urlscan.io logo urlscan.io
SecurityTrails logo

ezgif.com Open in urlscan Pro
2a01:4f8:251:590b::2  Public Scan

Go To Rescan Add Verdict Report
URL: https://ezgif.com/resize
Submission: On January 15 via manual from NO — Scanned from NO
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 112 IPs in 15 countries across 95 domains to perform 418 HTTP transactions. The main IP is 2a01:4f8:251:590b::2, located in Germany and belongs to HETZNER-AS, DE. The main domain is ezgif.com. The Cisco Umbrella rank of the primary domain is 149035.
TLS certificate: Issued by R3 on January 7th 2024. Valid for: 3 months.
This is the only time ezgif.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 2a01:4f8:251:... 24940 (HETZNER-AS)
3 2606:4700::68... 13335 (CLOUDFLAR...)
9 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
3 2606:4700:20:... 13335 (CLOUDFLAR...)
3 130.211.23.194 396982 (GOOGLE-CL...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 142.250.184.198 15169 (GOOGLE)
2 7 2a02:2638:3::c 44788 (ASN-CRITE...)
9 18.66.147.119 16509 (AMAZON-02)
3 3.160.179.133 16509 (AMAZON-02)
4 162.19.138.120 16276 (OVH)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 34.96.70.87 396982 (GOOGLE-CL...)
10 2a02:2638:3::3 44788 (ASN-CRITE...)
1 2600:9000:225... 16509 (AMAZON-02)
2 65.9.66.104 16509 (AMAZON-02)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 2600:9000:223... 16509 (AMAZON-02)
11 172.67.68.162 13335 (CLOUDFLAR...)
4 9 216.52.2.91 32475 (SINGLEHOP...)
5 185.86.138.32 201081 (SMARTADSE...)
11 14 37.252.171.149 29990 (ASN-APPNEX)
4 19 104.18.36.155 13335 (CLOUDFLAR...)
1 5 35.186.253.211 15169 (GOOGLE)
2 2606:4700:440... 13335 (CLOUDFLAR...)
5 18.158.135.126 16509 (AMAZON-02)
5 52.28.33.173 16509 (AMAZON-02)
2 37.157.4.29 198622 (ADFORM)
2 54.72.115.20 16509 (AMAZON-02)
2 52.59.109.187 16509 (AMAZON-02)
3 2a02:2638:3::7 44788 (ASN-CRITE...)
2 2602:803:c003... 26667 (RUBICONPR...)
2 185.64.189.112 62713 (AS-PUBMATIC)
2 5 145.40.97.67 54825 (PACKET)
2 178.128.135.204 14061 (DIGITALOC...)
1 2 34.120.107.143 396982 (GOOGLE-CL...)
2 162.19.138.119 16276 (OVH)
1 3 54.170.29.7 16509 (AMAZON-02)
1 4 193.3.178.4 399668 (E-PLANNING-)
2 3.71.149.231 16509 (AMAZON-02)
1 99.86.4.71 16509 (AMAZON-02)
2 13.32.119.77 16509 (AMAZON-02)
1 1 2607:f350:3:2... 27630 (AS-XFERNET)
2 193.3.178.3 399668 (E-PLANNING-)
15 18 18.159.21.114 16509 (AMAZON-02)
5 5 46.228.174.117 56396 (AMOBEE)
3 4 2001:678:cb4:... 56396 (AMOBEE)
3 54.154.148.20 16509 (AMAZON-02)
8 23.218.208.200 16625 (AKAMAI-AS)
4 23.205.176.78 16625 (AKAMAI-AS)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 6 34.98.64.218 396982 (GOOGLE-CL...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
3 198.47.127.19 62713 (AS-PUBMATIC)
16 52.210.15.1 16509 (AMAZON-02)
8 8 37.157.2.229 198622 (ADFORM)
5 5 54.210.237.164 14618 (AMAZON-AES)
1 5 2a05:d018:d29... 16509 (AMAZON-02)
3 3 54.145.121.220 14618 (AMAZON-AES)
2 169.197.150.8 398989 (DEEPINTENT)
2 5 208.93.169.131 46244 (WEBMD-IDC...)
5 5 164.132.25.180 16276 (OVH)
14 31 216.58.212.162 15169 (GOOGLE)
8 52.223.40.198 16509 (AMAZON-02)
2 2 124.146.153.161 2514 (INFOSPHER...)
4 4 185.184.8.90 204995 (RTB-HOUSE...)
3 3 23.212.211.47 16625 (AKAMAI-AS)
10 184.30.22.30 16625 (AKAMAI-AS)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 16 67.220.226.238 16509 (AMAZON-02)
1 3.217.158.231 14618 (AMAZON-AES)
3 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
4 69.173.144.138 26667 (RUBICONPR...)
11 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
4 159.89.25.223 14061 (DIGITALOC...)
1 1 184.30.24.22 16625 (AKAMAI-AS)
3 2a02:2638:3::6 44788 (ASN-CRITE...)
3 3 52.19.9.47 16509 (AMAZON-02)
1 1 23.212.88.20 16625 (AKAMAI-AS)
8 8 34.252.224.169 16509 (AMAZON-02)
3 52.46.155.104 16509 (AMAZON-02)
1 1 2600:9000:211... 16509 (AMAZON-02)
1 51.38.120.206 16276 (OVH)
1 1 35.214.168.80 15169 (GOOGLE)
3 2a02:fa8:8806... 41041 (VCLK-EU-SE)
2 35.158.87.169 16509 (AMAZON-02)
1 99.80.15.151 16509 (AMAZON-02)
1 34.203.113.223 14618 (AMAZON-AES)
5 13 76.223.111.18 16509 (AMAZON-02)
3 3 178.250.1.9 44788 (ASN-CRITE...)
2 2 35.210.239.72 15169 (GOOGLE)
1 52.211.238.11 16509 (AMAZON-02)
17 35.244.159.8 15169 (GOOGLE)
4 4 98.98.134.243 21859 (ZEN-ECN)
2 2 34.111.113.62 396982 (GOOGLE-CL...)
4 4 54.167.245.43 14618 (AMAZON-AES)
2 2600:1f18:ed:... 14618 (AMAZON-AES)
1 1 34.96.71.22 396982 (GOOGLE-CL...)
1 173.231.180.197 32475 (SINGLEHOP...)
2 2 35.214.147.28 15169 (GOOGLE)
1 2607:ae80:192... 26558 (FREEWHEEL)
9 216.52.2.16 30282 (AS-INAPCD...)
3 3 2620:116:800d... 16509 (AMAZON-02)
1 1 82.145.213.8 39832 (NO-OPERA)
1 1 154.59.122.79 174 (COGENT-174)
1 4 69.173.144.165 26667 (RUBICONPR...)
2 185.64.190.79 62713 (AS-PUBMATIC)
1 2 52.213.174.136 16509 (AMAZON-02)
1 2a02:2638:3::12 44788 (ASN-CRITE...)
15 2a00:1450:400... 15169 (GOOGLE)
2 2 37.157.5.84 198622 (ADFORM)
1 178.250.1.6 44788 (ASN-CRITE...)
1 2600:9000:223... 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2 2620:1ec:21::14 8068 (MICROSOFT...)
3 3 18.193.197.239 16509 (AMAZON-02)
2 2 213.155.156.166 1299 (TWELVE99 ...)
2 3 2a02:6b8::90 13238 (YANDEX)
5 2a02:2638:3::10 44788 (ASN-CRITE...)
2 2a02:2638:3::1a 44788 (ASN-CRITE...)
1 213.202.235.10 24961 (MYLOC-AS ...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a02:2638:3::9 44788 (ASN-CRITE...)
1 1 35.208.249.213 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
1 104.18.38.76 13335 (CLOUDFLAR...)
1 3 5.135.209.105 16276 (OVH)
1 1 80.77.87.161 46636 (NATCOWEB)
4 5 52.209.229.149 16509 (AMAZON-02)
1 2 34.96.105.8 396982 (GOOGLE-CL...)
2 142.250.185.66 15169 (GOOGLE)
2 2 35.158.151.55 16509 (AMAZON-02)
1 1 193.0.160.130 54312 (ROCKETFUEL)
2 2 151.101.66.49 54113 (FASTLY)
1 198.47.127.205 3257 (GTT-BACKB...)
6 8 52.72.177.11 14618 (AMAZON-AES)
1 67.202.105.21 32748 (STEADFAST)
6 3.228.139.29 14618 (AMAZON-AES)
1 1 35.186.201.99 15169 (GOOGLE)
1 1 35.204.74.118 396982 (GOOGLE-CL...)
418 112
4    2a01:4f8:251:590b::2 (Germany)

ASN24940 (HETZNER-AS, DE)
ezgif.com
3    2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
9    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    2606:4700::6812:1f31 (United States)

ASN13335 (CLOUDFLARENET, US)
stpd.cloud
1    2606:4700:10::6816:4bd8 (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
3    2606:4700:20::681a:406 (United States)

ASN13335 (CLOUDFLARENET, US)
cmp.setupcmp.com
3    130.211.23.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
2    2606:4700:20::681a:346 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
1    142.250.184.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net
ad.doubleclick.net
7    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
mug.criteo.com
9    18.66.147.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-119.fra60.r.cloudfront.net
tagan.adlightning.com
3    3.160.179.133 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-179-133.mrs52.r.cloudfront.net
c.amazon-adsystem.com
4    162.19.138.120 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533571.ip-162-19-138.eu
id5-sync.com
2    2606:4700:20::ac43:4bf1 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
2    2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
10    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    2600:9000:2250:7200:a:e047:753:a221 (United States)

ASN16509 (AMAZON-02, US)
cdn.prod.uidapi.com
2    65.9.66.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-104.fra56.r.cloudfront.net
tags.crwdcntrl.net
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
1    2600:9000:223c:4400:10:dd8:5e40:93a1 (United States)

ASN16509 (AMAZON-02, US)
connectid.analytics.yahoo.com
11    172.67.68.162 (United States)

ASN13335 (CLOUDFLARENET, US)
prebid-stag.setupad.net
9    216.52.2.91 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
5    185.86.138.32 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
14    37.252.171.149 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
secure.adnxs.com
19    104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
r.casalemedia.com
ssum.casalemedia.com
5    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
2    2606:4700:4400::6812:22b2 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
5    18.158.135.126 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-135-126.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
5    52.28.33.173 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-33-173.eu-central-1.compute.amazonaws.com
lwadm.com
2    37.157.4.29 (Denmark)

ASN198622 (ADFORM, DK)
adx.adform.net
2    54.72.115.20 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-115-20.eu-west-1.compute.amazonaws.com
hb.yellowblue.io
2    52.59.109.187 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-109-187.eu-central-1.compute.amazonaws.com
tlx.3lift.com
3    2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
2    2602:803:c003:200::91 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
2    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
5    145.40.97.67 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
2    178.128.135.204 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
rt.marphezis.com
2    34.120.107.143 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com
oajs.openx.net
2    162.19.138.119 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu
lb.eu-1-id5-sync.com
3    54.170.29.7 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-170-29-7.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
sync.crwdcntrl.net
4    193.3.178.4 (United States)

ASN399668 (E-PLANNING-, US)
PTR: ads.us.e-planning.net
ads.us.e-planning.net
sync.e-planning.net
2    3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    99.86.4.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-71.fra6.r.cloudfront.net
config.aps.amazon-adsystem.com
2    13.32.119.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-119-77.fra60.r.cloudfront.net
aax.amazon-adsystem.com
1    2607:f350:3:2569:0:10:0:c (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
2    193.3.178.3 (United States)

ASN399668 (E-PLANNING-, US)
PTR: ads.us.e-planning.net
u-ams03.e-planning.net
18    18.159.21.114 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-21-114.eu-central-1.compute.amazonaws.com
x.bidswitch.net
5    46.228.174.117 (United Kingdom)

ASN56396 (AMOBEE, GB)
sync.1rx.io
sync.targeting.unrulymedia.com
4    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
r.turn.com
3    54.154.148.20 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-148-20.eu-west-1.compute.amazonaws.com
rtb.gumgum.com
8    23.218.208.200 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-200.deploy.static.akamaitechnologies.com
ads.pubmatic.com
4    23.205.176.78 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-176-78.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
1    2606:4700:10::6816:35ad (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.hadronid.net
6    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
google-bidout-d.openx.net
us-u.openx.net
u.openx.net
eu-u.openx.net
setupad-d.openx.net
2    2606:4700:10::6816:545 (United States)

ASN13335 (CLOUDFLARENET, US)
id.hadron.ad.gt
3    198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
16    52.210.15.1 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
usersync.gumgum.com
8    37.157.2.229 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
dmp.adform.net
5    54.210.237.164 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-210-237-164.compute-1.amazonaws.com
sync.srv.stackadapt.com
5    2a05:d018:d29:3601:3295:f713:9e96:927c (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
3    54.145.121.220 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-145-121-220.compute-1.amazonaws.com
sync.ipredictive.com
2    169.197.150.8 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
5    208.93.169.131 (United States)

ASN46244 (WEBMD-IDC1-AS, US)
bh.contextweb.com
5    164.132.25.180 (France)

ASN16276 (OVH, FR)
PTR: ip180.ip-164-132-25.eu
ssbsync.smartadserver.com
ssbsync-global.smartadserver.com
31    216.58.212.162 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net
cm.g.doubleclick.net
8    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
2    124.146.153.161 (Miyado, Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
4    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
3    23.212.211.47 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-211-47.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
10    184.30.22.30 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-22-30.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    2a02:fa8:8806:21::1780 (Singapore)

ASN41041 (VCLK-EU-SE, US)
proc.ad.cpe.dotomi.com
16    67.220.226.238 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    3.217.158.231 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-217-158-231.compute-1.amazonaws.com
1x1.a-mo.net
3    2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com
1    2606:4700:10::ac43:17ea (United States)

ASN13335 (CLOUDFLARENET, US)
a.ad.gt
4    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
11    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
4    2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
4    159.89.25.223 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)
node.setupad.com
1    184.30.24.22 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-22.deploy.static.akamaitechnologies.com
hbx.media.net
3    2a02:2638:3::6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ssp-sync.criteo.com
3    52.19.9.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-9-47.eu-west-1.compute.amazonaws.com
ad.360yield.com
1    23.212.88.20 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-88-20.deploy.static.akamaitechnologies.com
cs.media.net
8    34.252.224.169 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-224-169.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
3    52.46.155.104 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    2600:9000:211e:7200:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
1    51.38.120.206 (Hessen, Germany)

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu
onetag-sys.com
1    35.214.168.80 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 80.168.214.35.bc.googleusercontent.com
trace-eu.mediago.io
3    2a02:fa8:8806:21::1690 (Singapore)

ASN41041 (VCLK-EU-SE, US)
amazon-tam-match.dotomi.com
pulsepoint-match.dotomi.com
openx2-match.dotomi.com
2    35.158.87.169 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-87-169.eu-central-1.compute.amazonaws.com
match.sharethrough.com
1    99.80.15.151 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-15-151.eu-west-1.compute.amazonaws.com
sync-amz.ads.yieldmo.com
1    34.203.113.223 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-203-113-223.compute-1.amazonaws.com
cs-server-s2s.yellowblue.io
13    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
3    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    35.210.239.72 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
PTR: 72.239.210.35.bc.googleusercontent.com
u.ipw.metadsp.co.uk
1    52.211.238.11 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-238-11.eu-west-1.compute.amazonaws.com
pbs-cs.yellowblue.io
17    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
eu-u.openx.net
u.openx.net
4    98.98.134.243 (United States)

ASN21859 (ZEN-ECN, US)
pixel-sync.sitescout.com
2    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
4    54.167.245.43 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-167-245-43.compute-1.amazonaws.com
i.liadm.com
2    2600:1f18:ed:550a:ac77:9c63:d66e:ebeb (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
i6.liadm.com
1    34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com
s.company-target.com
1    173.231.180.197 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: ams-delivery-4.sys.adgear.com
cm.adgrx.com
2    35.214.147.28 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 28.147.214.35.bc.googleusercontent.com
csync.loopme.me
1    2607:ae80:192:1::173 (United States)

ASN26558 (FREEWHEEL, US)
ads.stickyadstv.com
9    216.52.2.16 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ce.lijit.com
3    2620:116:800d:21:7eb1:3826:be7e:d981 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
1    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
1    154.59.122.79 (Schiphol, Netherlands)

ASN174 (COGENT-174, US)
ums.acuityplatform.com
4    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
pixel.rubiconproject.com
2    185.64.190.79 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
2    52.213.174.136 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-174-136.eu-west-1.compute.amazonaws.com
ads.yieldmo.com
1    2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
15    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    37.157.5.84 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
1    178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.nl3.eu.criteo.com
1    2600:9000:223c:2800:1e:a43d:b640:93a1 (United States)

ASN16509 (AMAZON-02, US)
secure-gl.imrworldwide.com
1    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
3    18.193.197.239 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-197-239.eu-central-1.compute.amazonaws.com
ads.creative-serving.com
2    213.155.156.166 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
d5p.de17a.com
3    2a02:6b8::90 (Russian Federation)

ASN13238 (YANDEX, RU)
an.yandex.ru
5    2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
imageproxy.eu.criteo.net
2    2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
1    213.202.235.10 (Düsseldorf, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
m.exactag.com
2    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a02:2638:3::9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.nl3.eu.criteo.com
1    35.208.249.213 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 213.249.208.35.bc.googleusercontent.com
trace.mediago.io
9    2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    104.18.38.76 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
3    5.135.209.105 (France)

