2C%22og%3Adescription%22%3A%22Monthly%20webcasts%20to%20Fuel%20Your%20Prayers%20for%20the%20Bibleless!%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.52&r=stable&ec=2&o=30&fbp=fb.1.1644053053364.186805187&it=1644053053123&coo=false&es=automatic&tm=3&exp=p1&rqm=GET

Requested by

Host: aroma.seedcompany.com
URL: http://aroma.seedcompany.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://aroma.seedcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 09:24:13 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Sat, 05 Feb 2022 09:24:13 GMT

GET
H2 200 pixels Show response
c1.adform.net/imatch/ Frame 3AD8 5 KB
2 KB 70ms
21ms Document
text/html 37.157.3.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/imatch/pixels?uid=1722494121027241842&agencyId=5212&advertiserId=237778&src=tp&rnd=767937

Requested by

Host: a2.adform.net
URL: https://a2.adform.net/Serving/TrackPoint/?pm=1149425&ADFdivider=%7C&ord=311680429992&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=e30&loc=http%3A%2F%2Faroma.seedcompany.com%2F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

cdd6a002145857bdd1a96bfcb7de008932a9a2ad1b99c0e12b820400bbcc35d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://aroma.seedcompany.com/

Response headers

server: nginx
date: Sat, 05 Feb 2022 09:24:14 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip

GET
H2 200 /
a1.seadform.net/serving/cookie/sync/ 35 B
343 B 97ms
19ms Image
image/gif 37.157.2.238
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a1.seadform.net/serving/cookie/sync/?uid=1722494121027241842&stamp=Sk0fzUwYFPMDvP-67D9Y4w2

Requested by

Host: aroma.seedcompany.com
URL: http://aroma.seedcompany.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://aroma.seedcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 05 Feb 2022 09:24:14 GMT
cache-control: private
server: nginx
content-type: image/gif
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"

GET
H2 200 plf
c1.adform.net/imatch/ Frame 3AD8 0
261 B 20ms
19ms Image
text/plain 37.157.3.29
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plff

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1722494121027241842&agencyId=5212&advertiserId=237778&src=tp&rnd=767937

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=1722494121027241842&agencyId=5212&advertiserId=237778&src=tp&rnd=767937
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 09:24:14 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame 3AD8
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=1722494121027241842&Expiration=1645262654
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=1722494121027241842&Expiration=1645262654

43 B
423 B

32ms
31ms

Image
image/gif

3.251.21.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=1722494121027241842&Expiration=1645262654
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1722494121027241842&agencyId=5212&advertiserId=237778&src=tp&rnd=767937
Protocol: H2
Server: 3.251.21.8 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-251-21-8.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 05 Feb 2022 09:24:14 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=1722494121027241842&Expiration=1645262654
date: Sat, 05 Feb 2022 09:24:14 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame 3AD8 0
522 B 40ms
15ms Image
text/plain 104.111.218.85
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dt_id=4879&ext_id=1722494121027241842

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1722494121027241842&agencyId=5212&advertiserId=237778&src=tp&rnd=767937

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.218.85 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-218-85.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 05 Feb 2022 09:24:14 GMT
x-content-type-options: nosniff
x-frame-options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-application-context: application
Expires: Fri, 04 Feb 2022 09:24:14 GMT

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame 3AD8 0
214 B 50ms
8ms Image
text/plain 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=5253&puid=1722494121027241842
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1722494121027241842&agencyId=5212&advertiserId=237778&src=tp&rnd=767937
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 3AD8
Redirect Chain

https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=1722494121027241842&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__
https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=1722494121027241842&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__&nut&uu=3b63a80a098f48e19...
https://c1.adform.net/serving/cookie/match?party=9&uid=642d6c10f750102350a8109fac6d38663a6b1150da875b5fad05598e49425174

35 B
467 B

21ms
21ms

Image
image/gif

37.157.3.29
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=9&uid=642d6c10f750102350a8109fac6d38663a6b1150da875b5fad05598e49425174

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1722494121027241842&agencyId=5212&advertiserId=237778&src=tp&rnd=767937

Protocol

Server

37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 09:24:14 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

location: https://c1.adform.net/serving/cookie/match?party=9&uid=642d6c10f750102350a8109fac6d38663a6b1150da875b5fad05598e49425174
date: Sat, 05 Feb 2022 09:24:14 GMT
content-length: 0
p3p: CP=NOI PSA OUR

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 3AD8 43 B
163 B 64ms
16ms Image
image/gif 185.86.137.132
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=22&partneruserid=1722494121027241842&redirurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d10%26cid%3DSMART_USER_ID
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1722494121027241842&agencyId=5212&advertiserId=237778&src=tp&rnd=767937
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.132 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 09:24:14 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55944/ Frame 3AD8
Redirect Chain

https://pixel.advertising.com/ups/55944/sync?uid=1722494121027241842&_origin=1
https://pixel.advertising.com/ups/55944/sync?uid=1722494121027241842&_origin=1&verify=true
https://ups.analytics.yahoo.com/ups/55944/sync?uid=1722494121027241842&_origin=1&apid=UP626556a5-8665-11ec-9efb-02f57c87c92e
https://ups.analytics.yahoo.com/ups/55944/sync?uid=1722494121027241842&_origin=1&apid=UP626556a5-8665-11ec-9efb-02f57c87c92e&verify=true

0
122 B

12ms
12ms

Image
text/plain

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55944/sync?uid=1722494121027241842&_origin=1&apid=UP626556a5-8665-11ec-9efb-02f57c87c92e&verify=true

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1722494121027241842&agencyId=5212&advertiserId=237778&src=tp&rnd=767937

Protocol

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.0.33 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 09:24:14 GMT
server: ATS/9.1.0.33
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/55944/sync?uid=1722494121027241842&_origin=1&apid=UP626556a5-8665-11ec-9efb-02f57c87c92e&verify=true
date: Sat, 05 Feb 2022 09:24:14 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200
OK user-registering
ads.stickyadstv.com/ Frame 3AD8 43 B
712 B 85ms
17ms Image
image/gif 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=1722494121027241842
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1722494121027241842&agencyId=5212&advertiserId=237778&src=tp&rnd=767937
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 05 Feb 2022 09:24:14 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
x-sticky-vk: 1644053054119077-370
Expires: Sat, 05 Feb 2022 09:24:14 GMT

GET
H2

200

usersync
rtb.gumgum.com/ Frame 3AD8
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=70&user_id=1722494121027241842
https://x.bidswitch.net/ul_cb/sync?dsp_id=70&user_id=1722494121027241842
https://rtb.gumgum.com/usersync?b=bsw&i=4211ffd3-4f0a-400e-94ab-78efabe97dad

35 B
209 B

103ms
33ms

Image
image/gif

52.30.114.170
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=bsw&i=4211ffd3-4f0a-400e-94ab-78efabe97dad
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1722494121027241842&agencyId=5212&advertiserId=237778&src=tp&rnd=767937
Protocol: H2
Server: 52.30.114.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-114-170.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 09:24:14 GMT
server: nginx
content-type: image/gif;charset=UTF-8
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Location: //rtb.gumgum.com/usersync?b=bsw&i=4211ffd3-4f0a-400e-94ab-78efabe97dad
Date: Sat, 05 Feb 2022 09:24:14 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 3AD8
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=1722494121027241842&expiration=1645262654
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=1722494121027241842&expiration=1645262654&C=1

43 B
1006 B

15ms
15ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=1722494121027241842&expiration=1645262654&C=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1722494121027241842&agencyId=5212&advertiserId=237778&src=tp&rnd=767937
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 05 Feb 2022 09:24:14 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 05 Feb 2022 09:24:14 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 05 Feb 2022 09:24:14 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=1722494121027241842&expiration=1645262654&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 309
Expires: Sat, 05 Feb 2022 09:24:14 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3AD8
Redirect Chain

https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=1722494121027241842&sInitiator=external
https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=1722494121027241842&sInitiator=external
https://pixel.mathtag.com/sync/img?mt_exid=10041&gdpr=&gdpr_consent=&redir=https%3A%2F%2Fuipglob.semasio.net%2Fmediamath%2F1%2Finfo%3FsType%3Dsync%26sExtCookieId%3D[MM_UUID]%26sInitiator%3Dinternal
https://uipglob.semasio.net/mediamath/1/info?sType=sync&sExtCookieId=294961fe-423d-4e00-be75-480e1796e9c6&sInitiator=internal&gdpr=&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=semasio&ttd_tpi=1&gdpr=&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=semasio&ttd_tpi=1&gdpr=&gdpr_consent=
https://uipglob.semasio.net/tradedesk/1/info?sType=sync&gdpr=1&gdpr_consent=&sInitiator=internal&sExtCookieId=dbc2e2f6-5512-4de8-9696-44153ec92b1c
https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=RTI3MTMzQzk0NDc5MEI5NQ&gdpr=1&gdpr_consent=