ASN16276 (OVH, FR)
PTR: ip105.ip-5-135-209.eu
rtb-csync.smartadserver.com
1    80.77.87.161 (Clifton, United States)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
5    52.209.229.149 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-229-149.eu-west-1.compute.amazonaws.com
a.audrte.com
2    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
2    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
googleads4.g.doubleclick.net
2    35.158.151.55 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-151-55.eu-central-1.compute.amazonaws.com
rtb.mfadsrvr.com
1    193.0.160.130 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
2    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    198.47.127.205 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image2.pubmatic.com
8    52.72.177.11 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-177-11.compute-1.amazonaws.com
cookies.nextmillmedia.com
1    67.202.105.21 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: ip21.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
6    3.228.139.29 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-228-139-29.compute-1.amazonaws.com
pbs.nextmillmedia.com
1    35.186.201.99 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 99.201.186.35.bc.googleusercontent.com
dsp-ap.eskimi.com
1    35.204.74.118 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com
um.simpli.fi
Apex Domain
Subdomains		 Transfer
45 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209
ad.doubleclick.net — Cisco Umbrella Rank: 163
cm.g.doubleclick.net — Cisco Umbrella Rank: 260
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 594
250 KB
30 openx.net
rtb.openx.net — Cisco Umbrella Rank: 625
oajs.openx.net — Cisco Umbrella Rank: 1736
google-bidout-d.openx.net — Cisco Umbrella Rank: 1735
us-u.openx.net — Cisco Umbrella Rank: 524
u.openx.net — Cisco Umbrella Rank: 683
eu-u.openx.net — Cisco Umbrella Rank: 2043
setupad-d.openx.net — Cisco Umbrella Rank: 63276
5 KB
29 googlesyndication.com
0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
349 KB
25 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 314
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 591
aax.amazon-adsystem.com — Cisco Umbrella Rank: 395
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 801
s.amazon-adsystem.com — Cisco Umbrella Rank: 326
95 KB
23 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 520
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 967
eus.rubiconproject.com — Cisco Umbrella Rank: 579
token.rubiconproject.com — Cisco Umbrella Rank: 477
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2084
pixel.rubiconproject.com — Cisco Umbrella Rank: 381
64 KB
19 gumgum.com
rtb.gumgum.com — Cisco Umbrella Rank: 1478
usersync.gumgum.com — Cisco Umbrella Rank: 1988
7 KB
19 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 478
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 497
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 622
r.casalemedia.com — Cisco Umbrella Rank: 1743
ssum.casalemedia.com — Cisco Umbrella Rank: 1252
14 KB
19 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 423
mug.criteo.com — Cisco Umbrella Rank: 3123
bidder.criteo.com — Cisco Umbrella Rank: 679
ssp-sync.criteo.com — Cisco Umbrella Rank: 1424
dis.criteo.com — Cisco Umbrella Rank: 608
ads.eu.criteo.com — Cisco Umbrella Rank: 8778
cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 10462
rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 15457
63 KB
18 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 373
5 KB
18 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 671
ce.lijit.com — Cisco Umbrella Rank: 859
16 KB
17 criteo.net
static.criteo.net — Cisco Umbrella Rank: 657
imageproxy.eu.criteo.net — Cisco Umbrella Rank: 9386
csm.eu.criteo.net — Cisco Umbrella Rank: 8850
172 KB
16 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 459
ads.pubmatic.com — Cisco Umbrella Rank: 535
image6.pubmatic.com — Cisco Umbrella Rank: 805
image8.pubmatic.com — Cisco Umbrella Rank: 664
image2.pubmatic.com — Cisco Umbrella Rank: 912
47 KB
15 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 581
eb2.3lift.com — Cisco Umbrella Rank: 412
6 KB
14 nextmillmedia.com
cookies.nextmillmedia.com — Cisco Umbrella Rank: 2123
pbs.nextmillmedia.com — Cisco Umbrella Rank: 3013
6 KB
14 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 253
secure.adnxs.com — Cisco Umbrella Rank: 490
20 KB
13 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1533
ssbsync.smartadserver.com — Cisco Umbrella Rank: 742
ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 1724
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 669
11 KB
12 adform.net
adx.adform.net — Cisco Umbrella Rank: 4252
c1.adform.net — Cisco Umbrella Rank: 583
cm.adform.net — Cisco Umbrella Rank: 1147
dmp.adform.net — Cisco Umbrella Rank: 3041
6 KB
11 setupad.net
prebid-stag.setupad.net — Cisco Umbrella Rank: 41849
9 KB
9 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 336
200 KB
9 adlightning.com
tagan.adlightning.com — Cisco Umbrella Rank: 2221
238 KB
8 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 555
4 KB
8 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 357
1 KB
8 yahoo.com
connectid.analytics.yahoo.com — Cisco Umbrella Rank: 4267
ups.analytics.yahoo.com — Cisco Umbrella Rank: 358
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 495
12 KB
7 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 978
match.sharethrough.com — Cisco Umbrella Rank: 508
740 B
6 liadm.com
i.liadm.com — Cisco Umbrella Rank: 550
i6.liadm.com — Cisco Umbrella Rank: 2884
3 KB
6 e-planning.net
ads.us.e-planning.net — Cisco Umbrella Rank: 2359
u-ams03.e-planning.net — Cisco Umbrella Rank: 29983
sync.e-planning.net — Cisco Umbrella Rank: 3885
2 KB
6 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 740
1x1.a-mo.net — Cisco Umbrella Rank: 2925
1 KB
6 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 425
cdn.id5-sync.com — Cisco Umbrella Rank: 857
58 KB
5 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2054
3 KB
5 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 523
5 KB
5 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 730
2 KB
5 lwadm.com
lwadm.com — Cisco Umbrella Rank: 86750
3 KB
5 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1005
bcp.crwdcntrl.net — Cisco Umbrella Rank: 898
sync.crwdcntrl.net — Cisco Umbrella Rank: 853
25 KB
5 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 2253
creativecdn.com — Cisco Umbrella Rank: 564
4 KB
4 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 722
3 KB
4 setupad.com
node.setupad.com — Cisco Umbrella Rank: 49582
961 B
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 230
260 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 2
4 dotomi.com
proc.ad.cpe.dotomi.com — Cisco Umbrella Rank: 2790
amazon-tam-match.dotomi.com — Cisco Umbrella Rank: 5046
pulsepoint-match.dotomi.com — Cisco Umbrella Rank: 7333
openx2-match.dotomi.com — Cisco Umbrella Rank: 4009
665 B
4 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1157
106 KB
4 turn.com
ad.turn.com — Cisco Umbrella Rank: 843
r.turn.com — Cisco Umbrella Rank: 4167
2 KB
4 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 547
2 KB
4 yellowblue.io
hb.yellowblue.io — Cisco Umbrella Rank: 1945
cs-server-s2s.yellowblue.io — Cisco Umbrella Rank: 1999
pbs-cs.yellowblue.io — Cisco Umbrella Rank: 4886
2 KB
4 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1603
mp.4dex.io — Cisco Umbrella Rank: 2539
25 KB
4 btloader.com
btloader.com — Cisco Umbrella Rank: 881
api.btloader.com — Cisco Umbrella Rank: 960
19 KB
4 ezgif.com
ezgif.com — Cisco Umbrella Rank: 149035
16 KB
3 yandex.ru
an.yandex.ru — Cisco Umbrella Rank: 6258
1 KB
3 creative-serving.com
ads.creative-serving.com — Cisco Umbrella Rank: 4277
2 KB
3 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 764
1 KB
3 yieldmo.com
sync-amz.ads.yieldmo.com — Cisco Umbrella Rank: 5488
ads.yieldmo.com — Cisco Umbrella Rank: 651
2 KB
3 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 698
946 B
3 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 906
1 KB
3 ad.gt
id.hadron.ad.gt — Cisco Umbrella Rank: 1664
a.ad.gt — Cisco Umbrella Rank: 1857
5 KB
3 setupcmp.com
cmp.setupcmp.com — Cisco Umbrella Rank: 82215
33 KB
3 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 324
5 KB
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 716
622 B
2 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 1282
1 KB
2 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 1872
451 B
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 5298
647 B
2 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 349
918 B
2 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 897
568 B
2 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 501
1 KB
2 metadsp.co.uk
u.ipw.metadsp.co.uk — Cisco Umbrella Rank: 5692
395 B
2 mediago.io
trace-eu.mediago.io — Cisco Umbrella Rank: 16575
trace.mediago.io — Cisco Umbrella Rank: 1161
655 B
2 media.net
hbx.media.net — Cisco Umbrella Rank: 1257
cs.media.net — Cisco Umbrella Rank: 1236
998 B
2 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1525
1 KB
2 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1026
83 B
2 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 914
537 B
2 marphezis.com
rt.marphezis.com — Cisco Umbrella Rank: 8710
442 B
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 918
1 KB
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 856
612 B
1 eskimi.com
dsp-ap.eskimi.com — Cisco Umbrella Rank: 10689
412 B
1 33across.com
ssc-cms.33across.com — Cisco Umbrella Rank: 901
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 841
734 B
1 admanmedia.com
cs.admanmedia.com — Cisco Umbrella Rank: 973
624 B
1 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 644
2 KB
1 exactag.com
m.exactag.com — Cisco Umbrella Rank: 13028
1 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 225
5 KB
1 imrworldwide.com
secure-gl.imrworldwide.com — Cisco Umbrella Rank: 2006
704 B
1 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 1353
609 B
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 1217
519 B
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 562
654 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1563
282 B
1 company-target.com
s.company-target.com — Cisco Umbrella Rank: 1515
424 B
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 707
198 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 662
443 B
1 hadronid.net
cdn.hadronid.net — Cisco Umbrella Rank: 1798
10 KB
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1373
482 B
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 976
659 B
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 1833
8 KB
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 2948
3 KB
1 stpd.cloud
stpd.cloud — Cisco Umbrella Rank: 40785
151 KB
0 aura-dsp.com Failed
sync-dmp.aura-dsp.com Failed
0 adotmob.com Failed
sync.adotmob.com Failed
0 zemanta.com Failed
b1sync.zemanta.com Failed
418 95
Domain Requested by
31 cm.g.doubleclick.net 14 redirects rtb.gumgum.com
u.openx.net
ap.lijit.com
sync-amz.ads.yieldmo.com
0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com
googleads.g.doubleclick.net
eb2.3lift.com
18 x.bidswitch.net 15 redirects ads.us.e-planning.net
rtb.gumgum.com
eb2.3lift.com
16 aax-eu.amazon-adsystem.com 1 redirects tagan.adlightning.com
aax-eu.amazon-adsystem.com
rtb.gumgum.com
u.openx.net
ssum-sec.casalemedia.com
ap.lijit.com
sync-amz.ads.yieldmo.com
16 usersync.gumgum.com rtb.gumgum.com
15 pagead2.googlesyndication.com 0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com
tagan.adlightning.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
15 us-u.openx.net 1 redirects rtb.gumgum.com
u.openx.net
setupad-d.openx.net
ap.lijit.com
us-u.openx.net
13 eb2.3lift.com 5 redirects stpd.cloud
eb2.3lift.com
cookies.nextmillmedia.com
11 dsum-sec.casalemedia.com 2 redirects ssum-sec.casalemedia.com
googleads.g.doubleclick.net
11 tpc.googlesyndication.com tagan.adlightning.com
0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com
11 ib.adnxs.com 8 redirects stpd.cloud
eb2.3lift.com
11 prebid-stag.setupad.net stpd.cloud
ads.us.e-planning.net
ezgif.com
ssum-sec.casalemedia.com
ap.lijit.com
cookies.nextmillmedia.com
u.openx.net
10 eus.rubiconproject.com rtb.gumgum.com
eus.rubiconproject.com
aax-eu.amazon-adsystem.com
stpd.cloud
cookies.nextmillmedia.com
10 static.criteo.net securepubads.g.doubleclick.net
stpd.cloud
static.criteo.net
ads.eu.criteo.com
9 s0.2mdn.net tagan.adlightning.com
s0.2mdn.net
0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com
ezgif.com
ap.lijit.com
9 ce.lijit.com ap.lijit.com
us-u.openx.net
9 ap.lijit.com 4 redirects stpd.cloud
aax-eu.amazon-adsystem.com
cookies.nextmillmedia.com
9 tagan.adlightning.com stpd.cloud
tagan.adlightning.com
0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com
9 securepubads.g.doubleclick.net ezgif.com
securepubads.g.doubleclick.net
tagan.adlightning.com
0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com
8 cookies.nextmillmedia.com 6 redirects stpd.cloud
cookies.nextmillmedia.com
8 match.prod.bidr.io 8 redirects
8 match.adsrvr.org rtb.gumgum.com
aax-eu.amazon-adsystem.com
u.openx.net
sync-amz.ads.yieldmo.com
0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com
ssum-sec.casalemedia.com
eb2.3lift.com
8 ads.pubmatic.com ads.us.e-planning.net
rtb.gumgum.com
aax-eu.amazon-adsystem.com
stpd.cloud
ap.lijit.com
7 c1.adform.net 7 redirects
6 pbs.nextmillmedia.com cookies.nextmillmedia.com
5 a.audrte.com 4 redirects ezgif.com
5 imageproxy.eu.criteo.net ads.eu.criteo.com
5 bh.contextweb.com 2 redirects aax-eu.amazon-adsystem.com
bh.contextweb.com
5 pr-bh.ybp.yahoo.com 1 redirects rtb.gumgum.com
ssum-sec.casalemedia.com
setupad-d.openx.net
5 sync.srv.stackadapt.com 5 redirects
5 prebid.a-mo.net 2 redirects stpd.cloud
5 lwadm.com stpd.cloud
ezgif.com
5 btlr.sharethrough.com stpd.cloud
5 rtb.openx.net 1 redirects stpd.cloud
ads.us.e-planning.net
setupad-d.openx.net
5 prg.smartadserver.com stpd.cloud
4 i.liadm.com 4 redirects
4 pixel-sync.sitescout.com 4 redirects
4 eu-u.openx.net u.openx.net
us-u.openx.net
4 ssum-sec.casalemedia.com 1 redirects aax-eu.amazon-adsystem.com
ssum-sec.casalemedia.com
stpd.cloud
4 node.setupad.com stpd.cloud
4 www.googletagservices.com tagan.adlightning.com
0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com
4 www.google.com tagan.adlightning.com
0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com
4 token.rubiconproject.com eus.rubiconproject.com
4 creativecdn.com 4 redirects
4 ssbsync.smartadserver.com 4 redirects
4 secure.cdn.fastclick.net tagan.adlightning.com
secure.cdn.fastclick.net
4 sync.1rx.io 4 redirects
4 id5-sync.com stpd.cloud
cdn.id5-sync.com
4 gum.criteo.com 2 redirects tagan.adlightning.com
4 ezgif.com ezgif.com
3 rtb-csync.smartadserver.com 1 redirects ezgif.com
3 an.yandex.ru 2 redirects ezgif.com
3 pixel.rubiconproject.com 1 redirects ezgif.com
3 ads.creative-serving.com 3 redirects
3 cms.quantserve.com 3 redirects
3 dis.criteo.com 3 redirects
3 s.amazon-adsystem.com aax-eu.amazon-adsystem.com
bh.contextweb.com
ssum-sec.casalemedia.com
3 ad.360yield.com 3 redirects
3 ssp-sync.criteo.com static.criteo.net
ezgif.com
3 0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com securepubads.g.doubleclick.net
tagan.adlightning.com
3 secure-assets.rubiconproject.com 3 redirects
3 sync.ipredictive.com 3 redirects
3 secure.adnxs.com 3 redirects
3 image6.pubmatic.com ads.pubmatic.com
ezgif.com
3 rtb.gumgum.com ads.us.e-planning.net
rtb.gumgum.com
aax-eu.amazon-adsystem.com
3 ad.turn.com 3 redirects
3 bidder.criteo.com stpd.cloud
static.criteo.net
3 mug.criteo.com ezgif.com
3 c.amazon-adsystem.com stpd.cloud
c.amazon-adsystem.com
3 api.btloader.com btloader.com
3 cmp.setupcmp.com ezgif.com
cmp.setupcmp.com
3 cdn.jsdelivr.net ezgif.com
stpd.cloud
securepubads.g.doubleclick.net
2 sync-tm.everesttech.net 2 redirects
2 rtb.mfadsrvr.com 2 redirects
2 googleads4.g.doubleclick.net tagan.adlightning.com
2 tr.blismedia.com 1 redirects 0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com
2 googleads.g.doubleclick.net 0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com
tagan.adlightning.com
2 csm.eu.criteo.net ads.eu.criteo.com
2 d5p.de17a.com 2 redirects
2 px.ads.linkedin.com 1 redirects eb2.3lift.com
2 cm.adform.net 2 redirects
2 ads.yieldmo.com 1 redirects sync-amz.ads.yieldmo.com
2 image8.pubmatic.com sync-amz.ads.yieldmo.com
cookies.nextmillmedia.com
2 csync.loopme.me 2 redirects
2 i6.liadm.com ssum-sec.casalemedia.com
2 pixel.tapad.com 2 redirects
2 u.ipw.metadsp.co.uk 2 redirects
2 match.sharethrough.com aax-eu.amazon-adsystem.com
0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com
2 u.openx.net aax-eu.amazon-adsystem.com
stpd.cloud
2 tg.socdm.com 2 redirects
2 match.deepintent.com rtb.gumgum.com
2 id.hadron.ad.gt cdn.hadronid.net
2 sync.e-planning.net ads.us.e-planning.net
rtb.gumgum.com
2 u-ams03.e-planning.net ads.us.e-planning.net
2 aax.amazon-adsystem.com c.amazon-adsystem.com
2 ups.analytics.yahoo.com connectid.analytics.yahoo.com
aax-eu.amazon-adsystem.com
2 ads.us.e-planning.net 1 redirects stpd.cloud
2 bcp.crwdcntrl.net tags.crwdcntrl.net
2 lb.eu-1-id5-sync.com stpd.cloud
cdn.id5-sync.com
2 oajs.openx.net 1 redirects ezgif.com
2 rt.marphezis.com stpd.cloud
2 hbopenbid.pubmatic.com stpd.cloud
2 fastlane.rubiconproject.com stpd.cloud
2 tlx.3lift.com stpd.cloud
2 hb.yellowblue.io stpd.cloud
2 adx.adform.net stpd.cloud
2 mp.4dex.io stpd.cloud
2 htlb.casalemedia.com stpd.cloud
2 tags.crwdcntrl.net securepubads.g.doubleclick.net
tagan.adlightning.com
2 cdn.id5-sync.com securepubads.g.doubleclick.net
tagan.adlightning.com
2 script.4dex.io stpd.cloud
script.4dex.io
2 ad-delivery.net ezgif.com
1 um.simpli.fi 1 redirects
1 dsp-ap.eskimi.com 1 redirects
1 ssum.casalemedia.com 1 redirects
1 ssc-cms.33across.com cookies.nextmillmedia.com
1 openx2-match.dotomi.com us-u.openx.net
1 image2.pubmatic.com us-u.openx.net
1 p.rfihub.com 1 redirects
1 dmp.adform.net 1 redirects
1 cs.admanmedia.com 1 redirects
1 js-sec.indexww.com stpd.cloud
1 setupad-d.openx.net stpd.cloud
1 r.casalemedia.com ssum-sec.casalemedia.com
1 trace.mediago.io 1 redirects
1 rtb.nl3.eu.criteo.com 0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com
1 m.exactag.com 0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com
1 r.turn.com 0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com
1 cdnjs.cloudflare.com ads.eu.criteo.com
1 secure-gl.imrworldwide.com ads.eu.criteo.com
1 cat.nl3.eu.criteo.com ads.eu.criteo.com
1 ads.eu.criteo.com 0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com
1 pixel-eu.rubiconproject.com sync-amz.ads.yieldmo.com
1 ums.acuityplatform.com 1 redirects
1 t.adx.opera.com 1 redirects
1 ads.stickyadstv.com ssum-sec.casalemedia.com
1 cm.adgrx.com ssum-sec.casalemedia.com
1 s.company-target.com 1 redirects
1 sync.crwdcntrl.net 1 redirects
1 pulsepoint-match.dotomi.com bh.contextweb.com
1 pbs-cs.yellowblue.io stpd.cloud
1 cs-server-s2s.yellowblue.io aax-eu.amazon-adsystem.com
1 sync-amz.ads.yieldmo.com aax-eu.amazon-adsystem.com
1 amazon-tam-match.dotomi.com aax-eu.amazon-adsystem.com
1 trace-eu.mediago.io 1 redirects
1 onetag-sys.com aax-eu.amazon-adsystem.com
1 s.ad.smaato.net 1 redirects
1 cs.media.net 1 redirects
1 hbx.media.net 1 redirects
1 ssbsync-global.smartadserver.com 1 redirects
1 a.ad.gt tagan.adlightning.com
1 1x1.a-mo.net ezgif.com
1 proc.ad.cpe.dotomi.com secure.cdn.fastclick.net
1 google-bidout-d.openx.net tagan.adlightning.com
1 cdn.hadronid.net ezgif.com
1 sync.targeting.unrulymedia.com 1 redirects
1 sync.go.sonobi.com 1 redirects
1 config.aps.amazon-adsystem.com tagan.adlightning.com
1 connectid.analytics.yahoo.com securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 ad.doubleclick.net ezgif.com
1 btloader.com ezgif.com
1 stpd.cloud ezgif.com
0 sync-dmp.aura-dsp.com Failed 0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com
0 sync.adotmob.com Failed ezgif.com
0 b1sync.zemanta.com Failed rtb.gumgum.com
aax-eu.amazon-adsystem.com
0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com
418 167