170 B
188 B

19ms
18ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=RTI3MTMzQzk0NDc5MEI5NQ&gdpr=1&gdpr_consent=

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1722494121027241842&agencyId=5212&advertiserId=237778&src=tp&rnd=767937

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 09:24:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 05 Feb 2022 09:24:10 GMT
frontend-id: 14
location: https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=RTI3MTMzQzk0NDc5MEI5NQ&gdpr=1&gdpr_consent=
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H/1.1 200
OK match
ps.eyeota.net/ Frame 3AD8 0
344 B 39ms
7ms Image
text/plain 3.125.70.222
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=1722494121027241842&bid=9gdtmu1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1722494121027241842&agencyId=5212&advertiserId=237778&src=tp&rnd=767937
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.125.70.222 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-125-70-222.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sat, 05 Feb 2022 09:24:14 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2

200

pixel.gif
load77.exelator.com/ Frame 3AD8
Redirect Chain

https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=1722494121027241842
https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=1722494121027241842&xl8blockcheck=1
https://load77.exelator.com/pixel.gif

43 B
334 B

48ms
6ms

Image
image/gif

2a02:6ea0:c700::4
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://load77.exelator.com/pixel.gif
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1722494121027241842&agencyId=5212&advertiserId=237778&src=tp&rnd=767937
Protocol: H2
Server: 2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-77-nzt: AcO1rzV48rL/ZgQFAA==
x-accel-expires: @1644761048
date: Sat, 05 Feb 2022 09:24:14 GMT
etag: "59f0c3fc-2b"
last-modified: Wed, 25 Oct 2017 17:03:56 GMT
server: CDN77-Turbo
x-77-nzt-ray: 6pQEGZq6aY4=
x-77-cache: HIT
content-type: image/gif
access-control-allow-origin: *
x-cache: HIT
x-age: 328806
accept-ranges: bytes
x-77-pop: frankfurtDE
content-length: 43

Redirect headers

date: Sat, 05 Feb 2022 09:24:14 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://load77.exelator.com/pixel.gif
cache-control: no-cache
access-control-allow-credentials: true
content-type: image/gif
content-length: 0

GET
H2 400 398366.gif
idsync.rlcdn.com/ Frame 3AD8 0
0 43ms
16ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/398366.gif?partner_uid=1722494121027241842
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1722494121027241842&agencyId=5212&advertiserId=237778&src=tp&rnd=767937
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2

200

tpid=1722494121027241842
sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/ Frame 3AD8
Redirect Chain

https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=1722494121027241842
https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=1722494121027241842

49 B
737 B

40ms
40ms

Image
image/gif

52.30.140.199
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=1722494121027241842
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1722494121027241842&agencyId=5212&advertiserId=237778&src=tp&rnd=767937
Protocol: H2
Server: 52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 09:24:14 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.20.223
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 05 Feb 2022 09:24:14 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=1722494121027241842
cache-control: no-cache
x-server: 10.45.3.210
content-length: 0
expires: 0

GET
H/1.1 200
OK 29729
tags.bluekai.com/site/ Frame 3AD8 62 B
304 B 192ms
155ms Image
image/gif 104.111.215.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/29729?id=1722494121027241842
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1722494121027241842&agencyId=5212&advertiserId=237778&src=tp&rnd=767937
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-191.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sat, 05 Feb 2022 09:24:14 GMT
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
Content-Type: image/gif

GET
H2 200 sd
eu-u.openx.net/w/1.0/ Frame 3AD8 43 B
274 B 39ms
18ms Image
image/gif 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1722494121027241842
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1722494121027241842&agencyId=5212&advertiserId=237778&src=tp&rnd=767937
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/17.1.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 09:24:14 GMT
via: 1.1 google
server: OXGW/17.1.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

pixel.gif
s3-eu-west-1.amazonaws.com/adality-cdn-content/ Frame 3AD8
Redirect Chain

https://api.adrtx.net/thirdparty/click?p=adfo
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif

35 B
390 B

141ms
41ms

Image
image/gif

52.218.26.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1722494121027241842&agencyId=5212&advertiserId=237778&src=tp&rnd=767937
Protocol: HTTP/1.1
Server: 52.218.26.147 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sat, 05 Feb 2022 09:24:15 GMT
Last-Modified: Thu, 29 Oct 2015 16:41:57 GMT
Server: AmazonS3
x-amz-request-id: 8SKQ0CVMCREAQ51W
ETag: "c2196de8ba412c60c22ab491af7b1409"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 35
x-amz-id-2: zOkOHgLvQy9ls9l5LWONRm4LkkjPlpHY22vrSd/jIUkvMlAtwgGjzbY3hRcW0GRg6FWCNHjIEQg=

Redirect headers

X-Error-Reason: Missing UserId
Date: Sat, 05 Feb 2022 09:24:14 GMT
Server: akka-http/10.2.6
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 137

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 3AD8
Redirect Chain

https://pixel.onaudience.com/?mapped=1722494121027241842&partner=68
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=5da5b301802e8c2cf95b608e602b50a3
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
https://pixel.onaudience.com/?partner=147&mapped=e1953fd5-2396-46da-93aa-c81682086a92&icm
https://spl.zeotap.com/?zdid=1332&zcluid=44fecaf97292a5be
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=252083f9-987b-4cbe-7e5b-faae5acf2418&reqId=96859981-f063-462b-69a1-275e1bba16d7&zclui...
https://mwzeom.zeotap.com/mw?google_gid=CAESEB-RB__aNz90sJzdFStu4wM&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=252083f9-987b-4cbe-7e5b-faae5acf2418&reqId=96859981-f063-462b-69a1-275...

95 B
164 B

38ms
27ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?google_gid=CAESEB-RB__aNz90sJzdFStu4wM&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=252083f9-987b-4cbe-7e5b-faae5acf2418&reqId=96859981-f063-462b-69a1-275e1bba16d7&zcluid=44fecaf97292a5be&zdid=1332
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1722494121027241842&agencyId=5212&advertiserId=237778&src=tp&rnd=767937
Protocol: H2
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 09:24:14 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://c1.adform.net
access-control-allow-credentials: true
cf-ray: 6d8b15a97ddf916a-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Sat, 05 Feb 2022 09:24:14 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://mwzeom.zeotap.com/mw?google_gid=CAESEB-RB__aNz90sJzdFStu4wM&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=252083f9-987b-4cbe-7e5b-faae5acf2418&reqId=96859981-f063-462b-69a1-275e1bba16d7&zcluid=44fecaf97292a5be&zdid=1332
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 469
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

/
cm.adsafety.net/ Frame 3AD8
Redirect Chain

https://cm.adsafety.net/?_cmsrc=adformx&idt=100&did=1722494121027241842
https://tags.adsafety.net/v1/cm?cm_uid=CM12022020509ca82df685093a29d2e9&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dct%26_chainsrc%3Dcommon%26idt%3D%5B%25IDT%25%5D%26did%3D%5B%25DID%25%5D
https://cm.adsafety.net/?_cmsrc=ct&_chainsrc=common&idt=100&did=84250a7150f8fe3553115cef882f52b3
https://ads.smartstream.tv/cm/?cmsrc=cm&cm_uid=CM12022020509ca82df685093a29d2e9&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dstv%26_chainsrc%3Dcommon&gdpr_consent=
https://cm.adsafety.net/?_cmsrc=stv&_chainsrc=common&idt=100&did=84250a7150f8fe3553115cef882f52b3&idt_did_status=added&gdpr_consent=&gdpr=0
https://cm.g.doubleclick.net/pixel?google_nid=dataxtrade_dmp&google_cm&google_hm=Q00xMjAyMjAyMDUwOWNhODJkZjY4NTA5M2EyOWQyZTk
https://cm.adsafety.net/?_cmsrc=dbmx&midt=100&mdid=CAESELzS3sAux0uyQpc2bGnqSsQ&google_cver=1
https://c1.adform.net/serving/cookie/match?party=28&cid=CM12022020509ca82df685093a29d2e9
https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=1722494121027241842

43 B
2 KB

14ms
14ms

Image
image/gif

139.162.152.253
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=1722494121027241842
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1722494121027241842&agencyId=5212&advertiserId=237778&src=tp&rnd=767937
Protocol: HTTP/1.1
Server: 139.162.152.253 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1419-253.members.linode.com
Software: nginx /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 05 Feb 2022 09:24:14 GMT
Last-Modified: Sat, 05 Feb 2022 09:24:14 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
Connection: keep-alive
Expires: Mon, 28 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 05 Feb 2022 09:24:14 GMT
server: nginx
location: https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=1722494121027241842
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 3AD8 0
338 B 92ms
28ms Image
text/plain 52.215.32.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=adform&partner_uid=1722494121027241842
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1722494121027241842&agencyId=5212&advertiserId=237778&src=tp&rnd=767937
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.32.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-32-43.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 09:24:14 GMT
cache-control: private, no-cache, no-store
x-request-time: D=31 t=1644053054
x-served-by: beacon-n024-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