This site contains no links.

Subject Issuer Validity Valid
ezgif.com
R3		 2024-01-07 -
2024-04-06		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
stpd.cloud
E1		 2024-01-10 -
2024-04-09		 3 months crt.sh
btloader.com
GTS CA 1P5		 2023-12-17 -
2024-03-16		 3 months crt.sh
setupcmp.com
GTS CA 1P5		 2023-12-26 -
2024-03-25		 3 months crt.sh
api.btloader.com
GTS CA 1D4		 2023-12-08 -
2024-03-07		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
*.adlightning.com
Amazon RSA 2048 M01		 2023-07-08 -
2024-08-05		 a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
*.id5-sync.com
R3		 2024-01-01 -
2024-03-31		 3 months crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2023-10-23 -
2024-10-22		 a year crt.sh
invstatic101.creativecdn.com
GTS CA 1D4		 2023-12-23 -
2024-03-22		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-15 -
2024-03-10		 3 months crt.sh
cdn.prod.uidapi.com
R3		 2023-11-02 -
2024-01-31		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-11-24 -
2024-02-22		 3 months crt.sh
connectid.analytics.yahoo.com
GlobalSign ECC OV SSL CA 2018		 2024-01-09 -
2024-07-04		 6 months crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
lwadm.com
Amazon RSA 2048 M03		 2023-12-22 -
2025-01-19		 a year crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-06 -
2024-09-19		 a year crt.sh
*.yellowblue.io
Amazon ECDSA 256 M02		 2023-04-19 -
2024-05-17		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
*.a-mo.net
R3		 2024-01-06 -
2024-04-05		 3 months crt.sh
*.marphezis.com
Sectigo RSA Domain Validation Secure Server CA		 2023-12-12 -
2025-01-10		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2024-01-01 -
2024-03-31		 3 months crt.sh
ads.us.e-planning.net
R3		 2023-11-29 -
2024-02-27		 3 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-12-26 -
2024-06-19		 6 months crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2023-02-20 -
2024-03-20		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
ie-ad-exch-prd-one-eks.prd.eks.ie.adexchange.gumgum.com
Amazon RSA 2048 M01		 2023-07-17 -
2024-08-14		 a year crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-03 -
2024-10-03		 a year crt.sh
hadronid.net
GTS CA 1P5		 2023-12-03 -
2024-03-02		 3 months crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2024-01-10 -
2024-06-26		 6 months crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2023-12-01 -
2025-01-01		 a year crt.sh
*.e-planning.net
R3		 2023-11-29 -
2024-02-27		 3 months crt.sh
*.ad-server.k8s.ie.ggops.com
Amazon RSA 2048 M02		 2023-12-18 -
2025-01-16		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2023-06-09 -
2024-07-10		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2024-01-13 -
2024-12-22		 a year crt.sh
a.ad.gt
E1		 2023-12-12 -
2024-03-11		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
node.setupad.com
R3		 2023-12-24 -
2024-03-23		 3 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2023-08-15 -
2024-09-15		 a year crt.sh
*.ads.yieldmo.com
Amazon RSA 2048 M01		 2023-04-04 -
2024-05-02		 a year crt.sh
*.contextweb.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-10 -
2024-05-09		 a year crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2024-01-01 -
2024-12-21		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-03 -
2024-03-31		 a year crt.sh
*.ads.stickyadstv.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-04-19 -
2024-05-19		 a year crt.sh
*.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
*.nl3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-03 -
2024-02-28		 3 months crt.sh
*.imrworldwide.com
GlobalSign RSA OV SSL CA 2018		 2024-01-02 -
2025-02-02		 a year crt.sh
*.eu.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-27 -
2024-03-21		 3 months crt.sh
*.exactag.com
Sectigo RSA Organization Validation Secure Server CA		 2023-04-03 -
2024-05-03		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
tr.blismedia.com
GTS CA 1D4		 2023-12-02 -
2024-03-01		 3 months crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2023-11-03 -
2024-05-03		 6 months crt.sh
cookies.nextmillmedia.com
Amazon RSA 2048 M02		 2023-06-13 -
2024-07-11		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-09-30		 a year crt.sh
pbs.nextmillmedia.com
Amazon RSA 2048 M01		 2023-06-13 -
2024-07-12		 a year crt.sh

This page contains 77 frames:

Primary Page: https://ezgif.com/resize
Frame ID: 2C897632472641E3BBB864134223FEF8
Requests: 128 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=ezgif.com&gdpr=0&gdpr_consent=
Frame ID: D16F4D43AD09CFF5B56D304443D4021A
Requests: 2 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Frame ID: EC4E9BFA4BDCE621010B73D834878822
Requests: 6 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D64997698ad5b31b1%26uid%3D
Frame ID: 7A2F785B3207E8254C4D3C7974D40210
Requests: 12 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D64997698ad5b31b1%26uid%3D
Frame ID: A7818F5999BF2E0C5A4A48AA0D31744F
Requests: 2 HTTP requests in this frame

Frame: https://prebid-stag.setupad.net/setuid?bidder=eplanning&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&f=b&uid=AGBpJE%2fUlC%2fuyZTt
Frame ID: 59CE26174C94BF2B97433C09D2FA508C
Requests: 1 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 1D114533C126CB32C60F827049859ED3
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=adf&i=115044796224764342&gdpr=&gdpr_consent=
Frame ID: 66B3CA0F687BE81FB2A8D407D4F22FC8
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8yZTZiNTE5NS03MzM2LTQ1NzItODM5YS1iN2ZjNWM3MWM3OTg=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv&google_tc=
Frame ID: 488EBD534B2331B1FA416924582867A2
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Frame ID: 78193C3FB0A512BE53598490B8EFD31D
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
Frame ID: A61E546CB27C634A1E2C6AF603A1C633
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZaVx-sCo8YQAAAw9fLgAAAAA
Frame ID: CB70055CFF18822880C9778CD387CC63
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=Hd2gM0OmKNOMuaQbiBEGjJDBp-VOmEcMMfds83BESbI&pi=gumgum&tc=1
Frame ID: 5712832051B15A766C05697493613B12
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 50752A04B7C03F3AC57EB804D8FCE0BD
Requests: 3 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-index_rx_n-Azerion_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_n-smaato_n-sharethrough_n-onetag_pm-db5_ym_rbd_ppt_n-vmg_n-baidu_sovrn_n-Rise_3lift_n-Outbrain&dcc=t
Frame ID: 856312FB7848640A5D27FA4AF656C157
Requests: 1 HTTP requests in this frame

Frame: https://0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0102245A92E43818B30841FAB975D2E1
Requests: 1 HTTP requests in this frame

Frame: https://tagan.adlightning.com/setupad/b-935e2f1-22fd8186.js
Frame ID: 711E48A2A7B3098279FB152BB6C14551
Requests: 9 HTTP requests in this frame

Frame: https://0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A12CAE0E03B1AD17B279A4D35430CCA3
Requests: 12 HTTP requests in this frame

Frame: https://tagan.adlightning.com/setupad/b-935e2f1-22fd8186.js
Frame ID: 54FD45462154E16FF7BE03C1C0E307A4
Requests: 9 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_rx_n-Azerion_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_n-smaato_n-sharethrough_n-onetag_pm-db5_ym_rbd_ppt_n-vmg_n-baidu_sovrn_n-Rise_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Frame ID: 3D6C2AE9535DF60EE819BCC8998E9DC8
Requests: 9 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Frame ID: A86BE0123B43BB544041A6D33AC5D83E
Requests: 11 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fgdpr%3D0%26ex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
Frame ID: 31F4AEFDECFE190924E1CB20093F26D4
Requests: 10 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Frame ID: 2A43EED1DDDCBA5F5324C5CE9901D163
Requests: 7 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smart.com&id=1632441555638621583&gdpr=0&gdpr_consent=
Frame ID: D6DCAFA695B031720C2D265080F54A3E
Requests: 1 HTTP requests in this frame

Frame: https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D&gdpr=0
Frame ID: 11B53D669AF744D797F1DAB5ECEFA93D
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Frame ID: E0CE6B41FF4EA71C46EA1E8BE51EB880
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Frame ID: A724FA2BFD496709CBABC8637363E386
Requests: 1 HTTP requests in this frame

Frame: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Frame ID: 50DD7F8108BA9468554060BEA82B2E55
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu&gdpr=0
Frame ID: AC76BB43627AB8DDF09BC6BD99399125
Requests: 3 HTTP requests in this frame

Frame: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint
Frame ID: 12E08E4BBB89B1E2A3273501AFD89C69
Requests: 5 HTTP requests in this frame

Frame: https://ups.analytics.yahoo.com/ups/58252/sync?redir=true&gdpr=0
Frame ID: 53687A4F48EE04EB916D524C5FE4500B
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0
Frame ID: 82CF8A0D6B5401946B2C0E609EDBCFAE
Requests: 7 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D&gdpr=0
Frame ID: 16989FF06AEBF0181179A802C8D4E3CB
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=1848106323789703712951
Frame ID: 161E23754657866410847BC59420D6CB
Requests: 1 HTTP requests in this frame

Frame: https://pbs-cs.yellowblue.io/pbs-iframe?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Drise%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%5BPBS_UID%5D
Frame ID: 3C3566EEDFA1C9D2999CE76D2B6A7F94
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=adf&i=1325312571758247641&gdpr=0&gdpr_consent=
Frame ID: D70BCE98C0F87D510BF65BDF53819101
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8yZTZiNTE5NS03MzM2LTQ1NzItODM5YS1iN2ZjNWM3MWM3OTg=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: 58276571F171A3272EDB46AB6FF9732A
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 8D5E26B590E69E94E9D263C8ABA889C9
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Frame ID: 5EB09B38D4458C3E5AFA76468BFB47BE
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZaVx-8Co8YQAAAw9fNEAAAAA
Frame ID: 77C7295E4804BBBB5DCF84660E5C3CB6
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=Hd2gM0OmKNOMuaQbiBEGjJDBp-VOmEcMMfds83BESbI&pi=gumgum
Frame ID: BD53035E88BCD13D5FE832502AA9810A
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 588971B83D482A0B863D3E06D7117AAA
Requests: 3 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaVx_QAM3gMIu8YTAAK5n1Jn4cTJg96n9YTRYA&u=%7CTquV4ic3XspJRcMBC18oi3VS3vzCcSGKb%2BXvjALF6B0%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oU-fBZNObj24EfUS2J5cBE6K6feSLM5sOg8eYxw9f09-pJvs8iAwk--40Ni-7U0wFOhRRorZm7rwbq-1BhyldvAUaMKmWpeg7BEC81sFoXEDv_CpHgITpGSmVW4wUZ7_d5iM_0_9FG9hEnuzwCNAhcCHViEm1TaE4De32f-czP12HrT1dpvIBqPJ7ogeO8HFuFdRPoL5Dx16DTXTDSlTVfRnXsp7ShiAQHUkK0uXZ_3UNfrfQGf-1-0S5e_Lxtq-OqkY3gfDGji2ur4TDH3WGi42SkSliocRdHnmRLCrtMuL14FrugeRBvmDd512Ekr2A9XL2MDUGDm_YHrrCIs69FyFhbB49C-6ptH5ucz9SIFeWjKTBhr36Sg6XJBOuZq40_DKYN3-r8rc6gZ_jfk5n6lC2Vc-jfa2psHppJvLPZ2f-WUJQu_BFSoOvyEDnIzat4a5b2aO8G90ZeNqXieZV4OSJpkaUPzBA6_ZIQo0PWK6IXIG5Qp-hOSmNWrncr1XYkdhC_g7P51N4q6wdRkmbzr4w8edmA6RMoQg17zPEGUslVXEKMEthvMHU9rzI8TpzLn4UPxMArU2z_S6xI34y-AgDp5kPCQcTtnb-_YftOrq122Whi39l3HSdQT6NQotk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvr_J_XGlZYO8M5OM7_UPn_OK2APJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItNzM4MzE3MTgzMDYxNDIxNsgBCakCrAbXlFhbsj7gAgCoAwHIAwKqBJcCT9B7FJxE68svv4iMEe3JOZjFs57Rid5Nr5TcMI5VlzFYNvKqiH2rp27pPsnEtGIA2M9Ngz2-GuL8H5YJUo_a18bkmXbDvIQHBrlxaysgG8XU3BSZK7ZdwLY66nlG5WhcZtCgRYfGZLgbi3fgP_pLaex0NDPEzRo56wtfowLlvHLUOOvTi81EQqW5a0lgsGc1iZMhBcpUKx1yfE4T7RuEnLWwhpoWhI4U6S3S8nAbKgXnZrX-mJjK0XJe_RT2WJVz2QQnhD1yUeEk6lYsAQqItuqnb33cj0CNQsJK0tIHOOsUYfX_A2_HmVRJVc6zjerZQlSlONYq9OOCMdXEl8Fyuc6OkZDU5taDD9D3VJ4SWzsZVczNQdeu4AQBgAa3zazTroKSq-8BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WPv5-fT734MD8ggbYWR4LXN1YnN5bi0xMzk0NTAxMTA4NzkyOTkz-gsCCAGADAHiDRMIs9369PvfgwMVE8a7CB2fuQI70BUBgBcB%26num%3D1%26sig%3DAOD64_1zx-MDGZs1CVqeNypZzAmcmy3Dmg%26client%3Dca-pub-7383171830614216%26adurl%3D
Frame ID: A5F0CA540D3B7F47EAC7D8822BB63ADC
Requests: 18 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E3AA5AF3CDA3D6B1BBD91A8E427D2727
Requests: 9 HTTP requests in this frame