/
c1.adform.net/serving/cookie/match/ Frame 3AD8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=MTcyMjQ5NDEyMTAyNzI0MTg0Mg
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm=&google_ula=1641347&party=1&google_hm=MTcyMjQ5NDEyMTAyNzI0MTg0Mg&google_tc=
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMTMwd6BEWFb9eeh07LBEYg&google_cver=1&google_ula=1641347,0

35 B
467 B

20ms
19ms

Image
image/gif

37.157.3.29
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMTMwd6BEWFb9eeh07LBEYg&google_cver=1&google_ula=1641347,0

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1722494121027241842&agencyId=5212&advertiserId=237778&src=tp&rnd=767937

Protocol

Server

37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 09:24:14 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Sat, 05 Feb 2022 09:24:14 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMTMwd6BEWFb9eeh07LBEYg&google_cver=1&google_ula=1641347,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 334
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 plf
c1.adform.net/imatch/ Frame 3AD8 0
261 B 25ms
22ms Image
text/plain 37.157.3.29
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfm

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1722494121027241842&agencyId=5212&advertiserId=237778&src=tp&rnd=767937

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=1722494121027241842&agencyId=5212&advertiserId=237778&src=tp&rnd=767937
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 09:24:14 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H/1.1

200
OK

setuid
secure.adnxs.com/ Frame 3AD8
Redirect Chain

https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%3Fparty%3D3%26id%3D%24UID%26redirect%3D1
https://c1.adform.net/serving/cookie/match?party=3&id=795153433433940836&redirect=1
https://secure.adnxs.com/setuid?entity=91&code=1722494121027241842

43 B
995 B

18ms
17ms

Image
image/gif

185.33.220.243
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/setuid?entity=91&code=1722494121027241842

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1722494121027241842&agencyId=5212&advertiserId=237778&src=tp&rnd=767937

Protocol

HTTP/1.1

Server

185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 05 Feb 2022 09:24:14 GMT
X-Proxy-Origin: 138.199.38.132; 138.199.38.132; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: d283a39e-a99e-4da5-957b-862e4ecb3c5b
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 05 Feb 2022 09:24:14 GMT
server: nginx
location: https://secure.adnxs.com/setuid?entity=91&code=1722494121027241842
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 3AD8 42 B
542 B 62ms
12ms Image
image/gif 185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1722494121027241842
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1722494121027241842&agencyId=5212&advertiserId=237778&src=tp&rnd=767937
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 09:24:13 GMT
cache-control: no-store, no-cache, private
x-lat: amspug015:0:427
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK cs
pdw-adf.userreport.com/ Frame 3AD8 43 B
444 B 38ms
7ms Image
image/gif 65.9.63.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pdw-adf.userreport.com/cs
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1722494121027241842&agencyId=5212&advertiserId=237778&src=tp&rnd=767937
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.63.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-63-40.fra56.r.cloudfront.net
Software: nginx/1.18.0 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 04 Feb 2022 09:33:43 GMT
Via: 1.1 14b10bd09a0531ef477d0a404ca26900.cloudfront.net (CloudFront)
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.18.0
Age: 85831
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
X-Amz-Cf-Pop: FRA56-C1
Content-Length: 43
X-Amz-Cf-Id: iB5_69p_zcWnAJhlkny7_o9gmrJ-Epkes-EpZgoKNDBpZ-4bIJaJBw==

GET
H/1.1

200
OK

match
ps.eyeota.net/ Frame 3AD8
Redirect Chain

https://a.audrte.com/a?adform_uid=1722494121027241842
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D&gdpr=0&gdpr_consent=&google_gid=CAESEFHLb4LTD2EguWm_zLCxgmQ&google_cver=1
https://ps.eyeota.net/match?bid=kh51m51&uid=7e4yyKf3L6pRdi7iaQAbENUQw&gdpr=0&gdpr_consent=

0
344 B

8ms
7ms

Image
text/plain

3.125.70.222
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?bid=kh51m51&uid=7e4yyKf3L6pRdi7iaQAbENUQw&gdpr=0&gdpr_consent=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1722494121027241842&agencyId=5212&advertiserId=237778&src=tp&rnd=767937
Protocol: HTTP/1.1
Server: 3.125.70.222 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-125-70-222.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sat, 05 Feb 2022 09:24:14 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Date: Sat, 05 Feb 2022 09:24:14 GMT
Server: nginx/1.18.0
Access-Control-Allow-Origin: *
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Location: https://ps.eyeota.net/match?bid=kh51m51&uid=7e4yyKf3L6pRdi7iaQAbENUQw&gdpr=0&gdpr_consent=
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 3AD8
Redirect Chain

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=1722494121027241842&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=1722494121027241842&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredire...
https://c1.adform.net/serving/cookie/match?party=1007&cid=53760394428642278480499748216319494882&noredirect=1

35 B
467 B

20ms
20ms

Image
image/gif

37.157.3.29
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1007&cid=53760394428642278480499748216319494882&noredirect=1

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1722494121027241842&agencyId=5212&advertiserId=237778&src=tp&rnd=767937

Protocol

Server

37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 09:24:14 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

DCS: dcs-prod-irl1-1-v027-02c14aa4a.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: UGO76h3OTg4=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://c1.adform.net/serving/cookie/match?party=1007&cid=53760394428642278480499748216319494882&noredirect=1
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 3AD8
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=1722494121027241842
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=164960904053000121484

35 B
467 B

20ms
19ms

Image
image/gif

37.157.3.29
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1014&cid=164960904053000121484

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1722494121027241842&agencyId=5212&advertiserId=237778&src=tp&rnd=767937

Protocol

Server

37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 09:24:14 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Sat, 05 Feb 2022 09:24:14 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://dmp.adform.net/serving/cookie/match/?party=1014&cid=164960904053000121484
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 3AD8
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7061154099826456724

35 B
476 B

19ms
19ms

Image
image/gif

37.157.3.29
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7061154099826456724

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1722494121027241842&agencyId=5212&advertiserId=237778&src=tp&rnd=767937

Protocol

Server

37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 09:24:14 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Location: https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7061154099826456724
Date: Sat, 05 Feb 2022 09:24:14 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H/1.1 200
OK 33302
tags.bluekai.com/site/ Frame 3AD8 62 B
587 B 154ms
154ms Image
image/gif 104.111.215.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/33302?id=1722494121027241842
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1722494121027241842&agencyId=5212&advertiserId=237778&src=tp&rnd=767937
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-191.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sat, 05 Feb 2022 09:24:14 GMT
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
Content-Type: image/gif

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 3AD8
Redirect Chain

https://pixel.mathtag.com/sync/img?redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1066%26cid%3D%5BMM_UUID%5D
https://c1.adform.net/serving/cookie/match?party=1066&cid=294961fe-423d-4e00-be75-480e1796e9c6

35 B
467 B

21ms
20ms

Image
image/gif

37.157.3.29
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1066&cid=294961fe-423d-4e00-be75-480e1796e9c6

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1722494121027241842&agencyId=5212&advertiserId=237778&src=tp&rnd=767937

Protocol

Server

37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 09:24:14 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Date: Sat, 05 Feb 2022 09:24:14 GMT
Server: MT3 4133 baa842e master zrh-pixel-x12 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://c1.adform.net/serving/cookie/match?party=1066&cid=294961fe-423d-4e00-be75-480e1796e9c6
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 0
Expires: Sat, 05 Feb 2022 09:24:13 GMT

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 3AD8
Redirect Chain

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
https://c1.adform.net/serving/cookie/match?party=1084&cid=TrcQPhZF1NghiK5

35 B
467 B

20ms
20ms

Image
image/gif

37.157.3.29
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1084&cid=TrcQPhZF1NghiK5

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1722494121027241842&agencyId=5212&advertiserId=237778&src=tp&rnd=767937

Protocol

Server

37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 09:24:14 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Pragma: no-cache
Date: Sat, 05 Feb 2022 09:24:14 GMT
Server: PingMatch/v2.0.30-702-g2925257#rel-ec2-master i-0a9739bdde9ce53f1@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Location: https://c1.adform.net/serving/cookie/match?party=1084&cid=TrcQPhZF1NghiK5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 3AD8
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=71ei9rr&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=71ei9rr&ttd_tpi=1
https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=e1953fd5-2396-46da-93aa-c81682086a92

35 B
467 B

20ms
19ms

Image
image/gif

37.157.3.29
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=e1953fd5-2396-46da-93aa-c81682086a92

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1722494121027241842&agencyId=5212&advertiserId=237778&src=tp&rnd=767937

Protocol

Server

37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 09:24:14 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Sat, 05 Feb 2022 09:24:14 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=e1953fd5-2396-46da-93aa-c81682086a92
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 225

GET

image.sbmx
ib.mookie1.com/ Frame 3AD8
Redirect Chain

https://global.ib-ibi.com/image.sbmx?go=302927&pid=567&xid=1722494121027241842
https://ib.mookie1.com/image.sbmx?go=302927&pid=567&xid=1722494121027241842

0
0

GET
H/1.1 200 0.gif
id5-sync.com/s/10/ Frame 3AD8 43 B
1009 B 39ms
8ms Image
image/gif 141.95.3.40
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/10/0.gif?puid=1722494121027241842

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1722494121027241842&agencyId=5212&advertiserId=237778&src=tp&rnd=767937

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

141.95.3.40 , France, ASN16276 (OVH, FR),

Reverse DNS

p30.id5-sync.com

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sat, 05 Feb 2022 09:24:14 GMT
Transfer-Encoding: chunked
Content-Type: image/gif;charset=UTF-8
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
P3P: CP="CAO PSA OUR"

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 3AD8
Redirect Chain

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=794123162
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=oRuppqj7NlkY472G7.VBle

35 B
467 B

20ms
20ms

Image
image/gif

37.157.3.29
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1145&cid=oRuppqj7NlkY472G7.VBle

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1722494121027241842&agencyId=5212&advertiserId=237778&src=tp&rnd=767937

Protocol

Server

37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 09:24:14 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Sat, 05 Feb 2022 09:24:14 GMT
via: 1.1 google
last-modified: Sat, 05 Feb 2022 09:24:14 GMT
server: nginx/1.12.0
location: https://dmp.adform.net/serving/cookie/match/?party=1145&cid=oRuppqj7NlkY472G7.VBle
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 3AD8 23 B
172 B 78ms
34ms Image
image/gif 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=119&uid=1722494121027241842
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1722494121027241842&agencyId=5212&advertiserId=237778&src=tp&rnd=767937
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.7 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 09:24:14 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sat, 05 Feb 2022 09:24:14 GMT
server: akka-http/10.2.7
content-length: 23
content-type: image/gif

GET
H2

200

pixel.gif
sync.1dmp.io/ Frame 3AD8
Redirect Chain

https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=1722494121027241842
https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=1722494121027241842&cs=1

35 B
376 B

12ms
11ms

Image
image/gif

88.99.213.228
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=1722494121027241842&cs=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1722494121027241842&agencyId=5212&advertiserId=237778&src=tp&rnd=767937
Protocol: H2
Server: 88.99.213.228 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88-99-213-228.clients.your-server.de
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 09:24:14 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-type: image/gif
content-length: 35
expires: 0

Redirect headers

location: /pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=1722494121027241842&cs=1
date: Sat, 05 Feb 2022 09:24:14 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-length: 0
expires: 0

GET
H2 204 /
s.ad.smaato.net/c/ Frame 3AD8 0
238 B 34ms
8ms Image
text/plain 2600:9000:2057:c000:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001213&dspCookie=1722494121027241842
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1722494121027241842&agencyId=5212&advertiserId=237778&src=tp&rnd=767937
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:c000:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 09:24:14 GMT
via: 1.1 c6b364b1181abfafd7a69f210841edca.cloudfront.net (CloudFront)
server: CloudFront
cache-control: no-cache, must-revalidate
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: uUn330kKf_ibWJaCiQbIjHv84cI6nEIJ83ACda4Jja4sN_bn2TCkpQ==
x-cache: FunctionGeneratedResponse from cloudfront

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 3AD8
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=2032&partner_device_id=1722494121027241842&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DE...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2032&partner_device_id=1722494121027241842&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7...
https://c1.adform.net/serving/cookie/match?party=2007&cid=67152122-c5cf-414e-83de-d79ca98a2332

35 B
467 B

20ms
19ms

Image
image/gif

37.157.3.29
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=2007&cid=67152122-c5cf-414e-83de-d79ca98a2332

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1722494121027241842&agencyId=5212&advertiserId=237778&src=tp&rnd=767937

Protocol

Server

37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 09:24:14 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

location: https://c1.adform.net/serving/cookie/match?party=2007&cid=67152122-c5cf-414e-83de-d79ca98a2332
date: Sat, 05 Feb 2022 09:24:14 GMT
via: 1.1 google
alt-svc: clear
content-length: 0
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2 200 1722494121027241842
match.contentexchange.me/adform/ Frame 3AD8 0
49 B 86ms
24ms Image
text/plain 46.19.11.36
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.contentexchange.me/adform/1722494121027241842?redirect_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1219
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1722494121027241842&agencyId=5212&advertiserId=237778&src=tp&rnd=767937
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.19.11.36 Ljubljana, Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: ilog.vsn.si
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 09:24:14 GMT
content-length: 0
server: nginx/1.16.1

GET
H2

200

xuid
eb2.3lift.com/ Frame 3AD8
Redirect Chain

https://eb2.3lift.com/xuid?mid=7354&xuid=1722494121027241842&dongle=AD20
https://eb2.3lift.com/xuid?ld=1&mid=7354&xuid=1722494121027241842&dongle=AD20&gdpr=1&cmp_cs=&us_privacy=

37 B
355 B

10ms
10ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=7354&xuid=1722494121027241842&dongle=AD20&gdpr=1&cmp_cs=&us_privacy=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1722494121027241842&agencyId=5212&advertiserId=237778&src=tp&rnd=767937
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 09:24:14 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=7354&xuid=1722494121027241842&dongle=AD20&gdpr=1&cmp_cs=&us_privacy=
date: Sat, 05 Feb 2022 09:24:14 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 plf
c1.adform.net/imatch/ Frame 3AD8 0
261 B 32ms
31ms Image
text/plain 37.157.3.29
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfl

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1722494121027241842&agencyId=5212&advertiserId=237778&src=tp&rnd=767937

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=1722494121027241842&agencyId=5212&advertiserId=237778&src=tp&rnd=767937
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 09:24:14 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame D68D 28 B
54 B 22ms
21ms XHR
application/json 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0cd11746/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/RDq88JEbv6U
X-YouTube-Client-Version: 1.20220202.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: Cgt6QWVUMUVzRTNxMCi8hPmPBg%3D%3D
X-YouTube-Ad-Signals: dt=1644053052360&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=23&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C640%2C360&vis=1&wgl=true&ca_type=image

Response headers

date: Sat, 05 Feb 2022 09:24:14 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Sat, 05 Feb 2022 09:24:14 GMT

GET
H2 200 / Show response
track.adform.net/Serving/Cookie/ 92 B
514 B 35ms
20ms Script
text/javascript 37.157.3.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/Cookie/?adfaction=getjs;adfcookname=uid

Requested by

Host: aroma.seedcompany.com
URL: http://aroma.seedcompany.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

0b7ca7c8dc22686e70c622236d66b6bf96af6e293e7e9bb8705c2eac25192f6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://aroma.seedcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 09:24:16 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 200
expires: -1

GET
H3

200

collect
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/collect?v=1&_v=j96&a=1018947153&t=timing&_s=2&dl=http%3A%2F%2Faroma.seedcompany.com%2F&ul=en-us&de=UTF-8&dt=Aroma%20Prayer&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&p...
https://www.google-analytics.com/collect?v=1&_v=j96&a=1018947153&t=timing&_s=2&dl=http%3A%2F%2Faroma.seedcompany.com%2F&ul=en-us&de=UTF-8&dt=Aroma%20Prayer&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&...