Frame: https://0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 22CA517ED1DEBD6E52A43742BE32DAAC
Requests: 22 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Frame ID: A058751F9F6B4AFF074C958589D4F586
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM_cnJQCEOXw25gCGKfPhN4BMAE&v=APEucNX2s44RPyxGEIx95mbHpXjc6B2zgBnaxWBlcmjsn8ILWFWIR2B1Op_-t1X2LC3ZfQpvpOQHuyEUMvJCc5YP7aVyioAMgDJvjb-el_Nms9aoFYstpMU
Frame ID: 18152FD1BAD490A57005104449749D1F
Requests: 4 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Frame ID: C1B232FE84463F123BC6038680553A0A
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: FA9F92D46E0710F5DE1287D2CFC304B7
Requests: 9 HTTP requests in this frame

Frame: https://setupad-d.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Frame ID: 0F01C62193A20225A505B77D59B3C51B
Requests: 7 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 75456D8404A0809972DC5388D44A7585
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=0
Frame ID: C5C9A84F11634CD19C60E9C261AB2E59
Requests: 2 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Frame ID: F6D26BE76A0D90961EA8F1AF922B7C69
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191&gdpr=0&gdpr_consent=
Frame ID: 99A25FB90D23F9B58044D3F464A8F672
Requests: 2 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 5EA736AB2FE8154197E1D688898CC259
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 4F1D86731F5F5AF3127F68412FCF609F
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/16718324088024970577/roller-kwxx-728x90/index.html?ev=01_250
Frame ID: 4C0CF12B84B3AE1A3237ABBCED29CA45
Requests: 7 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Frame ID: BDDA8F3E01D778B7A047D3608C472671
Requests: 11 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon/prebid-server/?gdpr=0&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Frame ID: 3D7551DFC8DB0F6AE54FC136110205E4
Requests: 9 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Frame ID: 9D69435DFEFDE586053D130EEA8075D5
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Frame ID: 553F814113ED9B0E2A90ED3AF34111E0
Requests: 1 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Frame ID: E18A8B53A5CA0A4E19FBFFA5E3864FCE
Requests: 8 HTTP requests in this frame

Frame: https://cookies.nextmillmedia.com/sync?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dnextmillennium%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%5BNMUID%5D
Frame ID: A26B5DAA41ECB0E0D0114682A4BB8EEC
Requests: 1 HTTP requests in this frame

Frame: https://prebid-stag.setupad.net/setuid?bidder=nextmillennium&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&f=b&uid=
Frame ID: 986522B683A0489458E1DA00BA4DD635
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26nmuid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uid%3D33XUSERID33X&id=zzz000000000002zzz
Frame ID: F319F3EBCD10101EDA8FC531DC799184
Requests: 1 HTTP requests in this frame

Frame: https://cookies.nextmillmedia.com/setuid?bidder=amx&nmuid=&gdpr=0&gdpr_consent=&us_privacy=&uid=&gpp_sid=%7B%7B.GPPSID%7D%7D&gpp=%7B%7B.GPP%7D%7D
Frame ID: 1C04C918E1CA252FB170134D30D8F600
Requests: 1 HTTP requests in this frame

Frame: https://pbs.nextmillmedia.com/setuid?bidder=appnexus&uid=5498199044226996140
Frame ID: 3E71989C0B3DB80B7A0AE25A285A4E8C
Requests: 1 HTTP requests in this frame

Frame: https://pbs.nextmillmedia.com/setuid?bidder=grid&uid=125f1bfd-f835-444f-aebb-fe39c951329f
Frame ID: 1AFF6C2BA0479DD8F71644A763098ACE
Requests: 1 HTTP requests in this frame

Frame: https://pbs.nextmillmedia.com/setuid?bidder=ix&uid=ZaVx-rC1Re9XqL1WAOmzmwAA&4418
Frame ID: 800783C31C274DF489B119FCC2415A3C
Requests: 1 HTTP requests in this frame

Frame: https://pbs.nextmillmedia.com/setuid?bidder=loopme&uid=2d50a1a0-9f9e-4e06-810d-450430d1ce7c
Frame ID: 5A1D81914996D739EDFE4257982F36EC
Requests: 1 HTTP requests in this frame

Frame: https://pbs.nextmillmedia.com/setuid?bidder=openx&uid=2f78b951-b93d-4f43-ab6c-034930ae719f
Frame ID: 438F0E30175A0921A2355FE71A531F3A
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?p=157577&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dpubmatic%26nmuid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%23PMUID
Frame ID: A7955ED89FC1A1FA6A6A51B8CDB0D1EE
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17888&endpoint=us-east&nmuid=
Frame ID: 590BEC961C17E61A743BFAA7460091FF
Requests: 3 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?redir=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dsovrn%26nmuid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID
Frame ID: BFE869D2A38C7B3FC904F8DDE1B2B5FA
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=&gpp={{.GPP}}&gpp_sid={{.GPPSID}}&redir=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dtriplelift%26nmuid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID
Frame ID: 0CC8A49C1EFE8AC8B709D9B62F85E293
Requests: 1 HTTP requests in this frame

Frame: https://pbs.nextmillmedia.com/setuid?bidder=yieldmo&uid=VEpIiaa11SaoKNVWkSDn
Frame ID: F3E3A0078E751EAFA453CF4C2CA653BA
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Frame ID: 7AD6FFAF69A352B009BF0770BF0F3EF6
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Resize animated GIF

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • https?://an\.yandex\.ru/
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