35 B
55 B

6ms
6ms

Image
image/gif

2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1018947153&t=timing&_s=2&dl=http%3A%2F%2Faroma.seedcompany.com%2F&ul=en-us&de=UTF-8&dt=Aroma%20Prayer&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=4929&pdt=1&dns=1&rrt=0&srt=15&tcp=7&dit=627&clt=627&_gst=577&_gbt=664&_u=IEBAAEABAAAAAC~&jid=&gjid=&cid=1920564580.1644053052&tid=UA-108415468-6&_gid=1713622629.1644053052&z=516990816

Protocol

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://aroma.seedcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Feb 2022 19:50:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 48818
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/collect?v=1&_v=j96&a=1018947153&t=timing&_s=2&dl=http%3A%2F%2Faroma.seedcompany.com%2F&ul=en-us&de=UTF-8&dt=Aroma%20Prayer&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=4929&pdt=1&dns=1&rrt=0&srt=15&tcp=7&dit=627&clt=627&_gst=577&_gbt=664&_u=IEBAAEABAAAAAC~&jid=&gjid=&cid=1920564580.1644053052&tid=UA-108415468-6&_gid=1713622629.1644053052&z=516990816
Non-Authoritative-Reason: HSTS

GET
H3 200 RDq88JEbv6U Show response
www.youtube.com/embed/ Frame D68D 60 KB
25 KB 63ms
63ms Document
text/html 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/RDq88JEbv6U?enablejsapi=1&origin=http%3A%2F%2Faroma.seedcompany.com

Requested by

Host: www.googletagmanager.com
URL: http://www.googletagmanager.com/gtm.js?id=GTM-MGXTKBN

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ac68eb00478b519a51c2091c1e7740535da97a24910f32086668a09c25fde892

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://aroma.seedcompany.com/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 05 Feb 2022 09:24:16 GMT
strict-transport-security: max-age=31536000
report-to: {"group":"ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-encoding: br
server: ESF
x-xss-protection: 0
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 iframe_api Show response
www.youtube.com/ 980 B
513 B 26ms
25ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.googletagmanager.com
URL: http://www.googletagmanager.com/gtm.js?id=GTM-MGXTKBN

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8467a8357349298073591bd163beabc28e27331b03e6dc9bf7f9d2a66757bf7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://aroma.seedcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 09:24:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"}]}
content-type: text/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"
expires: Sat, 05 Feb 2022 09:24:16 GMT

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/0cd11746/www-widgetapi.vflset/ 146 KB
47 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/0cd11746/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

101df151aa008e88d6f4e497cc3558f63d2524f788e46e3e3a109a4620aff141

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://aroma.seedcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 09:21:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 145
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48379
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 01:18:07 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 05 Feb 2023 09:21:51 GMT

POST atr
www.youtube.com/api/stats/ Frame D68D 0
0

GET
H3 200 www-player-webp.css
www.youtube.com/s/player/0cd11746/ Frame D68D 341 KB
47 KB 7ms
7ms Stylesheet
text/css 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/0cd11746/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/RDq88JEbv6U?enablejsapi=1&origin=http%3A%2F%2Faroma.seedcompany.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c13dadae2e9def300c7bdddb2aad15c4dc23128558e90334ddefa00fc181f47b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/RDq88JEbv6U?enablejsapi=1&origin=http%3A%2F%2Faroma.seedcompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 07:33:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6627
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47735
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 01:18:07 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 05 Feb 2023 07:33:49 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/0cd11746/www-embed-player.vflset/ Frame D68D 273 KB
84 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/0cd11746/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/RDq88JEbv6U?enablejsapi=1&origin=http%3A%2F%2Faroma.seedcompany.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63ef265ba04cf38d04a6823bdd535b004b2495c8a5f761bdece6c8ee6d493759

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/RDq88JEbv6U?enablejsapi=1&origin=http%3A%2F%2Faroma.seedcompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 16:00:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 149033
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 85894
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 01:18:07 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 03 Feb 2023 16:00:23 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/0cd11746/player_ias.vflset/de_DE/ Frame D68D 2 MB
535 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/0cd11746/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/RDq88JEbv6U?enablejsapi=1&origin=http%3A%2F%2Faroma.seedcompany.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29d9447c90e6c9c74c6d01fdec5d9d1f2890eae36e3fac469aa59ca2b5c790ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/RDq88JEbv6U?enablejsapi=1&origin=http%3A%2F%2Faroma.seedcompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 16:00:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 149039
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 547581
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 01:18:07 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 03 Feb 2023 16:00:17 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/0cd11746/fetch-polyfill.vflset/ Frame D68D 8 KB
3 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/0cd11746/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/RDq88JEbv6U?enablejsapi=1&origin=http%3A%2F%2Faroma.seedcompany.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/RDq88JEbv6U?enablejsapi=1&origin=http%3A%2F%2Faroma.seedcompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 16:00:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 149033
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2830
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 01:18:07 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 03 Feb 2023 16:00:23 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame D68D 15 KB
15 KB 32ms
8ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/RDq88JEbv6U?enablejsapi=1&origin=http%3A%2F%2Faroma.seedcompany.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 17:06:41 GMT
x-content-type-options: nosniff
age: 317855
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 01 Feb 2023 17:06:41 GMT

GET
H3 200 id Show response
googleads.g.doubleclick.net/pagead/ Frame D68D 113 B
159 B 17ms
16ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0cd11746/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d93982463fdbc716cf9ee90d53dc86a0cd5318bb53e3f6ea0c9be345767b3d2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 09:24:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame D68D 29 B
54 B 22ms
7ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0cd11746/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 09:18:50 GMT
x-content-type-options: nosniff
age: 326
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 05 Feb 2022 09:33:50 GMT

GET
H3 200 remote.js Show response
www.youtube.com/s/player/0cd11746/player_ias.vflset/de_DE/ Frame D68D 97 KB
30 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/0cd11746/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0cd11746/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab87e52955287d3ffa1abca259d9303ef67af9129aec71659447e64f9abf2c7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/RDq88JEbv6U?enablejsapi=1&origin=http%3A%2F%2Faroma.seedcompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 16:00:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 149039
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30787
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 01:18:07 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 03 Feb 2023 16:00:17 GMT

GET
H3 200 cO59X2DxNYL4vvKEGehIiQOU9ahpG5-d3QbKaZOglVQ.js Show response
www.google.com/js/th/ Frame D68D 35 KB
13 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/cO59X2DxNYL4vvKEGehIiQOU9ahpG5-d3QbKaZOglVQ.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0cd11746/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70ee7d5f60f13582f8bef28419e848890394f5a8691b9f9ddd06ca6993a09554

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 12:45:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74343
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13653
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 15:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 Feb 2023 12:45:13 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/0cd11746/player_ias.vflset/de_DE/ Frame D68D 26 KB
7 KB 13ms
10ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/0cd11746/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0cd11746/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2c8e978634f01b644c437241c8c89c5cb9b21d70675694da3c4abde318c35aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/RDq88JEbv6U?enablejsapi=1&origin=http%3A%2F%2Faroma.seedcompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 16:00:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 149023
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7614
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 01:18:07 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 03 Feb 2023 16:00:33 GMT

GET
DATA 200
OK truncated
/ Frame D68D 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 AKedOLTQnpvuCMgC1E7BnctWlza8C9FBQ8PV0sRSqtYRMQ=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame D68D 3 KB
3 KB 28ms
11ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLTQnpvuCMgC1E7BnctWlza8C9FBQ8PV0sRSqtYRMQ=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/RDq88JEbv6U?enablejsapi=1&origin=http%3A%2F%2Faroma.seedcompany.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

546df519650ccd1c9afda3d5e218295ff5d32516714d7b9bd7977ea4b1fc6238

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 09:24:12 GMT
x-content-type-options: nosniff
age: 4
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3065
x-xss-protection: 0
server: fife
etag: "v615"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 01 Feb 2022 18:21:02 GMT

GET
H3 200 sddefault.webp
i.ytimg.com/vi_webp/RDq88JEbv6U/ Frame D68D 18 KB
18 KB 27ms
11ms Image
image/webp 2a00:1450:4001:808::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/RDq88JEbv6U/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/RDq88JEbv6U?enablejsapi=1&origin=http%3A%2F%2Faroma.seedcompany.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9c424bf162a6f138653e75580c05817dcd922e263d295530294d14243f053f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 09:24:12 GMT
x-content-type-options: nosniff
age: 4
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17954
x-xss-protection: 0
server: sffe
etag: "1612539839"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 05 Feb 2022 11:24:12 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame D68D 4 KB
2 KB 145ms
128ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0cd11746/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 09:24:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 05 Feb 2022 09:24:17 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame D68D 0
9 B 8ms
7ms Image
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?5aABnA
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/RDq88JEbv6U?enablejsapi=1&origin=http%3A%2F%2Faroma.seedcompany.com
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/RDq88JEbv6U?enablejsapi=1&origin=http%3A%2F%2Faroma.seedcompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 09:24:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET ppms.php
epiphany.masterworks.com/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ib.mookie1.com
URL: https://ib.mookie1.com/image.sbmx?go=302927&pid=567&xid=1722494121027241842

Domain: www.youtube.com
URL: https://www.youtube.com/api/stats/atr?ns=yt&el=embedded&cpn=nClmXNXvnxli2lvN&ver=2&cmt=0&fs=0&rt=0&euri=http%3A%2F%2Faroma.seedcompany.com%2F&lact=4281&cl=425997941&mos=0&volume=100&cbr=Chrome&cbrver=97.0.4692.71&c=WEB_EMBEDDED_PLAYER&cver=1.20220202.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&hl=de_DE&cr=DE&len=1868&fexp=23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24080738%2C24082661%2C24127418%2C24135310%2C24158010%2C24161162%2C24166124&muted=0&vis=3&docid=RDq88JEbv6U

Domain: epiphany.masterworks.com
URL: http://epiphany.masterworks.com/ppms.php?e_c=adform%20uid&e_a=adform%20uid&e_n=1722494121027241842&e_v=0&idsite=18b85536-6018-404d-970f-3aedacc045a1&rec=1&r=031227&h=9&m=24&s=18&url=http%3A%2F%2Faroma.seedcompany.com%2F&_id=5b7cf9f93fc872fd&_idts=1644053053&_idvc=1&_idn=0&_viewts=1644053053&send_image=1&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&dimension4=1722494121027241842&dimension1=&dimension2=&dimension5=&gt_ms=16&pv_id=ydk46I

Verdicts & Comments Add Verdict or Comment

93 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

102 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
aroma.seedcompany.com/	1970-01-20 05:05:50	Name: ubpv Value: b%2Cd3365b05-921a-4d8f-9db6-2c60fb640f66
aroma.seedcompany.com/	1970-01-20 05:00:05	Name: ubvs Value: 8322f21b-9412-4648-be16-2c780997fe50
.seedcompany.com/	1970-01-20 00:45:12	Name: ubvt Value: 8322f21b-9412-4648-be16-2c780997fe50
.seedcompany.com/	1970-01-20 18:12:05	Name: _ga Value: GA1.2.1920564580.1644053052
.seedcompany.com/	1970-01-20 00:42:19	Name: _gid Value: GA1.2.1713622629.1644053052
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: lF-zAEZlPzs
.youtube.com/	1970-01-20 05:00:05	Name: VISITOR_INFO1_LIVE Value: zAeT1EsE3q0
.seedcompany.com/	1970-01-20 00:40:53	Name: _gat Value: 1
aroma.seedcompany.com/	1970-01-20 00:40:54	Name: stg_traffic_source_priority Value: 1
aroma.seedcompany.com/	1969-12-31 23:59:59	Name: stg_externalReferrer Value:
aroma.seedcompany.com/	1970-01-20 10:06:48	Name: _pk_id.18b85536-6018-404d-970f-3aedacc045a1.6277 Value: 5b7cf9f93fc872fd.1644053053.1.1644053053.1644053053.
aroma.seedcompany.com/	1970-01-20 00:40:54	Name: _pk_ses.18b85536-6018-404d-970f-3aedacc045a1.6277 Value: *
.seedcompany.com/	1970-01-20 02:50:29	Name: _fbp Value: fb.1.1644053053364.186805187
.adform.net/	1970-01-20 01:21:12	Name: C Value: 1
.adform.net/	1970-01-20 02:07:17	Name: uid Value: 1722494121027241842
.adform.net/	1970-01-20 00:42:19	Name: CM Value: 1\|1
.adform.net/	1970-01-20 01:01:02	Name: CM14 Value: 1644139454_1644053054_1_Hu7u4e4e4e7u7u4REREeERERERHhEA
.seadform.net/	1970-01-20 02:07:13	Name: uid Value: 1722494121027241842
.adscale.de/	1970-01-20 09:23:09	Name: uu Value: 3b63a80a098f48e1914afa66ae945d5d
.adscale.de/	1970-01-20 09:23:09	Name: cct Value: 1644053054214
.yieldlab.net/	1970-01-20 09:26:29	Name: id Value: ed71b852-9c7a-4730-8d46-082f6593e22c
.ih.adscale.de/	1970-01-20 09:23:09	Name: tu Value: 4#2852576470#42~1722494121027241842~456681~0~0
.casalemedia.com/	1970-01-20 09:26:29	Name: CMID Value: Yf5CPhZxD7O1TYtTGXFuNAAA
.casalemedia.com/	1970-01-20 02:50:29	Name: CMPS Value: 3239
.advertising.com/	1970-01-20 09:27:55	Name: APID Value: UP626556a5-8665-11ec-9efb-02f57c87c92e
.casalemedia.com/	1970-01-20 02:50:29	Name: CMPRO Value: 1199
.casalemedia.com/	1970-01-20 09:26:29	Name: CMRUM3 Value: 6f61fe423e27601722494121027241842
.casalemedia.com/	1970-01-20 00:42:19	Name: CMST Value: Yf5CPmH+Qj4A
.eyeota.net/	1970-01-20 00:40:53	Name: SERVERID Value: 20801~DM
ads.stickyadstv.com/	1970-01-20 02:07:17	Name: uid-bp-617 Value: 1722494121027241842
ads.stickyadstv.com/	1970-01-20 01:24:05	Name: UID Value: 295ffaf42d8b5610dd224ac74db33b9
ads.stickyadstv.com/	1969-12-31 23:59:59	Name: sessionId Value: 155cd073578a587d035ddbf9d2fd55
.360yield.com/	1970-01-20 02:50:29	Name: tuuid Value: b1179ed0-d913-41da-9402-67a30d013d8b
.360yield.com/	1970-01-20 02:50:29	Name: tuuid_lu Value: 1644053054
.semasio.net/	1970-01-20 09:26:29	Name: SEUNCY Value: E27133C944790B95
.yahoo.com/	1970-01-20 09:26:50	Name: A3 Value: d=AQABBD5C_mECENJrQXQnZ3xDaIesqIqizrsFEgEBAQGT_2EIYgAAAAAA_eMAAA&S=AQAAAkHgIPHRT3ZgnuRKfnPChZE
.bidswitch.net/	1970-01-20 09:26:29	Name: tuuid Value: 4211ffd3-4f0a-400e-94ab-78efabe97dad
.bidswitch.net/	1970-01-20 09:26:29	Name: c Value: 1644053054
.bidswitch.net/	1970-01-20 09:26:29	Name: tuuid_lu Value: 1644053054
.analytics.yahoo.com/	1970-01-20 09:27:55	Name: IDSYNC Value: 1760~2329
.360yield.com/	1970-01-20 02:50:29	Name: um Value: !42,L3anXAXogP8m5BHft9i5W-1qvD5rR.aqPBemXz2aTkPm,1645262654
.360yield.com/	1970-01-20 02:50:29	Name: umeh Value: !42,0,1706261054,-1
.exelator.com/	1970-01-20 03:33:41	Name: EE Value: "5da5b301802e8c2cf95b608e602b50a3"
cm.adsafety.net/	1970-01-20 09:26:29	Name: UID Value: CM12022020509ca82df685093a29d2e9
.adsafety.net/	1970-01-20 09:26:29	Name: cm_uid Value: CM12022020509ca82df685093a29d2e9
.exelator.com/	1970-01-20 03:33:41	Name: ud Value: "eJxrXxzq6XKLQcE0JdE0ydjA0MLAKNUi2Sg5zdI0yczAItXMwCjJ1CDReHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq0yNJ8SX5RZvoiF9fFRSlpDItKik8F70%252BZCQBqJyno"
.mathtag.com/	1970-01-20 10:06:48	Name: uuid Value: 294961fe-423d-4e00-be75-480e1796e9c6
.crwdcntrl.net/	1970-01-20 07:09:40	Name: _cc_dc Value: 1
.crwdcntrl.net/	1970-01-20 07:09:40	Name: _cc_id Value: 3cdb89d4861365ce8f56f6ece3dfe0fa
.crwdcntrl.net/	1970-01-20 07:09:41	Name: _cc_cc Value: "ACZ4XmNQME5OSbKwTDGxMDM0NjNNTrVIMzVLM0tNTjVOSUs1SEtkAILEf052IBoKAG1gC5U%3D"
.crwdcntrl.net/	1970-01-20 07:09:41	Name: _cc_aud Value: "ABR4XmNgYGBI%2FOdkB6SgAAAYCAHg"
.krxd.net/	1970-01-20 05:00:05	Name: _kuid_ Value: OpOHWi9b
tags.adsafety.net/	1970-01-20 09:26:29	Name: UID Value: 84250a7150f8fe3553115cef882f52b3