418
Requests

75 %
HTTPS

30 %
IPv6

95
Domains

167
Subdomains

112
IPs

15
Countries

2316 kB
Transfer

5983 kB
Size

141
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fezgif.com%2F&domain=ezgif.com&cw=1&lsw=1&gdpr=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=qaJs9nxTOXM0SlhWQ25Zb1R1L2krdHBBQkVLQ25aZisxMTJlcm0welRzd2ZKUXUzMlZiTG5mUDhUSEw2YjZiYUI5dXZEbDNYcW83aXJzVUUzUWpMb3dzVGZwcWRCdVBXS2xzeVdIWDNmTTJSZ2RsYWo5RVB5dFhGaVloNitZU2FWMGg5NDg5eHlDbm9wUXg4bGtFVTBYMWxnQy9NVDZnazhWZGlDSW5oL1VaWFRqaGdydXdpZmNQdld3Y2RhWEFsNXRVN1h3ODIrSmdoY0hVUXh0NHRCUnRVdVJaWGgybHBDQlRBeHZUR1MyWlBENldNPXw&cppv=2
Request Chain 58
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fezgif.com%2Fresize&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fezgif.com%2Fresize&rid=esp&cc=1
Request Chain 64
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID HTTP 302
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Request Chain 72
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=ezgif.com&sn=ChromeSyncframe&so=0&topUrl=ezgif.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=o8TwSXxESkZ5UkYrMHdsQXZROWROdTBkREhDeWgra1N4SWxJN05ZUUpmM29sNS8vdkQxemJxWGlFRTNTTVFKQlNSVytUWWpNeU8xb21FVWRYTmhsVmZtdU5UZ1hzYXdrcFo3TFRNSGxPa29xazFvMko2REVjVzVESFVid040NGt4SUhPaXYzTDQ5Q2NXQms0QnNMK3JqWGJKS1drYVQ5ZnIzck1QZklYSk84cm5rcVdJZVg4ZkNFZDRDL1hYUGpUa055VjNwQ1NHS2wyL3RVUGp5bjczRlRFdWxsa1RXTjhNdmsrR1dKWlNZazRhdlNtNng4RG9SSWQ3OWRRWFQ0ODV3M0FMR0djVGh0R2hUUWpzbDNZOXdlVFpydz09fA&cppv=2
Request Chain 74
  • https://sync.go.sonobi.com/us?loc=%0A%0Ahttps%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De52415579699e09f%26fi%3D64997698ad5b31b1%26uid%3D%5BUID%5D HTTP 302
  • https://u-ams03.e-planning.net/um?dc=e52415579699e09f&fi=64997698ad5b31b1&uid=4cc43bb9-d7a1-4440-ab6b-aa41b31e8b82
Request Chain 76
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D64997698ad5b31b1%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fu-ams03.e-planning.net%252Fum%253Fdc%253D8103fa85295fbe60%2526fi%253D64997698ad5b31b1%2526uid%253D%2524UID HTTP 302
  • https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=64997698ad5b31b1&uid=5498199044226996140
Request Chain 77
  • https://x.bidswitch.net/sync?ssp=eplanning HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=eplanning
Request Chain 78
  • https://sync.1rx.io/usersync2/rmpssp?sub=eplanning HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=eplanning&zcc=1&cb=1705341437344 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=7860152623 HTTP 302
  • https://sync.1rx.io/usersync/turn/3897694967927432154?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-6e6f60e8-35a0-40b1-a582-c5da107844cb-003?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3DRX-6e6f60e8-35a0-40b1-a582-c5da107844cb-003%26dc%3Dfc741bbdfeedcd57%26iss%3D1 HTTP 302
  • https://sync.e-planning.net/um?uid=RX-6e6f60e8-35a0-40b1-a582-c5da107844cb-003&dc=fc741bbdfeedcd57&iss=1
Request Chain 92
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=5498199044226996140
Request Chain 93
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_2e6b5195-7336-4572-839a-b7fc5c71c798&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_2e6b5195-7336-4572-839a-b7fc5c71c798&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=gumgum2 HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=gumgum2 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=1325312571758247641&ssp=gumgum2 HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=125f1bfd-f835-444f-aebb-fe39c951329f&gdpr=&gdpr_consent=&us_privacy=
Request Chain 95
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-50c15911-bbf9-595b-7808-0521a737c370$ip$178.255.148.165
Request Chain 97
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=a49e1b87-15a1-4300-80a6-42101368b95b
Request Chain 100
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&us_privacy=${us_privacy}&gpp=$&gpp_sid=$&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://rtb.gumgum.com/usersync?b=pln&i=nexbIDoOEifh&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
Request Chain 101
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=1632441555638621583
Request Chain 103
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=adf&i=115044796224764342&gdpr=&gdpr_consent=
Request Chain 104
  • https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8yZTZiNTE5NS03MzM2LTQ1NzItODM5YS1iN2ZjNWM3MWM3OTg=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8yZTZiNTE5NS03MzM2LTQ1NzItODM5YS1iN2ZjNWM3MWM3OTg=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv&google_tc=
Request Chain 107
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZaVx-sCo8YQAAAw9fLgAAAAA
Request Chain 108
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=Hd2gM0OmKNOMuaQbiBEGjJDBp-VOmEcMMfds83BESbI&pi=gumgum&tc=1
Request Chain 109
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 112
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-index_rx_n-Azerion_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_n-smaato_n-sharethrough_n-onetag_pm-db5_ym_rbd_ppt_n-vmg_n-baidu_sovrn_n-Rise_3lift_n-Outbrain HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-index_rx_n-Azerion_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_n-smaato_n-sharethrough_n-onetag_pm-db5_ym_rbd_ppt_n-vmg_n-baidu_sovrn_n-Rise_3lift_n-Outbrain&dcc=t
Request Chain 121
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dsmartadserver%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%5Bssb_sync_pid%5D HTTP 302
  • https://prebid-stag.setupad.net/setuid?bidder=smartadserver&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=1632441555638621583
Request Chain 156
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dmedianet%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%3Cvsid%3E HTTP 302
  • https://prebid-stag.setupad.net/setuid?bidder=medianet&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=0000EEA
Request Chain 168
  • https://sync.1rx.io/usersync2/rmpssp?sub=amazon&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=536513027
Request Chain 169
  • https://ad.360yield.com/server_match?callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dazerion.com%26id%3D%7BPUB_USER_ID%7D&gdpr=0 HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dazerion.com%26id%3D%7BPUB_USER_ID%7D&gdpr=0 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=azerion.com&id=fc2aff31-9c4a-4e3f-a561-5b4152c50304&gdpr=0
Request Chain 170
  • https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E&gdpr=0 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=media.net&id=3483430399418141000V10
Request Chain 171
  • https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID&gdpr=0 HTTP 303
  • https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID&gdpr=0&_bee_ppp=1 HTTP 303
  • https://s.amazon-adsystem.com/ecm3?id=AAGhc07LSuQAABQZpZ2XaQ&ex=beeswax.com
Request Chain 172
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com/s%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smaato.com&id=9c2c41f135
Request Chain 174
  • https://trace-eu.mediago.io/ju/cs/amazon?callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dbaidu.com%26id%3D%24UID&gdpr=0 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=baidu.com&id=acc8ce73d6e9cdf52605c500lrf89fsl
Request Chain 179
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fgdpr%3D0%26ex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
Request Chain 181
  • https://ssbsync.smartadserver.com/api/sync?callerId=2&gdpr=0 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smart.com&id=1632441555638621583&gdpr=0&gdpr_consent=
Request Chain 193
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID&gdpr=0 HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=1848106323789703712951
Request Chain 195
  • https://match.prod.bidr.io/cookie-sync/cri?r=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fmatch%3fp%3dMDx_zl9iSmhVb2dSUW5tVndRUCUyQlplMGw3TFY4TlBCbUltcHBpWFpQeUJoUUg2VnMlM0Q%26u%3d%24%7bUSER_ID%7d&gdpr=&consent=&us_privacy= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/cri?r=https%3A%2F%2Fssp-sync.criteo.com%2Fuser-sync%2Fmatch%3Fp%3DMDx_zl9iSmhVb2dSUW5tVndRUCUyQlplMGw3TFY4TlBCbUltcHBpWFpQeUJoUUg2VnMlM0Q%26u%3D%24%7BUSER_ID%7D&gdpr=&consent=&us_privacy=&_bee_ppp=1 HTTP 303
  • https://ssp-sync.criteo.com/user-sync/match?p=MDx_zl9iSmhVb2dSUW5tVndRUCUyQlplMGw3TFY4TlBCbUltcHBpWFpQeUJoUUg2VnMlM0Q&u=AAH-j07LSuQAABQbEM-x0Q
Request Chain 196
  • https://x.bidswitch.net/sync?ssp=criteo&custom_data=vtZN8l9HdWxsMUhncmJJdjN0M3lmSWxZTHNzUzBTaEU1V1lTRDQ5dEw5dkFzYXJZJTNE&gdpr=&gdpr_consent=&us_privacy=&cr_user_id=k-FUvD8RJJoTvOdMea8IxhIqUfuSFx3F9Ib76i_w HTTP 302
  • https://dis.criteo.com/dis/usersync.aspx?r=25&p=52&dis=0&gdpr=&gdpr_consent=&url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D462%26ssp%3Dcriteo%26user_id%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=462&ssp=criteo&user_id=k-FUvD8RJJoTvOdMea8IxhIqUfuSFx3F9Ib76i_w&gdpr=&gdpr_consent= HTTP 302
  • https://ssp-sync.criteo.com/user-sync/match?p=vtZN8l9HdWxsMUhncmJJdjN0M3lmSWxZTHNzUzBTaEU1V1lTRDQ5dEw5dkFzYXJZJTNE&u=125f1bfd-f835-444f-aebb-fe39c951329f
Request Chain 197
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=5498199044226996140
Request Chain 198
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_2e6b5195-7336-4572-839a-b7fc5c71c798&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_user_id=${BSW_USER_UD}&bsw_param=125f1bfd-f835-444f-aebb-fe39c951329f&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=&user_group=0&user_id=&ssp=gumgum2&bsw_param=125f1bfd-f835-444f-aebb-fe39c951329f
Request Chain 199
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=e19b92ee-28b7-44fc-a79b-d3b179a5b254
Request Chain 200
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-50c15911-bbf9-595b-7808-0521a737c370$ip$178.255.148.165
Request Chain 202
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=a49e1b87-15a1-4300-80a6-42101368b95b
Request Chain 205
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=1632441555638621583
Request Chain 209
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1325312571758247641
Request Chain 213
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDg7gcsNh6QPwV0etCYe9Ms&google_cver=1
Request Chain 215
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=d0ExQmxTZ0lQZ193c1BvbG9NX1NfQQ&gdpr=0&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESENi3ZF0H_kRYrFL2Zvy_hkA&google_cver=1
Request Chain 217
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=95&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=95&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=643f45c5-3ac6-4200-bac6-117cfb4e4b15-65a571ff-4e4f&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D643f45c5-3ac6-4200-bac6-117cfb4e4b15-65a571ff-4e4f%26partner_url%3Dhttps%253A%252F%252Fbh.contextweb.com%252Fbh%252Frtset%253Fdo%253Dadd%2526pid%253D543793%2526ev%253D643f45c5-3ac6-4200-bac6-117cfb4e4b15-65a571ff-4e4f%2526gdpr_in_effect%253D0%2526gdpr_consent%253D HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=643f45c5-3ac6-4200-bac6-117cfb4e4b15-65a571ff-4e4f&partner_url=https%3A%2F%2Fbh.contextweb.com%2Fbh%2Frtset%3Fdo%3Dadd%26pid%3D543793%26ev%3D643f45c5-3ac6-4200-bac6-117cfb4e4b15-65a571ff-4e4f%26gdpr_in_effect%3D0%26gdpr_consent%3D HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=643f45c5-3ac6-4200-bac6-117cfb4e4b15-65a571ff-4e4f&partner_url=https%3A%2F%2Fbh.contextweb.com%2Fbh%2Frtset%3Fdo%3Dadd%26pid%3D543793%26ev%3D643f45c5-3ac6-4200-bac6-117cfb4e4b15-65a571ff-4e4f%26gdpr_in_effect%3D0%26gdpr_consent%3D HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=543793&ev=643f45c5-3ac6-4200-bac6-117cfb4e4b15-65a571ff-4e4f&gdpr_in_effect=0&gdpr_consent=
Request Chain 219
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZaVx-rC1Re9XqL1WAOmzmwAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECmJ96XV-0TpVWIEb8IECNE&google_cver=1&gdpr=0
Request Chain 221
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZaVx-rC1Re9XqL1WAOmzmwAA%264418&gpdr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZaVx-rC1Re9XqL1WAOmzmwAA%264418&_li_chk=true&gpp_sid=&us_privacy=&gpdr=0&previous_uuid=af42ba1179794935a568a69523cf6237 HTTP 303
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@ HTTP 302
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-8x90vhJJoTvOdMea8IxhIqUfuSFumCehZQdBrw HTTP 303
  • https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-8x90vhJJoTvOdMea8IxhIqUfuSFumCehZQdBrw
Request Chain 222
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZaVx_rC1Re9XqL1WAOmzmwAAEUIAAAIB&gdpr_consent=&us_privacy=&gdpr=0&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=0&gpp=&gpp_sid=&google_gid=CAESEIcM82DkedPDcTANhzmziAE&google_cver=1
Request Chain 223
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=0&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1721066239&external_user_id=70e56c33-9a17-47db-8b6d-6ec4ee1cf463
Request Chain 225
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=0&gdpr_consent=&gpp=&gpp_sid= HTTP 307
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=2d50a1a0-9f9e-4e06-810d-450430d1ce7c&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=0
Request Chain 229
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://ce.lijit.com/merge?3pid=AAGhc07LSuQAABQZpZ2XaQ&pid=85&gdpr=0
Request Chain 230
  • https://cms.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=43&gdpr=&gdpr_consent=&us_privacy=&3pid=3T1Cg9w5RdDGP0WE3zwOhtg-FobGMUHV0zzOI_ni
Request Chain 231
  • https://t.adx.opera.com/pub/sync?pubid=pub10014056052800&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?3pid=OPU808a358805d44a548b9bb717fd8a65a8&gdpr=0&gdpr_consent=&pid=103
Request Chain 232
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=SF95VnBCWkhXUVdKemVFN1JXLWR5ZVVT&gdpr=0
Request Chain 233
  • https://ums.acuityplatform.com/tum?umid=27&uid=H_yVpBZHWQWJzeE7RW-dyeUS&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=66&3pid=877233762466
Request Chain 234
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=adf&i=1325312571758247641&gdpr=0&gdpr_consent=
Request Chain 238
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZaVx-8Co8YQAAAw9fNEAAAAA
Request Chain 239
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=Hd2gM0OmKNOMuaQbiBEGjJDBp-VOmEcMMfds83BESbI&pi=gumgum
Request Chain 240
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 246
  • https://ib.adnxs.com/getuid?https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an HTTP 302
  • https://ads.yieldmo.com/v000/sync?userid=5498199044226996140&pn_id=an
Request Chain 252
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24UID HTTP 303
  • https://prebid-stag.setupad.net/setuid?bidder=adform&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=1325312571758247641
Request Chain 262
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEN9IRrO-9Np89eAHzX9PoLY&google_cver=1&google_push=AXcoOmSm1aM5dt4nrgkqIzXOdeYNSdeA7KbOCU5JvdEvahA8DO2h6ED3j1OhmLAFwbkvDb5x0L7TaWthGwSjhn1yt17b-iGa-rnd HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mzg5NzY5NDk2NzkyNzQzMjE1NA==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEN9IRrO-9Np89eAHzX9PoLY&google_cver=1
Request Chain 263
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEGgpFLChMUy0fjYM0TqTEbQ&google_cver=1&google_push=AXcoOmSvMuXfhhItxgJIJVXyz-PwYBkQpiTXe_gqiAfa5O-ZjYq5m0-O5Wt1FbdzfkMNWyX8GkhmPyQAfzTSTanoQHOrxRl-94mK HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmSvMuXfhhItxgJIJVXyz-PwYBkQpiTXe_gqiAfa5O-ZjYq5m0-O5Wt1FbdzfkMNWyX8GkhmPyQAfzTSTanoQHOrxRl-94mK
Request Chain 265
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESENBPbxZBro8zGoX6Aw5HtlY&google_cver=1&google_push=AXcoOmSUFsWQbjvbkvRcXvH-ahKdbb2qO1XkT1djk6A1lvyyptZ8ruByUZqs-77GQBH2R0wfMpzhllGaFZHbkzl9YQybZid4PvUX HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=125f1bfd-f835-444f-aebb-fe39c951329f&gdpr=&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=125f1bfd-f835-444f-aebb-fe39c951329f&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=ad043c2e-bb10-4580-ae2f-ff79fc664b34&ssp=google&expires=30&user_group=5&bsw_param=125f1bfd-f835-444f-aebb-fe39c951329f HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmSUFsWQbjvbkvRcXvH-ahKdbb2qO1XkT1djk6A1lvyyptZ8ruByUZqs-77GQBH2R0wfMpzhllGaFZHbkzl9YQybZid4PvUX&google_hm=El8b_fg1RE-uu_45yVEynw==
Request Chain 266
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEEuiYv5IMx1eFvxPZWjYHBM&google_cver=1&google_push=AXcoOmSvEydKAj7EGoYSQnWbjuNzyMZ1ce8jETKZ1KTjQSws2l7dpdclMIsYH4W-yv5NC2yjdSkTuua5nkHZUa8bAqO8r8CSTztd HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEEuiYv5IMx1eFvxPZWjYHBM&google_cver=1&google_push=AXcoOmSvEydKAj7EGoYSQnWbjuNzyMZ1ce8jETKZ1KTjQSws2l7dpdclMIsYH4W-yv5NC2yjdSkTuua5nkHZUa8bAqO8r8CSTztd HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSvEydKAj7EGoYSQnWbjuNzyMZ1ce8jETKZ1KTjQSws2l7dpdclMIsYH4W-yv5NC2yjdSkTuua5nkHZUa8bAqO8r8CSTztd
Request Chain 267
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEPzxiSXrhPk3ERr8hr2VYbs&google_cver=1&google_push=AXcoOmSYyaEeMvKkcRMATqek8N2qbj53xtodpMm_JxxFH6TasmhPlyR29G1oCPEkuoDy1KTjC5rdwy7E06NZCN4lVoY8SFRVY17D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJGODlFNkktMVgtM0lLSg==&google_push=AXcoOmSYyaEeMvKkcRMATqek8N2qbj53xtodpMm_JxxFH6TasmhPlyR29G1oCPEkuoDy1KTjC5rdwy7E06NZCN4lVoY8SFRVY17D
Request Chain 268
  • https://an.yandex.ru/mapuid/google/CAESEDM2j_0zkYeNw8alAemNdvc?ext-param=AXcoOmTnFHyLX4U0HYsgUeW3-dCGI47V6tG-Cu_PKrmTKi1LQue3kyXC2jDYJcVQGyyv3rTDI9YbVSeSy8ENgLqi3r8UtSfUo_g_&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://an.yandex.ru/mapuid/google/CAESEDM2j_0zkYeNw8alAemNdvc?redir-setuniq=1&ext-param=AXcoOmTnFHyLX4U0HYsgUeW3-dCGI47V6tG-Cu_PKrmTKi1LQue3kyXC2jDYJcVQGyyv3rTDI9YbVSeSy8ENgLqi3r8UtSfUo_g_&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEDM2j_0zkYeNw8alAemNdvc&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
  • https://an.yandex.ru/resource/spacer.gif
Request Chain 301
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZaVx-rC1Re9XqL1WAOmzmwAA%264418&gpdr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i6.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZaVx-rC1Re9XqL1WAOmzmwAA%264418&gpp_sid=&us_privacy=&gpdr=0
Request Chain 303
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5498199044226996140&gdpr=0
Request Chain 304
  • https://sync.srv.stackadapt.com/sync?nid=68&gdpr=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=UMFZEbv5WVt4CAUhpzfDcLL_lKU
Request Chain 305
  • https://c1.adform.net/serving/cookie/match?party=29&gdpr=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=1325312571758247641&expiration=1706551106
Request Chain 306
  • https://trace.mediago.io/ju/cs/indexexchange HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=acc8ce73d6e9cdf52605c500lrf89fsl
Request Chain 307
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=0 HTTP 302
  • https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=643f45c5-3ac6-4200-bac6-117cfb4e4b15-65a571ff-4e4f&gdpr=0&gdpr_consent=
Request Chain 314
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECmJ96XV-0TpVWIEb8IECNE&google_cver=1&gdpr=0
Request Chain 315
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZaVx-rC1Re9XqL1WAOmzmwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECmJ96XV-0TpVWIEb8IECNE&google_cver=1&gdpr=0
Request Chain 325
  • https://cms.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=80&&partneruserid=eGESv3llFexjYxW4emBeun1iRrpjbRHpdmCA8jFq
Request Chain 327
  • https://cs.admanmedia.com/e09bad714a425a93d6dea503dcf9c528.gif?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D130%26partneruserid%3D%5BUID%5D%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BGDPR_CONSENT%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=130&partneruserid=9739865c-41f0-4758-8d7a-571ced2f6a59&gdpr=0&gdpr_consent=[GDPR_CONSENT]
Request Chain 328
  • https://ib.adnxs.com/getuid?https%3a%2f%2flwadm.com%2fusermatch%2fpl%3fcb%3d638409382369000173%26bid%3d03485854-5ae2-43d5-8d5d-cfe9b12ac08c%26lwuid%3d5b7c26e3-7b76-48cc-82bb-d00f99f6dc7e%26buid%3d$UID HTTP 302
  • https://lwadm.com/usermatch/pl?cb=638409382369000173&bid=03485854-5ae2-43d5-8d5d-cfe9b12ac08c&lwuid=5b7c26e3-7b76-48cc-82bb-d00f99f6dc7e&buid=5498199044226996140
Request Chain 329
  • https://cm.adform.net/cookie?redirect_url=https%3a%2f%2flwadm.com%2fusermatch%2fpl%3fcb%3d638409382369000173%26bid%3dc14360b0-ff2f-489e-b086-be36cd097dab%26lwuid%3d5b7c26e3-7b76-48cc-82bb-d00f99f6dc7e%26buid%3d$UID HTTP 303
  • https://lwadm.com/usermatch/pl?cb=638409382369000173&bid=c14360b0-ff2f-489e-b086-be36cd097dab&lwuid=5b7c26e3-7b76-48cc-82bb-d00f99f6dc7e&buid=1325312571758247641
Request Chain 330
  • https://a.audrte.com/get?p=M501991648&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D141%26partneruserid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ZWRoeWd4dVl0STRTcnFPVXFFMkJ2RzFHZw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZGVkaHlneHVZdEk0U3JxT1VxRTJCdkcxR2ciLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn0seyJuYW1lIjoic21hcnQifV19%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZGVkaHlneHVZdEk0U3JxT1VxRTJCdkcxR2ciLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn0seyJuYW1lIjoic21hcnQifV19&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZGVkaHlneHVZdEk0U3JxT1VxRTJCdkcxR2ciLCJkIjpbeyJuYW1lIjoic21hcnQifV19&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=1325312571758247641&r=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZGVkaHlneHVZdEk0U3JxT1VxRTJCdkcxR2ciLCJkIjpbeyJuYW1lIjoic21hcnQifV19 HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=141&partneruserid=edhygxuYtI4SrqOUqE2BvG1Gg&gdpr=0&gdpr_consent=&redirurl=https%3A%2F%2Fa.audrte.com%2Fmatch%3Fuid%3DSMART_USER_ID%26p%3DM501991648%26r%3Dhttps%253A%252F%252Fa.audrte.com%252Fp%253F HTTP 302
  • https://a.audrte.com/match?uid=1632441555638621583&p=M501991648&r=https%3A%2F%2Fa.audrte.com%2Fp%3F&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/p
Request Chain 332
  • https://ad.360yield.com/server_match?gdpr=0&gdpr_consent=&r=https%3a%2f%2flwadm.com%2fusermatch%2fpl%3fcb%3d638409382369000173%26bid%3d89db4e8f-e85b-4f4b-b7a2-65554038c76c%26lwuid%3d5b7c26e3-7b76-48cc-82bb-d00f99f6dc7e%26buid%3d%7BPUB_USER_ID%7D HTTP 302
  • https://lwadm.com/usermatch/pl?cb=638409382369000173&bid=89db4e8f-e85b-4f4b-b7a2-65554038c76c&lwuid=5b7c26e3-7b76-48cc-82bb-d00f99f6dc7e&buid=fc2aff31-9c4a-4e3f-a561-5b4152c50304
Request Chain 337
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEEMxFKNVqU3YiJC2v1rjgbA&google_cver=1&google_push=AXcoOmSMMx294EtMdMgAZFnSRGHCyfk18-rAIrzQgxjaz4fDxhpwrCBqOCwD7LOnNYS-0mlcn5Ye0II4G8eAKUsVwcoMlCWaWVWSCg HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmSMMx294EtMdMgAZFnSRGHCyfk18-rAIrzQgxjaz4fDxhpwrCBqOCwD7LOnNYS-0mlcn5Ye0II4G8eAKUsVwcoMlCWaWVWSCg&google_hm=H_yVpBZHWQWJzeE7RW-dyeUS
Request Chain 338
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEGH8PTXev53_UfbDHqhrSfk&google_cver=1&google_push=AXcoOmTBtTZG4qRqCahaC5I4znGtrdW9XbAHvbeh3y4N7o_ksxSqhRegvgQt5u_tFRRhrWFkSgKxwmyH2yEPwxwk8qBFnpL0Pje2aA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTg0ODEwNjMyMzc4OTcwMzcxMjk1MQ%3D%3D&google_push=AXcoOmTBtTZG4qRqCahaC5I4znGtrdW9XbAHvbeh3y4N7o_ksxSqhRegvgQt5u_tFRRhrWFkSgKxwmyH2yEPwxwk8qBFnpL0Pje2aA
Request Chain 339
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEN7m5dKwxqTpu1NpDUXJYBg&google_cver=1&google_push=AXcoOmQwhvfWiCMrmkzbWqcMQBXPMsz2V5YgLJyxfqVT7cG-v3o-7XI5jqwLhXSJ_3j-rJ_kTzYzXWRHUWN5pc_PBbIRcsMFeZ4IQw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmQwhvfWiCMrmkzbWqcMQBXPMsz2V5YgLJyxfqVT7cG-v3o-7XI5jqwLhXSJ_3j-rJ_kTzYzXWRHUWN5pc_PBbIRcsMFeZ4IQw&google_hm=MTYzMjQ0MTU1NTYzODYyMTU4Mw%3D%3D
Request Chain 345
  • https://sync.srv.stackadapt.com/sync?nid=268&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537082476&val=UMFZEbv5WVt4CAUhpzfDcLL_lKU
Request Chain 348
  • https://x.bidswitch.net/sync?ssp=openx HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=openx&bsw_custom_parameter=125f1bfd-f835-444f-aebb-fe39c951329f&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=ad043c2e-bb10-4580-ae2f-ff79fc664b34&ssp=openx&expires=30&user_group=5&bsw_param=125f1bfd-f835-444f-aebb-fe39c951329f HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=125f1bfd-f835-444f-aebb-fe39c951329f&gdpr=&gdpr_consent=&us_privacy=
Request Chain 349
  • https://creativecdn.com/cm-notify?pi=openx&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073053&val=Hd2gM0OmKNOMuaQbiBEGjJDBp-VOmEcMMfds83BESbI&pi=openx&gdpr=0
Request Chain 350
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&&val=8_9ArPL7R__o_Uer8f4Mqfb8FKno80P6_f4v8ou3
Request Chain 360
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTg0ODEwNjMyMzc4OTcwMzcxMjk1MQ%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 361
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEClbI721E_lyRt0q_VgM9QM&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 362
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTg0ODEwNjMyMzc4OTcwMzcxMjk1MQ%3D%3D
Request Chain 364
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/1848106323789703712951?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-yejzvYtE2oQPG44PpdD7y9zgzodZ4RXrPD07TZLkjQ--~A&dongle=0883
Request Chain 365
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=1848106323789703712951&gdpr=0&gdpr_consent=${GDPR_CONSENT} HTTP 302
  • https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift&bsw_user_id=${BSW_USER_UD}&bsw_param=125f1bfd-f835-444f-aebb-fe39c951329f&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=&user_group=0&user_id=&ssp=triplelift&bsw_param=125f1bfd-f835-444f-aebb-fe39c951329f
Request Chain 366
  • https://dis.criteo.com/dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&gdpr=0&gdpr_consent=&us_privacy=&gpp=${GPP_STRING_28}&gpp_sid=&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3D%40%40CRITEO_USERID%40%40%26dongle%3D013b HTTP 302
  • https://eb2.3lift.com/xuid?mid=2711&xuid=92ece2e7-18e6-408e-a1f0-a80829873903&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=&gpp=${GPP_STRING_28}
Request Chain 367
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=5498199044226996140&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 375
  • https://prebid.a-mo.net/cchain/0?gdpr=0&us_privacy=&cb=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Damx%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D HTTP 302
  • https://prebid-stag.setupad.net/setuid?bidder=amx&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=
Request Chain 379
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D92%263pid%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=92&3pid=5498199044226996140&gdpr=0&gdpr_consent=
Request Chain 380
  • https://x.bidswitch.net/sync?ssp=fmx&us_privacy=&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.srv.stackadapt.com/sync?nid=50&gdpr=0&gdpr_consent=&gdpr_pd=&ssp=fmx HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=188&user_id=UMFZEbv5WVt4CAUhpzfDcLL_lKU&user_group=1&ssp=fmx&gdpr=0 HTTP 302
  • https://ce.lijit.com/merge?pid=26&3pid=125f1bfd-f835-444f-aebb-fe39c951329f&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 381
  • https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=87&3pid=3762e2b2-c8d2-4517-94a5-8269976efe04
Request Chain 382
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=SF95VnBCWkhXUVdKemVFN1JXLWR5ZVVT&gdpr=0 HTTP 302
  • https://s0.2mdn.net/dot.gif?gdpr=0
Request Chain 383
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=49&3pid=nexbIDoOEifh&ev=1&pid=558511&gdpr_consent=&gdpr=0
Request Chain 385
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=SF95VnBCWkhXUVdKemVFN1JXLWR5ZVVT&gdpr=0
Request Chain 390
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=643f45c5-3ac6-4200-bac6-117cfb4e4b15-65a571ff-4e4f&gdpr=0&gdpr_consent=
Request Chain 391
  • https://p.rfihub.com/cm?pub=25&in=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073062&val=5133329529895531335
Request Chain 392
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0&gdpr=0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0&gdpr=0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=ZaVyAgAOulAd4wBU HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZaVyAgAOulAd4wBU&_test=ZaVyAgAOulAd4wBU
Request Chain 393
  • https://tr.blismedia.com/v1/api/sync/openx HTTP 307
  • https://eu-u.openx.net/w/1.0/sd?id=539732443&gdpr=&gdpr_consent=&val=65A572004CAA5CE22765E121BLIS&r=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2Fopenx%3Fpartner_device_id%3D65A572004CAA5CE22765E121BLIS
Request Chain 394
  • https://match.prod.bidr.io/cookie-sync/ox HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFHaGMwN0xTdVFBQUJRWnBaMlhhUQ&bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAGhc07LSuQAABQZpZ2XaQ&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Csas%252Cox%26bee_sync_current_partner%3Dpm%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2
Request Chain 400
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&gpp={{.GPP}}&gpp_sid={{.GPPSID}}&s=pbs&cb=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Damx%26nmuid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID HTTP 302
  • https://cookies.nextmillmedia.com/setuid?bidder=amx&nmuid=&gdpr=0&gdpr_consent=&us_privacy=&uid=&gpp_sid=%7B%7B.GPPSID%7D%7D&gpp=%7B%7B.GPP%7D%7D
Request Chain 401
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dappnexus%26nmuid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID HTTP 302
  • https://cookies.nextmillmedia.com/setuid?bidder=appnexus&nmuid=&gdpr=0&gdpr_consent=&us_privacy=&uid=5498199044226996140 HTTP 302
  • https://pbs.nextmillmedia.com/setuid?bidder=appnexus&uid=5498199044226996140
Request Chain 402
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dgrid%26nmuid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://cookies.nextmillmedia.com/setuid?bidder=grid&nmuid=&gdpr=0&gdpr_consent=&us_privacy=&uid=125f1bfd-f835-444f-aebb-fe39c951329f HTTP 302
  • https://pbs.nextmillmedia.com/setuid?bidder=grid&uid=125f1bfd-f835-444f-aebb-fe39c951329f
Request Chain 403
  • https://ssum.casalemedia.com/usermatchredir?s=194962&gdpr=0&gdpr_consent=&us_privacy=&gpp={{.GPP}}&gppsid={{.GPPSID}}&cb=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dix%26nmuid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uid%3D HTTP 302
  • https://cookies.nextmillmedia.com/setuid?gpp=%7B%7B.GPP%7D%7D&bidder=ix&nmuid=&gdpr=0&gdpr_consent=&us_privacy=&uid=ZaVx-rC1Re9XqL1WAOmzmwAA%264418 HTTP 302
  • https://pbs.nextmillmedia.com/setuid?bidder=ix&uid=ZaVx-rC1Re9XqL1WAOmzmwAA&4418
Request Chain 404
  • https://csync.loopme.me/?pubid=11364&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dloopme%26nmuid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%7Bviewer_token%7D HTTP 307
  • https://cookies.nextmillmedia.com/setuid?bidder=loopme&nmuid=&gdpr=0&gdpr_consent=&us_privacy=&uid=2d50a1a0-9f9e-4e06-810d-450430d1ce7c&gdpr_consent=null&gdpr=0 HTTP 302
  • https://pbs.nextmillmedia.com/setuid?bidder=loopme&uid=2d50a1a0-9f9e-4e06-810d-450430d1ce7c
Request Chain 405
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dopenx%26nmuid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24%7BUID%7D HTTP 302
  • https://cookies.nextmillmedia.com/setuid?bidder=openx&nmuid=&gdpr=0&gdpr_consent=&us_privacy=&uid=2f78b951-b93d-4f43-ab6c-034930ae719f HTTP 302
  • https://pbs.nextmillmedia.com/setuid?bidder=openx&uid=2f78b951-b93d-4f43-ab6c-034930ae719f
Request Chain 407
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17888&endpoint=us-east&nmuid= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17888&endpoint=us-east&nmuid=
Request Chain 410
  • https://ads.yieldmo.com/pbsync?gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dyieldmo%26nmuid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID HTTP 302
  • https://cookies.nextmillmedia.com/setuid?bidder=yieldmo&nmuid=&uid=VEpIiaa11SaoKNVWkSDn&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://pbs.nextmillmedia.com/setuid?bidder=yieldmo&uid=VEpIiaa11SaoKNVWkSDn
Request Chain 415
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=3897694967927432154&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 416
  • https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537072399&val=5498199044226996140
Request Chain 418
  • https://dsp-ap.eskimi.com/pixelGet?ex=14&gdpr=0&dest=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D539901412%26val%3D%7Bdmp_id%7D%26gdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=539901412&val=58b904e2-0d8c-43c9-8dfb-e1db69915f8b&gdpr=0&gdpr_consent=
Request Chain 419
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://us-u.openx.net/w/1.0/sd?id=537073028&val=${ADELPHIC_CUID} HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073028&val=a49e1b87-15a1-4300-80a6-42101368b95b
Request Chain 420
  • https://um.simpli.fi/ox_match/gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=24F7B71C835A4B7AB277CE997168A0F7