tags.adsafety.net/	1970-01-20 09:26:29	Name: DID Value: 84250a7150f8fe3553115cef882f52b3
tags.adsafety.net/	1970-01-20 09:26:29	Name: IDT Value: 100
tags.adsafety.net/	1970-01-20 09:26:29	Name: cookie_ver Value: 2
tags.adsafety.net/	1970-01-20 01:24:05	Name: block_reset Value: 1
.adsafety.net/	1970-01-20 09:26:29	Name: ct_uid Value: 84250a7150f8fe3553115cef882f52b3
.adsafety.net/	1970-01-20 09:26:29	Name: ct_did Value: 84250a7150f8fe3553115cef882f52b3
.adsafety.net/	1970-01-20 09:26:29	Name: ct_idt Value: 100
.doubleclick.net/	1970-01-20 10:02:29	Name: IDE Value: AHWqTUmVULdsdGePBVZEfXYqO299cqCcfFO5L3nGygXVMlEhekIwhzh3etWCbpm841g
cm.adsafety.net/	1970-01-20 09:26:29	Name: permanent Value: 1
.adnxs.com/	1970-01-20 02:50:29	Name: uuid2 Value: 795153433433940836
ads.smartstream.tv/	1970-01-20 09:26:29	Name: DID Value: 84250a7150f8fe3553115cef882f52b3
ads.smartstream.tv/	1970-01-20 09:26:29	Name: idt Value: 100
ads.smartstream.tv/	1970-01-20 09:26:29	Name: permanent Value: 1
ads.smartstream.tv/	1970-01-20 01:24:05	Name: cm_uid Value: CM12022020509ca82df685093a29d2e9
.pubmatic.com/	1970-01-20 01:24:05	Name: KRTBCOOKIE_391 Value: 22924-1722494121027241842&KRTB&23263-1722494121027241842
.pubmatic.com/	1970-01-20 01:24:05	Name: PugT Value: 1644053053
.pubmatic.com/	1970-01-20 02:50:29	Name: PUBMDCID Value: 3
.agkn.com/	1970-01-20 09:26:29	Name: ab Value: 0001%3AmjUmHlEeUA4gr14EDTbI1kmKYpH4g01A
.adfarm1.adition.com/	1970-01-20 02:50:29	Name: UserID1 Value: 7061154099826456724
.adnxs.com/	1970-01-20 02:50:29	Name: anj Value: dTM7k!M4/YD>6NRF']wIg2ImNo6wEx!@wnfH8K4YRH[@9=E'ZLfR5@Ne9hXTcw^@Te9hFB<:8kNh`Mg^P(hw9P-HC_#tvv7(TR3+
cm.adsafety.net/	1970-01-20 09:26:29	Name: cache0 Value: KzFHSk9wMUZsMkpMMjlsMzBXenlaNW95RzdoSjVCK0dqaEZNeFBHR2szZ0syZlpnOHFIckpya0F4OTZZZ3EwTHQxc05sK0J1ZG9HUXlkVmY3Z0IvWjk5MlY2NmJHMFVSWE00eHhQcjJVMWY2cHBnVW1zUmF1QjFnR3BsQW5MdTUvMEs0RS9VZjVvdVpLZmJjWG1mZHlkTzFmVkc5Y3V0a2NoV3JKRDZiUldaSlMrbFpvWjdSK3VCdEJYaElvZmhpT0VIT3pOc0VLbnVEU1RubjhyTUVaMmVtT2ZkaS9vTnJZZ0tndmRQdlFzbG5ITG5iWU9lWU1vVDQxT2pCNGxZdndIc0xYVXpkVGN1VTJJOVhwR2hrMVVkTEpOVmw2ZG5zaEMvVDhCY3BuY0tzMXI4Tks0N2IzT1M5L05zMlNmT3czaUdCU1U3K29ROFJDcEsybmFCbWhYTGhUcG5WL2VZU0kzSEwyZ1o5N2VhaktOTFRMb1ZudWlYdnhGNFpXY0h0YTRKTFB0eXBvaVMreCtsR1V1TVFMVkxtdytTT3k5SGpVRi9BUVlyUzZhdEtXaElIVU9EeXNISWh6QVJmVWNVL0hTMUZKVWhxTVRJQmNJZEtnaXRYV3M0V3UyYk5qQ0hvQjZWVkEvWjJpMVBqbU9vdDlWN1lRNmlHZE9EcVVGdTViOGQ0cDRzQ2pab0VtK0R1SnlXYzY1SU1qbVVNMDBBWHgwY0QwWGgvTFFjSzlYaCswWG1tTXpRNHB4eWE1RHhOaU93RU0walVwc0lscWdOV3FidU9nQ1B3cWEwdGJNaXAzcVZTNVVhTTZkRzd0Ti9ZRTVQTWlTa2NiZTQwcTQ4WEZsYWFJM0xjYnBTbWhSRW5oR3R2VjFYTFljWDJ3d2EwOXdMOStKcDIyRC9hWUlVUGtMVkREZC9uWkw1cnVNVUM5bzl2UjR2NXFuODZDNmxWblNna0NHZnhqaWx0bnBqeWs0SGFpelk1Nkk5cU4zc1Nab3pCQjJMN0NoNGorVGhneFkzMU5HZVRPMEJ5ZytIeGxtT3pHdFd4Sm96QjdMWmFsdXJOL3FMMXJqZEo1dFh1elMzVkJWWXpJMDNEejBBNTgwT0Z6cmVCVzJINGsxa2tURy9oVWc9PQ%3D%3D
.w55c.net/	1970-01-20 10:06:48	Name: wfivefivec Value: TrcQPhZF1NghiK5
.w55c.net/	1970-01-20 01:24:05	Name: matchadform Value: 5
.adsrvr.org/	1970-01-20 09:26:29	Name: TDID Value: e1953fd5-2396-46da-93aa-c81682086a92
.id5-sync.com/	1970-01-20 00:40:53	Name: cf Value:
.id5-sync.com/	1970-01-20 00:40:53	Name: cip Value:
.id5-sync.com/	1970-01-20 00:40:53	Name: cnac Value:
.id5-sync.com/	1970-01-20 00:40:53	Name: car Value:
.id5-sync.com/	1970-01-20 00:40:53	Name: gdpr Value:
.id5-sync.com/	1970-01-20 00:40:53	Name: callback Value:
.onaudience.com/	1970-01-20 09:26:29	Name: cookie Value: 44fecaf97292a5be
.onaudience.com/	1970-01-20 00:42:19	Name: done_redirects161 Value: 1
.1dmp.io/	1970-01-20 09:26:29	Name: uid Value: 62a126b0-8665-11ec-ae6b-901b0ea4a41b
.weborama.fr/	1970-01-20 10:12:33	Name: AFFICHE_W Value: -kF-kxPdxC-@30
.tapad.com/	1970-01-20 02:07:17	Name: TapAd_TS Value: 1644053054623
.tapad.com/	1970-01-20 02:07:17	Name: TapAd_DID Value: 67152122-c5cf-414e-83de-d79ca98a2332
.3lift.com/	1970-01-20 02:50:29	Name: tluid Value: 3547733218487309798515
.tapad.com/	1970-01-20 02:07:17	Name: TapAd_3WAY_SYNCS Value:
.onaudience.com/	1970-01-20 00:42:19	Name: done_redirects147 Value: 1
.adsrvr.org/	1970-01-20 09:26:29	Name: TDCPM Value: CAEYASABKAIyCwjU7aOggKW0OhAFOAFaB3hrc3c5bGFgAg..
.audrte.com/	1970-01-20 01:02:29	Name: arcki2 Value: 7e4yyKf3L6pRdi7iaQAbENUQw!20210804!1644053054754
.demdex.net/	1970-01-20 05:00:05	Name: demdex Value: 53760394428642278480499748216319494882
global.ib-ibi.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: prpveu3hxizqcotdtnwk11nu
.onaudience.com/	1970-01-20 00:42:19	Name: done_redirects219 Value: 1
.dpm.demdex.net/	1970-01-20 05:00:05	Name: dpm Value: 53760394428642278480499748216319494882
.zeotap.com/	1970-01-20 09:26:29	Name: zc Value: 252083f9-987b-4cbe-7e5b-faae5acf2418
.zeotap.com/	1970-01-20 00:42:19	Name: zsc Value: %95K%BE%8D%E9Z%ED%D30M%DB%DEP%BA%B9%C1y%9F%D3%80R%07%81%C8_I%D4%89%F5b%D2%A1%DF%8A%26ar%D2%C6%DB%26c%FD%F8%F0%DC%C47%AC%B2%90%E60%5DCS%05%2C%A2%D2%D8%EB%A9%EE%FE%85%0Av%CBD%A4xn%0Fh%7F%BE%81%DE%E6%A9X%3C
aroma.seedcompany.com/	1970-01-20 09:26:29	Name: stg_last_interaction Value: Sat%2C%2005%20Feb%202022%2009:24:16%20GMT
aroma.seedcompany.com/	1970-01-20 09:26:29	Name: stg_returning_visitor Value: Sat%2C%2005%20Feb%202022%2009:24:16%20GMT