418 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request resize
ezgif.com/ 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ezgif.com/resize
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4f8:251:590b::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
b5b2714d1c077d91ddd332573d305b21bd86a519ba0f3177b93f894e4c103cbe
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cache-control
max-age=21600, public
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 15 Jan 2024 17:57:15 GMT
server
nginx
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
all.css
ezgif.com/css/ 		17 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ezgif.com/css/all.css
Requested by
Host: ezgif.com
URL: https://ezgif.com/resize
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4f8:251:590b::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
6004f629a46b665beb343646c65879a5a9f8c05d9db3b94664c04b35a2a0a677

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ezgif.com/resize
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:57:15 GMT
content-encoding
gzip
last-modified
Sun, 14 Jan 2024 15:10:21 GMT
server
nginx
etag
W/"65a3f95d-43e6"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000, public
expires
Wed, 14 Feb 2024 17:57:15 GMT
in-view.min.js
cdn.jsdelivr.net/npm/in-view@0.6.1/dist/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/in-view@0.6.1/dist/in-view.min.js
Requested by
Host: ezgif.com
URL: https://ezgif.com/resize
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba92f31903d0ed43a15811c0506b1c357fa04ff643140a3c0e162dfc66cd37eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ezgif.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:57:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4623758
x-jsd-version
0.6.1
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-etou8220053-FRA, cache-bma1674-BMA
x-jsd-version-type
version
server
cloudflare
etag
W/"14be-WmlQIO/ElIG9SfA/X8UgGV8u+ls"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qFLhl4gX0XQOW%2B3MHCgSG4c7M4duMYteOD09awW4IJh44uzdOwO1iMr4YeZEsQB6aBhRj7Gpl1RGgEgGvhbIfRbxU170YkuIGsLHhHf8FarNaQshC0gawz9oi0NOU8jr6duJe6%2BWV1hZizLYQHU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
8460000709bc5685-OSL
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		98 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: ezgif.com
URL: https://ezgif.com/resize
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
664b303922196881921c64236f7f42d005d0aa206f35e2499b4864f0dbab80a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ezgif.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:57:16 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29764
x-xss-protection
0
server
cafe
etag
258 / 19737 / 31080328 / config-hash: 6457213104751266546
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 15 Jan 2024 17:57:16 GMT
3148
stpd.cloud/saas/ 		516 KB
151 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stpd.cloud/saas/3148
Requested by
Host: ezgif.com
URL: https://ezgif.com/resize
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1f31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0e5d050b5eb93e68bab974acc92f66a81c6f9b029aa39841711ee81c34fb62d

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ezgif.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Mon, 15 Jan 2024 18:17:16 GMT
date
Mon, 15 Jan 2024 17:57:16 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 15 Jan 2024 17:57:05 GMT
server
cloudflare
age
11
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=1200
cf-ray
8460000818c756c0-OSL
stpdhash
cache
tag
btloader.com/ 		56 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?o=5646025299591168&upapi=true
Requested by
Host: ezgif.com
URL: https://ezgif.com/resize
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4bd8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4fc394c8bd8b1b275243e4f2a83ed011200e02e0c35ec1942f540f82d7dc4c7

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ezgif.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:57:16 GMT
content-encoding
gzip
via
1.1 google
cf-cache-status
HIT
last-modified
Mon, 15 Jan 2024 17:13:38 GMT
server
cloudflare
age
2523
etag
"106fefd9b282ec79f6c8960b891b7f3d"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
accept-ranges
bytes
cf-ray
846000080e1756b7-OSL
content-length
19006
cmp-stub.js
cmp.setupcmp.com/cmp/cmp/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.setupcmp.com/cmp/cmp/cmp-stub.js
Requested by
Host: ezgif.com
URL: https://ezgif.com/resize
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:406 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30ecc4cd36aa5d13b26bfdf89c9b0c41af9a3311985c0c878bcc687b9f55986a

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ezgif.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 15 Jan 2024 17:57:16 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5
3jfo58Cotbsu8TxBvJOgIw==
age
3257
x-ms-lease-status
unlocked
last-modified
Tue, 28 Nov 2023 10:43:06 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zfUOL8twxwR4l%2FuSDKRGtJMj7tbaux6od2TAwZKlZV7j3fOQDuPdbAfF8LKpb7mJqE4a97B0I6dNkKXfd%2BuGDyIpzN4EJjUxk8VcBGvL0NZwPkplWpjlVXhceaNlY6eMsQNuU5%2FaNsHuG%2BJKZZA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
x-ms-request-id
6c904b1f-c01e-0006-54b6-2d40b9000000
access-control-expose-headers
country
cache-control
max-age=14400
x-ms-version
2009-09-19
cf-ray
846000084b504c84-HEL
cmp-v1.js
cmp.setupcmp.com/cmp/cmp/ 		113 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.setupcmp.com/cmp/cmp/cmp-v1.js
Requested by
Host: ezgif.com
URL: https://ezgif.com/resize
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:406 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec33b27f521aa469b8648d182fff1ca281b398927ea04f64fba6937044d9ed21

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ezgif.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 15 Jan 2024 17:57:16 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5
n5WCKfLuainmqGFurlfhhQ==
age
3257
x-ms-lease-status
unlocked
last-modified
Thu, 14 Dec 2023 07:12:59 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DrThPqP24jREhda%2F7oqL8SzBZ8yCUGltvLKvwgd8%2BDlSkldWxscsD%2BBVxKjnk76g5kW2B%2Bju8Qx0ZuA1vWbHMX434ws9B7frY%2BY2skhrL8qs5zDWJn2EUfj%2FuoLRc%2F5EgvRx7YSWDkyFSsBlYl0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
x-ms-request-id
1495d41b-a01e-005d-107e-2e7982000000
access-control-expose-headers
country
cache-control
max-age=14400
x-ms-version
2009-09-19
cf-ray
846000084b554c84-HEL
truncated
/ 		45 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0878caf45ab3e9900e069b7be7d430ca6a3ccd3f8ce3fe3a08632c5a6f3a3ce7

Request headers

accept-language
no-NO,no;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/gif
w.png
ezgif.com/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ezgif.com/images/w.png
Requested by
Host: ezgif.com
URL: https://ezgif.com/css/all.css
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a01:4f8:251:590b::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
eb737625065c520f706e862a8c734b60b35fdd73eb0ddb909fc9b8fca074e391

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ezgif.com/css/all.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:57:16 GMT
last-modified
Mon, 08 Jan 2024 19:45:48 GMT
server
nginx
etag
"659c50ec-11ee"
content-type
image/png
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
4590
expires
Wed, 14 Feb 2024 17:57:16 GMT
upload.svg
ezgif.com/images/ 		659 B
845 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ezgif.com/images/upload.svg
Requested by
Host: ezgif.com
URL: https://ezgif.com/css/all.css
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a01:4f8:251:590b::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
490370127d101b2460b3deeafd009fcd3242559e64046ecdf90b9c12be8599c8

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ezgif.com/css/all.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:57:16 GMT
last-modified
Thu, 25 Nov 2021 07:38:46 GMT
server
nginx
etag
"619f3d86-293"
content-type
image/svg+xml
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
659
expires
Wed, 14 Feb 2024 17:57:16 GMT
state
api.btloader.com/mw/ 		0
101 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/mw/state?bt_env=prod
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5646025299591168&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ezgif.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 15 Jan 2024 17:57:16 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
px.gif
ad-delivery.net/ 		43 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: ezgif.com
URL: https://ezgif.com/resize
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ezgif.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:57:16 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1965583
x-guploader-uploadid
ABPtcPrc09kGw6gQXl3m1HKaCKyBVkOPaIUXv1_vTNWtt68Ie11V_ukteKpT-GPKivsIQvLVdgA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dl00XIxBAWcY%2FXJC0QQHsaf5mA0PUuER%2BiaWIWBga6d9dMeee47YLOjIcC7uSQk79xtZ0oR7nM9RrkWRaVcqgFDCSNItfBRxvyZkMyE%2BuMsh15A7VQzYug%2BuwWJEcR%2B616QsVRBvHiDR1VZ7iQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
846000092ce84e1b-HEL
expires
Sun, 24 Dec 2023 00:19:37 GMT
favicon.ico
ad.doubleclick.net/ 		1 KB
571 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: ezgif.com
URL: https://ezgif.com/resize
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ezgif.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 22:48:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
68956
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 15 Jan 2024 22:48:00 GMT
px.gif
ad-delivery.net/ 		43 B
916 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.3678312054606876
Requested by
Host: ezgif.com
URL: https://ezgif.com/resize
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ezgif.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:57:16 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1965583
x-guploader-uploadid
ABPtcPrc09kGw6gQXl3m1HKaCKyBVkOPaIUXv1_vTNWtt68Ie11V_ukteKpT-GPKivsIQvLVdgA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dumbTQZuVFJrP%2FVEmuhYDYzL5YmcFAHk9QCKzEIa8QDlfC7S2LLAH3Y0iIbnWvmMQVW8pgLu5u9X4NBLFYOtFIzWDgt%2FPfjpsZxdZhkXxnhEvAbeInjlRGU6NSezO4YNTOhqecDizTO%2FcrmJ4A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
846000092cea4e1b-HEL
expires
Sun, 24 Dec 2023 00:19:37 GMT
391-light.json
cmp.setupcmp.com/cmp/config/ 		119 B
711 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cmp.setupcmp.com/cmp/config/391-light.json
Requested by
Host: cmp.setupcmp.com
URL: https://cmp.setupcmp.com/cmp/cmp/cmp-v1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:406 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d49ae8fb5513116d0f019c5e73e2326eac2d5e3792978cff0ff2f53ec2fe793

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ezgif.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 15 Jan 2024 17:57:16 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5
TVHaXS7NJPdAk0DB03hpKg==
x-ms-lease-status
unlocked
last-modified
Tue, 08 Aug 2023 06:04:11 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3USv1brcEDqcHlWvwpSAl1RRCe8NCdCoR9OLfuZAlN7lVZaI2Cw0t6bvjWVG0ck3YQeDJeSgm0XcpG9Qu8W92W%2FVrvw%2FwXZ%2BhyGPBo1n%2BY2r6T41VBr7SY8PmAD%2B3O2ra2g024MBCtQ7SqNbiX4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
fc727971-f01e-001d-21dc-477eba000000
access-control-expose-headers
country
x-ms-version
2009-09-19
country
NO
cf-ray
84600009687e4c8d-HEL
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401080101/ 		437 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401080101/pubads_impl.js?cb=31080328
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c211e8775861eb70a495edc9b39d509002676809a57ed8090817e78f764b57fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ezgif.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 16:19:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
5856
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
140670
x-xss-protection
0
server
cafe
etag
10621281385585276585
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 14 Jan 2025 16:19:40 GMT
country
api.btloader.com/ 		16 B
132 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/country
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5646025299591168&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
8b3383aa4c71f1d816bfaf33e3ef2e8ded067698a7798b9f306204d5777b140d

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ezgif.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:57:16 GMT
via
1.1 google
vary
Origin
content-type
application/json
access-control-allow-origin
*
cache-control
private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
pv
api.btloader.com/ 		0
66 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/pv?tid=8cGgVfTWNV&w=6372427745984512&o=5646025299591168&cv=2.1.27-2-g1727909&widget=false&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fezgif.com%2Fresize&sid=lAzwgk6jz&pm=false&upapi=true
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5646025299591168&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ezgif.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 15 Jan 2024 17:57:16 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fezgif.com%2F&domain=ezgif.com&cw=1&lsw=1&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://ezgif.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://ezgif.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 15 Jan 2024 17:57:16 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
261580
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
op.js
tagan.adlightning.com/setupad/ 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/setupad/op.js
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
61e5e897a116b6d8c2416a4f1d8b3df0242f19247fa52a1f0fbc27bd31d5d8fd

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ezgif.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
4kTOg59EcdpDZmOsUqMD7PnUbhgtf2Aq
content-encoding
gzip
via
1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
date
Mon, 15 Jan 2024 17:39:13 GMT
x-amz-cf-pop
FRA60-P4
age
1084
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
7060
x-amz-meta-git_commit
935e2f1
last-modified
Sat, 13 Jan 2024 11:32:41 GMT
server
AmazonS3
etag
"b2e1a0e76216fa455bedc6b1e675b524"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
Zn5BTh-vg5tn7OkWoV5lk5_If1g2wTeXW5PbckZM5BpMixcXf2ok1g==
apstag.js
c.amazon-adsystem.com/aax2/ 		282 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.179.133 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-179-133.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
99c6eb6c3f17d69837d604201ac0453a5677eef91484aee37e72dff818ddadbc

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ezgif.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:56:52 GMT
content-encoding
gzip
via
1.1 11a78ce92a548aac13fb6ee545aff014.cloudfront.net (CloudFront), 1.1 e6fa1c9191449608305126abd895ecaa.cloudfront.net (CloudFront)
last-modified
Tue, 12 Dec 2023 22:20:12 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, MRS52-P5
age
25
x-amz-server-side-encryption
AES256
etag
W/"bab82e5d8801f394c1ef53a45dc29542"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
zSkChtUmo783dfmSHFAetIDAbAcomSM9Xxe3gT8zV9OxC2Nyvrz-vQ==
prebid
id5-sync.com/api/config/ 		135 B
410 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
7c2589f966c01479236dda131a4942c70ba281e3be202cc12d56680f86977a54
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://ezgif.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ezgif.com
date
Mon, 15 Jan 2024 17:57:16 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fezgif.com%2F&domain=ezgif.com&cw=1&lsw=1&gdpr=0
  • https://mug.criteo.com/sid?cpp=qaJs9nxTOXM0SlhWQ25Zb1R1L2krdHBBQkVLQ25aZisxMTJlcm0welRzd2ZKUXUzMlZiTG5mUDhUSEw2YjZiYUI5dXZEbDNYcW83aXJzVUUzUWpMb3dzVGZwcWRCdVBXS2xzeVdIWDNmTTJSZ2RsYWo5RVB5dFhGaVloNi...
357 B
646 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=qaJs9nxTOXM0SlhWQ25Zb1R1L2krdHBBQkVLQ25aZisxMTJlcm0welRzd2ZKUXUzMlZiTG5mUDhUSEw2YjZiYUI5dXZEbDNYcW83aXJzVUUzUWpMb3dzVGZwcWRCdVBXS2xzeVdIWDNmTTJSZ2RsYWo5RVB5dFhGaVloNitZU2FWMGg5NDg5eHlDbm9wUXg4bGtFVTBYMWxnQy9NVDZnazhWZGlDSW5oL1VaWFRqaGdydXdpZmNQdld3Y2RhWEFsNXRVN1h3ODIrSmdoY0hVUXh0NHRCUnRVdVJaWGgybHBDQlRBeHZUR1MyWlBENldNPXw&cppv=2
Requested by
Host: ezgif.com
URL: https://ezgif.com/resize
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
13f520c00ebaaf005abbdeb0ea193e920c8bfef59aeb7bebd34442061473d018
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ezgif.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:16 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
604605
expires
0

Redirect headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:16 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
access-control-allow-origin
https://ezgif.com
location
https://mug.criteo.com/sid?cpp=qaJs9nxTOXM0SlhWQ25Zb1R1L2krdHBBQkVLQ25aZisxMTJlcm0welRzd2ZKUXUzMlZiTG5mUDhUSEw2YjZiYUI5dXZEbDNYcW83aXJzVUUzUWpMb3dzVGZwcWRCdVBXS2xzeVdIWDNmTTJSZ2RsYWo5RVB5dFhGaVloNitZU2FWMGg5NDg5eHlDbm9wUXg4bGtFVTBYMWxnQy9NVDZnazhWZGlDSW5oL1VaWFRqaGdydXdpZmNQdld3Y2RhWEFsNXRVN1h3ODIrSmdoY0hVUXh0NHRCUnRVdVJaWGgybHBDQlRBeHZUR1MyWlBENldNPXw&cppv=2
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
318598
content-length
0
expires
0
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20240115
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7fa873458137fd66a27732ec9e5c389951578cc6a7ede6a0248431e1ebfb43c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ezgif.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 15 Jan 2024 17:57:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
6981
x-jsd-version
1.0.1936
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230103-FRA, cache-lga21972-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"63e-F3w57MifgAmP6p1C474ysf/iQmU"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yEB2sQR68CxawKaVsKoprTyvROzrwLVe%2BCXkbapH2rZOi%2FpR3gvRlsfZRGgzxOyQgV52NEyEtsk0Q7Ll9LOuxk%2FxwZOzlqy7kzUfRnxHRLk3kcOyIWCkM8sIQP9g6%2FytuxXfdbDWAuSHiFRen40%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
8460000b4d03b4f9-OSL
localstore.js
script.4dex.io/ 		483 B
1021 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ezgif.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 17:57:17 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Mon, 27 Nov 2023 07:14:08 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
1593749
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rxM0BPSoSJBmZ8lvWabPACapQ08a4S8fqL63GmNW0oBAZams%2BcPwA7ak7QiPVdZfjszoAHnUKJwa2Ei%2BsUNq2T9yMz8my%2FwKYfE8lMzNWO9GyFpQmTjOf9R2u4g4LFYBzcO%2FSn07fsSVZ9HI"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
8460000d6bfc1d06-CPH
esp.js
cdn.id5-sync.com/api/1.0/ 		114 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401080101/pubads_impl.js?cb=31080328
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7bf4f406f5a9bf165c21dfebea2257eab80882e23e887a24756956daac44373
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ezgif.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:57:16 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 08 Jan 2024 11:20:59 GMT
server
cloudflare
x-amz-request-id
Z2VZ0AA1PJJRQB86
age
1440
etag
W/"3732dd6fc229ed015d7d7eddf157953f"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
8460000baa8e712a-OSL
x-amz-id-2
U2rw51WvjfNmN5vn+kyUpCfwIBwzW6iw/VgDjiHnVqvsAxilJIHop2CoJL6M03Y8Hr7PFpXRjfE=
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
817 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401080101/pubads_impl.js?cb=31080328
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ezgif.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:57:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
6799
x-jsd-version
master
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230042-FRA, cache-bma1678-BMA
x-jsd-version-type
branch
server
cloudflare
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gz%2Fjucm36j9aezzdhzCc%2BiXngBX5y0bMx6FsIaicEdr16wFHW4CjTDDkIOxFOTiEgVw2nOs8%2Fubd4Ouh3FoKZqM2EcVHPkhOGwSdD7NYMoBtzOQcvswLDjVkzIaFI74NUv8Zw5cNB1V36YnDeiw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
8460000b19945685-OSL
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401080101/pubads_impl.js?cb=31080328
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ezgif.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:57:16 GMT
via
1.1 google, 1.1 google
last-modified
Thu, 03 Aug 2023 03:28:51 GMT
server
Google Frontend
etag
fc4e6bfe266081c4873c6f08c8298e5c
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
efe3d614f4650c719d03f05752efa32e
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1207
publishertag.ids.js
static.criteo.net/js/ld/ 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401080101/pubads_impl.js?cb=31080328
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
3dd103ba888c627706f31656287652d5fceb9ef7a7099eec5a07aac2f7d397dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ezgif.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:57:16 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 10 Jan 2024 15:13:35 GMT
server
nginx
etag
W/"659eb41f-a585"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 16 Jan 2024 17:57:16 GMT
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401080101/pubads_impl.js?cb=31080328
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:7200:a:e047:753:a221 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ezgif.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date
Mon, 15 Jan 2024 09:17:41 GMT
Via
1.1 a4233498d2bd44dbd411d60d86f8334e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P2
Age
31176
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
2776
Last-Modified
Thu, 19 Oct 2023 06:40:11 GMT
Server
AmazonS3
ETag
"a3a9a9ee8e72db69d54e805f0586c651"
Content-Type
text/javascript
Accept-Ranges
bytes
X-Amz-Cf-Id
ufIDUNkIwujOGDU6ZF-ebedkcC11fHmrrMQyYZGYWVHWw_yGex8zhA==
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401080101/pubads_impl.js?cb=31080328
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-104.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ezgif.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:37:13 GMT
content-encoding
gzip
via
1.1 cae542650fb32c773cc494fc6e7e71e6.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
44404
x-amz-server-side-encryption
AES256
etag
W/"e073e71ed7a44e6f9cdd72904fda5940"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
zz572GHr5hI6_pxxVvTze72PkjztyrB_y753cYObJf7JqVsP9ljL5g==
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401080101/pubads_impl.js?cb=31080328
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ezgif.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 23:38:00 GMT
content-encoding
gzip
age
238756
x-guploader-uploadid
ABPtcPo18VmQz41M3qUGqTNkWpded7OwNJw0GjT3v8UyI_x9ng1Dcb7wZr7uxKnd-hsXudZanqMq_pk0Zg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Sat, 11 Jan 2025 23:38:00 GMT
connectId-gpt.js
connectid.analytics.yahoo.com/ 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connectid.analytics.yahoo.com/connectId-gpt.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401080101/pubads_impl.js?cb=31080328
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:4400:10:dd8:5e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c7f6468c8ac1542980b2d5f637fa933d7d00d2c6ff6690e34505d2aed0c0e23a
Security Headers
Name Value
Content-Security-Policy default-src 'self'

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ezgif.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 16:59:49 GMT
via
1.1 6faa38f38a1fee24a829fec7c748876c.cloudfront.net (CloudFront)
content-security-policy
default-src 'self'
x-amz-cf-pop
FRA56-P2
age
3448
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
8730
x-amz-expiration
expiry-date="Tue, 17 Oct 2028 00:00:00 GMT", rule-id="webapp-standard-lifecycle"
last-modified
Tue, 17 Oct 2023 13:17:45 GMT
server
AmazonS3
etag
"c46e30de24d0f12167e302e9e32ff4a5"
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
xnAV-ueMmDFWr0rO4YAJw8MRKBj-Q4nBQXll5xPJmIf_TJucbocLvA==
cookie_sync
prebid-stag.setupad.net/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-stag.setupad.net/cookie_sync
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.68.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8eaade8a743abfb485ffe5f9b8a1b0399614fb92284eb5439e42886e0761cdb1

Request headers

Referer
https://ezgif.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:16 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mugt8wYORgjvUCSGGVfSuYwo8YEWecEhm4bsV0vcHN9TCyF3y77ikyOHyRwS5fluA6rgE3cDOyi3%2FkN%2FFIEWKf8qInDGOFcHsAFfFqknBqXG%2FlMIVzo7w24lfLkhwLgC66PvQnqi8GBe"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ezgif.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
8460000c09d156c6-OSL
expires
0
auction
prebid-stag.setupad.net/openrtb2/ 		0
0
bid
ap.lijit.com/rtb/ 		25 B
521 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.54.0
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.91 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
87e16d2d6e3c836493cc8aca5fbb2f55c140a07bfb0ff2a9bc7425d42cd3e197

Request headers

Referer
https://ezgif.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 15 Jan 2024 17:57:16 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://ezgif.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
v1
prg.smartadserver.com/prebid/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
433cf2eee345703953bc345e124303126e22c0d491dee78d088df92d24532861

Request headers

Referer
https://ezgif.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:16 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://ezgif.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
2105351e834119dcaa072974baaae3975f636cbb2619c466fb612af01c96c279

Request headers

Referer
https://ezgif.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:16 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://ezgif.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
d518ca0f9654ae293dea7463ea9eff24ec9fc04f66d0d9af59bd497920235617

Request headers

Referer
https://ezgif.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:16 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://ezgif.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
fc56acc9f58e078d6b386029ebb12a9555e83e5a8d4c16976a28e145eb33291c

Request headers

Referer
https://ezgif.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:16 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://ezgif.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		495 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
97ce414bf04f8d3b1cbc25b7643625c954e7403f2d923a8fd7c2991a9552bae3
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ezgif.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:17 GMT
an-x-request-uuid
e88a0821-f2c2-4766-9ca3-b7d2e770b156
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ezgif.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.255.148.165; 178.255.148.165; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
495
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
544 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=321807
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fef21a7ecb523072d65d5d653f70a31a17f779403d863ca6f317cb15a7b06490

Request headers

Referer
https://ezgif.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:16 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oPmUbLg0MwLpWhKcYR%2FB8hjfO3jCWPmw3vANOORJum%2BWowfjsmYGxAneI5nwP%2FCU4Nhc5IX5Bcde9ex8L9KCZnGVPWfwKMbj2wb%2FOXk5v6FiZqkYaN77hcsYyT7BI0jIceLIscXz"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://ezgif.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8460000c1bce56a9-OSL
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
prebidjs
rtb.openx.net/openrtbb/ 		53 B
245 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
e4830db81d44f21f3fd7589c56fff1dcc4fb917affb4a8aa0a71f4d0b8f6c1df

Request headers

Referer
https://ezgif.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 15 Jan 2024 17:57:16 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://ezgif.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
prebid
mp.4dex.io/ 		64 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:22b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c27414876349712983df81fb135ebf1c414976dde4a0e75d658e69f9dde06728

Request headers

Referer
https://ezgif.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-ams
date
Mon, 15 Jan 2024 17:57:16 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Floors. 1 inventory rules not found for mediatype: banner and adUnitCode: ezgif_com_728x90_middle_responsive, Process Floors. 1 inventory rules not found for mediatype: banner and adUnitCode: ezgif_com_728x90_top_responsive
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ezgif.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
8460000c282fb503-OSL
expires
0
v1
btlr.sharethrough.com/universal/ 		0
141 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.135.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-135-126.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ezgif.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ezgif.com
date
Mon, 15 Jan 2024 17:57:17 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v1
btlr.sharethrough.com/universal/ 		0
141 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.135.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-135-126.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ezgif.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ezgif.com
date
Mon, 15 Jan 2024 17:57:17 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v1
btlr.sharethrough.com/universal/ 		0
141 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.135.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-135-126.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ezgif.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ezgif.com
date
Mon, 15 Jan 2024 17:57:17 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v1
btlr.sharethrough.com/universal/ 		0
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.135.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-135-126.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ezgif.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ezgif.com
date
Mon, 15 Jan 2024 17:57:17 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
ad
lwadm.com/ 		2 KB
946 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lwadm.com/ad
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.33.173 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-33-173.eu-central-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
86aa467317b27a01b7aaece3f8bf59634ded800a9a6bcfbfcf28e6079e03a437

Request headers

Referer
https://ezgif.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 15 Jan 2024 17:57:16 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ezgif.com
cache-control
no-cache,no-store,max-age=0,must-revalidate,private
access-control-allow-credentials
true
openrtb
adx.adform.net/adx/ 		0
528 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ezgif.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://ezgif.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
hb-multi
hb.yellowblue.io/ 		85 B
422 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.yellowblue.io/hb-multi
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.72.115.20 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-115-20.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
60a7c0a991f3e79413e8a915f5803562fc0490e6cac0d1af75f1815e625242ac

Request headers

Referer
https://ezgif.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 15 Jan 2024 17:57:16 GMT
server
istio-envoy
x-reason
maxmind anonymous
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://ezgif.com
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
85
auction
tlx.3lift.com/header/ 		19 B
585 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.54.0&referrer=https%3A%2F%2Fezgif.com%2Fresize&tmax=1000&gdpr=false
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.59.109.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-109-187.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ezgif.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:17 GMT
accept-ch
sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ezgif.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
receive-cookie-deprecation
1; Secure; HttpOnly; Path=/; SameSite=None; Partitioned
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
cdb
bidder.criteo.com/ 		0
188 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=7.54.0&cb=8801827424&lsavail=1
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ezgif.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ezgif.com
date
Mon, 15 Jan 2024 17:57:16 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
fastlane.json
fastlane.rubiconproject.com/a/api/ 		651 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13606&site_id=227822&zone_id=1134632%3B1134626%3B1610166%3B1610166&size_id=2%3B2%3B15%3B15&alt_size_ids=1%3B%3B9%2C10%2C48%3B9%2C10%2C48&gdpr=0&rp_schain=1.0,1!setupad.com,158,1,,,&rf=https%3A%2F%2Fezgif.com%2Fresize&tg_i.domain=ezgif.com&tg_i.page=https%3A%2F%2Fezgif.com%2Fresize&tk_flint=pbjs_lite_v7.54.0&x_source.tid=a577dbfb-8519-489c-95fb-ae11738779fe%3Bd09fc562-d60e-4215-ba67-37c4b7030409%3B9a1f5754-819d-4686-ba0d-841508e917d7%3B1a85143f-1c83-48b7-ad20-3d3c9357b78b&l_pb_bid_id=122bda5787367f56%3B12361439eda3b97f%3B124bfb5fac6a6e4%3B12573d1192b7b3aa&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=a577dbfb-8519-489c-95fb-ae11738779fe%3Bd09fc562-d60e-4215-ba67-37c4b7030409%3B9a1f5754-819d-4686-ba0d-841508e917d7%3B1a85143f-1c83-48b7-ad20-3d3c9357b78b&rp_maxbids=1&slots=4&rand=0.6068818258352175
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::91 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
9b67c725ada249dd6e34571e4feb9b914d39a28356c376107b6ec07bc835c27b