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ch-ua-full-version-list'.
network	error	URL: https://idsync.rlcdn.com/398366.gif?partner_uid=1722494121027241842 Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://ib.mookie1.com/image.sbmx?go=302927&pid=567&xid=1722494121027241842 Message: Failed to load resource: net::ERR_CONNECTION_RESET
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ch-ua-full-version-list'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
a1.seadform.net
a2.adform.net
aa.agkn.com
ad.360yield.com
ad.yieldlab.net
ads.smartstream.tv
ads.stickyadstv.com
ajax.googleapis.com
api.adrtx.net
aroma.seedcompany.com
beacon.krxd.net
builder-assets.unbounce.com
c1.adform.net
cloud.typography.com
cm.adsafety.net
cm.g.doubleclick.net
connect.facebook.net
d34qb8suadcc4g.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
dev.visualwebsiteoptimizer.com
dmp.adform.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eb2.3lift.com
epiphany.masterworks.com
eu-u.openx.net
events.ub-analytics.com
extend.vimeocdn.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
ib.mookie1.com
id5-sync.com
idsync.rlcdn.com
ih.adscale.de
load77.exelator.com
loada.exelator.com
loadm.exelator.com
match.adsrvr.org
match.contentexchange.me
mwzeom.zeotap.com
pdw-adf.userreport.com
pixel.advertising.com
pixel.mathtag.com
pixel.onaudience.com
pixel.tapad.com
pm.w55c.net
ps.eyeota.net
redirect.frontend.weborama.fr
rtb-csync.smartadserver.com
rtb.gumgum.com
s.ad.smaato.net
s2.adform.net
s3-eu-west-1.amazonaws.com
secure.adnxs.com
simage2.pubmatic.com
spl.zeotap.com
static.doubleclick.net
stats.g.doubleclick.net
sync.1dmp.io
sync.crwdcntrl.net
sync.teads.tv
tags.adsafety.net
tags.bluekai.com
token.rubiconproject.com
track.adform.net
uipglob.semasio.net
ups.analytics.yahoo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.youtube.com
x.bidswitch.net
yt3.ggpht.com
epiphany.masterworks.com
ib.mookie1.com
www.youtube.com
104.111.215.191
104.111.218.85
104.111.232.231
104.111.242.245
139.162.152.253
141.95.3.40
142.250.186.162
143.204.214.7
151.101.14.109
18.156.0.31
18.157.252.145
18.192.154.244
18.198.254.252
185.167.164.51
185.33.220.243
185.64.189.110
185.86.137.132
2.18.233.201
2.18.234.21
2.18.234.233
2600:9000:2057:c000:1b:5138:8a40:93a1
2600:9000:2156:3a00:1d:11cf:5800:93a1
2606:4700:10::ac43:db6
2a00:1450:4001:802::2003
2a00:1450:4001:803::2006
2a00:1450:4001:808::2016
2a00:1450:4001:80e::200a
2a00:1450:4001:810::2002
2a00:1450:4001:810::2003
2a00:1450:4001:810::2004
2a00:1450:4001:810::200e
2a00:1450:4001:811::2003
2a00:1450:4001:813::200e
2a00:1450:4001:82a::200a
2a00:1450:4001:82f::2008
2a00:1450:4001:831::2001
2a00:1450:400c:c08::9d
2a01:111:f100:2000::a83e:30c1
2a02:6ea0:c700::4
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
3.125.70.222
3.126.202.50
3.251.21.8
3.68.148.208
34.254.143.3
34.96.102.137
34.98.64.218
35.190.16.14
35.227.248.159
35.244.174.68
35.71.131.137
37.157.2.238
37.157.3.29
37.157.5.73
46.19.11.36
51.77.65.176
51.79.83.225
52.18.235.26
52.21.234.110
52.215.32.43
52.218.26.147
52.28.9.143
52.30.114.170
52.30.140.199
54.236.81.149
54.77.170.127
65.9.63.40
65.9.78.104
69.173.144.138
76.223.111.18
77.243.60.138
85.114.159.93
88.99.213.228
91.210.226.73
03276f2f9c8e93b7e1a450189f123b6f873692974eea8eb4cdf8b02d58771607
086f48f8140b744d88a9fc6145da50432b2b901175649e3ddff1b170bf23e039
0983003c2827bd0b24985d096cb40456780a70afc96c5913bf1217529c18254b
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b09e7aaf835703eb00940131725f7b267d4649ac93de08468faf25edddc8558
0b7ca7c8dc22686e70c622236d66b6bf96af6e293e7e9bb8705c2eac25192f6b
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bbb0c157e8aad81455cc5e2d258b835053a0b404b32632adaed6a9075042bc4
101df151aa008e88d6f4e497cc3558f63d2524f788e46e3e3a109a4620aff141
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
29d9447c90e6c9c74c6d01fdec5d9d1f2890eae36e3fac469aa59ca2b5c790ca
2c3a87f9593e6086a09449e1893bf11d0f02c5aa5115513799b7d58522289c0e
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
39c9ed972792fe55ce5f8f5e08777432e9661c50aa3b48cb3105a1d6ba152bb9
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
546df519650ccd1c9afda3d5e218295ff5d32516714d7b9bd7977ea4b1fc6238
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5c6e41cab44d3fc8958df6b852e4e728360a81d7a5fc3079b36e677cc07f8edb
63ef265ba04cf38d04a6823bdd535b004b2495c8a5f761bdece6c8ee6d493759
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6ea4aa830801ed397769e676a1284ed1d5109dcd6c5d9f3979975559f1db4f1c
6eb241301c7b39a1b09cacb76003349cc4a07bb8564b6ce1f341ca901beec04d
70ee7d5f60f13582f8bef28419e848890394f5a8691b9f9ddd06ca6993a09554
743d35adf85f34d2841882d200572d89fb8ad5cb211efd6467bbfae1a1702b3f
764cf626d0cf127d45d28fdb7750cfb268f3a248b04eba79d586e76ee904b446
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8467a8357349298073591bd163beabc28e27331b03e6dc9bf7f9d2a66757bf7a
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
88b404517e2a4842e01f814886fc886e4b2a2b17faea56ec6dba01ab7a98689d
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
9b7aff6b77117ceaf1b3df0d1c2a0d34c277adda9da4c2a88ba5c8ffef1ce9d9
9c29517d31f5827419cfb4f4ff8cd13b478ec5345cfbb24e4f02072c723a87e7
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a7d9d2c6e86e736858efb0a042841eda3dc410746dc83ea71bf26a3a8088aff9
ab87e52955287d3ffa1abca259d9303ef67af9129aec71659447e64f9abf2c7f
ac68eb00478b519a51c2091c1e7740535da97a24910f32086668a09c25fde892
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2b2ad1d953b1341442dca10555ebf44343c74fa9755492be52bf521f61dab11
b481d037674c025976cb1072bcc8eb0eb84d0d56fc6cf4975a7caee62566ff9c
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb9f1d6b550b5b2468a7a0671bd30e5f702496fb2c9278e869f36349bcfc3d6e
bfa8c0136ddef0908c2d8b7cf9ab7c6874d8f8797431e03b56beaf0db470c79b
c13dadae2e9def300c7bdddb2aad15c4dc23128558e90334ddefa00fc181f47b
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cad7eef2e51ce16470118802b861ce11c0ebd67e71154ec28d8db8cb7af0a88c
cce577471c2586f3e0c2518fff84a970d33f61491fb8c629341b86f238cf07c0
cdd6a002145857bdd1a96bfcb7de008932a9a2ad1b99c0e12b820400bbcc35d8
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d03851676326a27b4fafb7d6cfd8618f866c4c9def11d9a48e7c2cc4b5a438bd
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d93982463fdbc716cf9ee90d53dc86a0cd5318bb53e3f6ea0c9be345767b3d2f
d9c424bf162a6f138653e75580c05817dcd922e263d295530294d14243f053f9
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
dfe9b2f2c929f5f9bd001231d5d48876c010638ab5b5059057ea5fb6a3639f66
e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59
e2c8e978634f01b644c437241c8c89c5cb9b21d70675694da3c4abde318c35aa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e67cbd28783acb58429b333b5f67c49fd4497b02e9e86d0f705ce8ebd07784de
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ee94251fea8b03da5d0dc6f8489a529c1a2d2a031d874b0ec61866784e3c73c3
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2e53e56c4c3f42d0f7654ddedfa5cb642a4c2a6389435c6e4ae65fbfafd9f12
fca7f08ac437136a4d8a9beab2bffa6ff7de4bfd94ad7a54a8b6eb90cbf4cd22

aroma.seedcompany.com Open in urlscan Pro 3.126.202.50 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

128 Requests

60 %HTTPS

28 %IPv6

66 Domains

80 Subdomains

58 IPs

10 Countries

4552 kBTransfer

9770 kBSize

102 Cookies

0 Outgoing links

Redirected requests

128 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

aroma.seedcompany.com Open in urlscan Pro
3.126.202.50 Public Scan

Screenshot
Live screenshot

Full Image

128
Requests

60 %
HTTPS

28 %
IPv6

66
Domains

80
Subdomains

58
IPs

10
Countries

4552 kB
Transfer

9770 kB
Size

102
Cookies

128 HTTP transactions
3 data transactions