Request headers

Referer
https://ezgif.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:17 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://ezgif.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ 		0
109 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ezgif.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ezgif.com
date
Mon, 15 Jan 2024 17:57:16 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
c
prebid.a-mo.net/a/ 		0
351 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ezgif.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ezgif.com
date
Mon, 15 Jan 2024 17:57:16 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
23
server
envoy
vary
origin, Accept-Encoding
hb
rt.marphezis.com/ 		0
221 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rt.marphezis.com/hb
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.128.135.204 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ezgif.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ezgif.com
pragma
no-cache
date
Mon, 15 Jan 2024 17:57:16 GMT
cache-control
no-store
access-control-allow-credentials
true
vary
Origin
expires
0
increment
id5-sync.com/api/esp/ 		0
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://ezgif.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ezgif.com
date
Mon, 15 Jan 2024 17:57:16 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fezgif.com%2Fresize&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fezgif.com%2Fresize&rid=esp&cc=1
85 B
194 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fezgif.com%2Fresize&rid=esp&cc=1
Requested by
Host: ezgif.com
URL: https://ezgif.com/resize
Protocol
H2
Server
34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.107.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
e543eefd74772c24cb757bfecd6dc37f4d5c5dcb24858d91d72fbc891cf5d11d

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ezgif.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:57:17 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-rq1xHS07EAGF+bSMyi7u/wiTBFE"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ezgif.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Mon, 15 Jan 2024 17:57:16 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://ezgif.com
location
/esp?url=https%3A%2F%2Fezgif.com%2Fresize&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
269 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
4686a917704d0e517dfe1c74138f2ebf2359b04d65570d55f566ca441a0c5590
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://ezgif.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ezgif.com
date
Mon, 15 Jan 2024 17:57:16 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
b-935e2f1-22fd8186.js
tagan.adlightning.com/setupad/ 		71 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/setupad/b-935e2f1-22fd8186.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2231903638371ed6f332ab6c4482f1b0716e4aabf55b98b3efef17e07e0fa22e

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ezgif.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 00:07:14 GMT
content-encoding
gzip
via
1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
x-amz-version-id
TSM1sCYCFVBYqK8r2.wgiAybDtOWIo_C
x-amz-cf-pop
FRA60-P4
age
4211403
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
27763
x-amz-meta-git_commit
935e2f1
last-modified
Tue, 03 Oct 2023 14:25:23 GMT
server
AmazonS3
etag
"7164aeb4f3f79e485a778007d9bf2ade"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
3tBkPXlXtsTAPQ-qnazw2tHV5ERE9ip-gl8sb4FdCEJ8OOvOkRFElw==
bl-250cc79-7b57fac3.js
tagan.adlightning.com/setupad/ 		72 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/setupad/bl-250cc79-7b57fac3.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
44774be891c56e74c47471b718cc0846c3549496c82a9cda4ec4b47ccc325e35

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ezgif.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 11:37:57 GMT
content-encoding
gzip
via
1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
x-amz-version-id
bz.LJTOiikJkrZ_405ltiH2k3k8xaB9c
x-amz-cf-pop
FRA60-P4
age
195560
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
31148
x-amz-meta-git_commit
250cc79
last-modified
Sat, 13 Jan 2024 11:32:21 GMT
server
AmazonS3
etag
"a196e933fbe3bbafc363249ab99fcd33"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
zoHA7KRzGlfAFMb0rw7kuZ-1_iWxXzQSonT7NpbNrkTgSaJE0eEQHA==
map
bcp.crwdcntrl.net/6/ 		60 B
331 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.170.29.7 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-170-29-7.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
0a301f1f7c6a44809d4c4d29d527211afca4d3cd5aafa9035e859c1fb126d6fc

Request headers

Referer
https://ezgif.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:17 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://ezgif.com
cache-control
no-cache
x-server
10.45.19.186
access-control-allow-credentials
true
content-length
60
expires
0
syncframe
gum.criteo.com/ Frame D16F 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=ezgif.com&gdpr=0&gdpr_consent=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
cf66b1a88c1b59fe8d1068ff7ec392816c6a8a43a1d0647bd940591f09974446
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ezgif.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 15 Jan 2024 17:57:16 GMT
server
Kestrel
server-processing-duration-in-ticks
402825
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
/
ads.us.e-planning.net/uspd/1/ Frame EC4E
Redirect Chain
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
1 KB
835 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
4461d390ea72aac9e612f5190279550e883baf8f310b8ee9b9d0c8c1f5b319a6

Request headers

Referer
https://ezgif.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-encoding
gzip
content-type
text/html
date
Mon, 15 Jan 2024 17:57:17 GMT
expires
Mon, 15 Jan 2024 17:57:17 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-937

Redirect headers

content-type
text/html; charset=iso-8859-1
date
Mon, 15 Jan 2024 17:57:17 GMT
location
/uspd/1/?ct=1&du=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-937
fed
ups.analytics.yahoo.com/ups/58813/ 		2 B
199 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ups.analytics.yahoo.com/ups/58813/fed?gpp_sid=-1&gdpr=false&v=1&url=https%3A%2F%2Fezgif.com%2Fresize
Requested by
Host: connectid.analytics.yahoo.com
URL: https://connectid.analytics.yahoo.com/connectId-gpt.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ezgif.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:57:17 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
vary
Origin
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin
https://ezgif.com
content-type
application/json
access-control-allow-credentials
true
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=qaJs9nxTOXM0SlhWQ25Zb1R1L2krdHBBQkVLQ25aZisxMTJlcm0welRzd2ZKUXUzMlZiTG5mUDhUSEw2YjZiYUI5dXZEbDNYcW83aXJzVUUzUWpMb3dzVGZwcWRCdVBXS2xzeVdIWDNmTTJSZ2RsYWo5RVB5dFhGaVloNitZU2FWMGg5NDg5eHlDbm9wUXg4bGtFVTBYMWxnQy9NVDZnazhWZGlDSW5oL1VaWFRqaGdydXdpZmNQdld3Y2RhWEFsNXRVN1h3ODIrSmdoY0hVUXh0NHRCUnRVdVJaWGgybHBDQlRBeHZUR1MyWlBENldNPXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 15 Jan 2024 17:57:17 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
197330
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
481.json
id5-sync.com/g/v2/ 		251 B
526 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/481.json
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
44c62872d67e91415d562db69e868bb87f622a773f457f41f802b35b24c7d354
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://ezgif.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ezgif.com
date
Mon, 15 Jan 2024 17:57:16 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac
config.aps.amazon-adsystem.com/configs/ 		564 B
840 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-71.fra6.r.cloudfront.net
Software
CloudFront /
Resource Hash
14c0549120ebd90e7f7db3f13cb47dacb1c741c196885c31a0812f42cf41339f

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ezgif.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:03:01 GMT
via
1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA6-C1
age
3256
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
564
x-amz-cf-id
LtuJeZrCuzL_QxHHofJk0Edvj-veAUmGKwY2BbgzHK73LJkwO9nhRQ==
config
c.amazon-adsystem.com/cdn/prod/ 		4 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fezgif.com&pubid=d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.179.133 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-179-133.mrs52.r.cloudfront.net
Software
Server /
Resource Hash
5f27f2d6fd0d7a35050e1868e67548df87f1c88964ee798f826cca6ea1cd747b

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ezgif.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 14:23:56 GMT
via
1.1 e6fa1c9191449608305126abd895ecaa.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
MRS52-P5
age
12800
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://ezgif.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
3623
x-amz-cf-id
Ds24CEu9ECl4DFDUUb8Mp5iW_QTM7c4uSAVLogNPnTP6xLe9ZRoEzg==
bid
aax.amazon-adsystem.com/e/dtb/ 		264 B
700 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fezgif.com%2Fresize&pid=MWWDZPbq54pSg&cb=0&ws=1600x1200&v=23.1211.1645&t=1000&slots=%5B%7B%22sd%22%3A%22ezgif_com_728x90_middle_responsive%22%2C%22s%22%3A%5B%22728x90%22%2C%22468x60%22%5D%2C%22sn%22%3A%22%2F147246189%2C21770999482%2Fezgif.com_728x90_desktop_middle%22%7D%2C%7B%22sd%22%3A%22ezgif_com_728x90_top_responsive%22%2C%22s%22%3A%5B%22728x90%22%2C%22460x60%22%5D%2C%22sn%22%3A%22%2F147246189%2C21770999482%2Fezgif.com_728x90_desktop_top%22%7D%2C%7B%22sd%22%3A%22ezgif_com_300x600_2%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x300%22%2C%22300x250%22%2C%22160x600%22%5D%2C%22sn%22%3A%22%2F147246189%2C21770999482%2Fezgif.com_300x600_2%22%7D%2C%7B%22sd%22%3A%22ezgif_com_300x600_1%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x300%22%2C%22300x250%22%2C%22160x600%22%5D%2C%22sn%22%3A%22%2F147246189%2C21770999482%2Fezgif.com_300x600_1%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&schain=1.0%2C1!setupad.com%2C158%2C1%2C%2C%2C&pubid=d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.119.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-119-77.fra60.r.cloudfront.net
Software
Server /
Resource Hash
d66009f5a56d394f018691959e8ff472b757957713d287c56e29e643410edabf
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ezgif.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:57:17 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P1
x-amz-rid
NWYFRZ2YNHP2K1SKY721
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://ezgif.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
264
x-amz-cf-id
Bu8We8Pm0rgUeK9Ev0KZkjoodg5xQMSkjZoI0obmFs6mskP_rT1xLQ==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.179.133 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-179-133.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ezgif.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 9a4d537074b1ff7bc00147aaa0a55f82.cloudfront.net (CloudFront)
date
Mon, 15 Jan 2024 08:42:54 GMT
x-amz-cf-pop
MRS52-P5
age
33296
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
IjIE03Jnt6cgC0nnXEjnjjI92YjL0s2rXxWHYAWYhnMBYGMN_o5OCA==
sid
mug.criteo.com/ Frame D16F
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=ezgif.com&sn=ChromeSyncframe&so=0&topUrl=ezgif.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=o8TwSXxESkZ5UkYrMHdsQXZROWROdTBkREhDeWgra1N4SWxJN05ZUUpmM29sNS8vdkQxemJxWGlFRTNTTVFKQlNSVytUWWpNeU8xb21FVWRYTmhsVmZtdU5UZ1hzYXdrcFo3TFRNSGxPa29xazFvMko2REVjVzVESFVid0...
423 B
645 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=o8TwSXxESkZ5UkYrMHdsQXZROWROdTBkREhDeWgra1N4SWxJN05ZUUpmM29sNS8vdkQxemJxWGlFRTNTTVFKQlNSVytUWWpNeU8xb21FVWRYTmhsVmZtdU5UZ1hzYXdrcFo3TFRNSGxPa29xazFvMko2REVjVzVESFVid040NGt4SUhPaXYzTDQ5Q2NXQms0QnNMK3JqWGJKS1drYVQ5ZnIzck1QZklYSk84cm5rcVdJZVg4ZkNFZDRDL1hYUGpUa055VjNwQ1NHS2wyL3RVUGp5bjczRlRFdWxsa1RXTjhNdmsrR1dKWlNZazRhdlNtNng4RG9SSWQ3OWRRWFQ0ODV3M0FMR0djVGh0R2hUUWpzbDNZOXdlVFpydz09fA&cppv=2
Requested by
Host: ezgif.com
URL: https://ezgif.com/resize
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e03da011f39a1f7bb67b68ef630b7b7c0cc35cf127b9988b7844a4da1dacd6ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:16 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1319884
expires
0

Redirect headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:16 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=o8TwSXxESkZ5UkYrMHdsQXZROWROdTBkREhDeWgra1N4SWxJN05ZUUpmM29sNS8vdkQxemJxWGlFRTNTTVFKQlNSVytUWWpNeU8xb21FVWRYTmhsVmZtdU5UZ1hzYXdrcFo3TFRNSGxPa29xazFvMko2REVjVzVESFVid040NGt4SUhPaXYzTDQ5Q2NXQms0QnNMK3JqWGJKS1drYVQ5ZnIzck1QZklYSk84cm5rcVdJZVg4ZkNFZDRDL1hYUGpUa055VjNwQ1NHS2wyL3RVUGp5bjczRlRFdWxsa1RXTjhNdmsrR1dKWlNZazRhdlNtNng4RG9SSWQ3OWRRWFQ0ODV3M0FMR0djVGh0R2hUUWpzbDNZOXdlVFpydz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
225212
content-length
0
expires
0
adagio.js
script.4dex.io/ 		75 KB
24 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26305a08644b4f51b55812cf0ecf879c22da303a365b3d2769baa1b54c028c4d

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ezgif.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 17:57:17 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
1484565
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Mon, 27 Nov 2023 07:14:07 GMT
Server
cloudflare
ETag
W/"6faf3acfde3bb82adada71be4fc1deb0"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=44cuQY6WAfyR7ssnS0DP6bnYU2w1o17PmqhPX6O99OvZOk35Nh8PLcio0B33okuCREdrI2gbk38nq2lBvIM%2FVsO3N26rXfG9Hdm1GBkeeBF053%2FOehAD%2BHRGU71qNNIyf6TF%2BcBR8t1Garjm"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
84600010e8b45288-LHR
um
u-ams03.e-planning.net/ Frame EC4E
Redirect Chain
  • https://sync.go.sonobi.com/us?loc=%0A%0Ahttps%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De52415579699e09f%26fi%3D64997698ad5b31b1%26uid%3D%5BUID%5D
  • https://u-ams03.e-planning.net/um?dc=e52415579699e09f&fi=64997698ad5b31b1&uid=4cc43bb9-d7a1-4440-ab6b-aa41b31e8b82
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams03.e-planning.net/um?dc=e52415579699e09f&fi=64997698ad5b31b1&uid=4cc43bb9-d7a1-4440-ab6b-aa41b31e8b82
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

server
openresty
date
Mon, 15 Jan 2024 17:57:17 GMT
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:17 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-104
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://u-ams03.e-planning.net/um?dc=e52415579699e09f&fi=64997698ad5b31b1&uid=4cc43bb9-d7a1-4440-ab6b-aa41b31e8b82
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
prebid
rtb.openx.net/sync/ Frame EC4E 		43 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D64997698ad5b31b1%26uid%3D%24%7BUID%7D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:17 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
um
u-ams03.e-planning.net/ Frame EC4E
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D64997698ad5b31b1%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fu-ams03.e-planning.net%252Fum%253Fdc%253D8103fa85295fbe60%2526fi%253D64997698ad5b31b1%2526uid%253D%2524UID
  • https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=64997698ad5b31b1&uid=5498199044226996140
42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=64997698ad5b31b1&uid=5498199044226996140
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

server
openresty
date
Mon, 15 Jan 2024 17:57:17 GMT
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:17 GMT
an-x-request-uuid
37e76904-9b00-4911-8ac8-2ea0e0c69a9d
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=64997698ad5b31b1&uid=5498199044226996140
x-proxy-origin
178.255.148.165; 178.255.148.165; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
x.bidswitch.net/ul_cb/ Frame EC4E
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=eplanning
  • https://x.bidswitch.net/ul_cb/sync?ssp=eplanning
43 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/ul_cb/sync?ssp=eplanning
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
18.159.21.114 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-21-114.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:57:17 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

location
https://x.bidswitch.net/ul_cb/sync?ssp=eplanning
date
Mon, 15 Jan 2024 17:57:17 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
um
sync.e-planning.net/ Frame EC4E
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=eplanning
  • https://sync.1rx.io/usersync2/rmpssp?sub=eplanning&zcc=1&cb=1705341437344
  • https://ad.turn.com/r/cs?pid=45&rndcb=7860152623
  • https://sync.1rx.io/usersync/turn/3897694967927432154?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-6e6f60e8-35a0-40b1-a582-c5da107844cb-003?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3DRX-6e6f60e8-35a0-40b1-a582-c5da107844cb-003%26dc%3Dfc74...
  • https://sync.e-planning.net/um?uid=RX-6e6f60e8-35a0-40b1-a582-c5da107844cb-003&dc=fc741bbdfeedcd57&iss=1
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?uid=RX-6e6f60e8-35a0-40b1-a582-c5da107844cb-003&dc=fc741bbdfeedcd57&iss=1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

server
openresty
date
Mon, 15 Jan 2024 17:57:17 GMT
content-type
image/gif

Redirect headers

location
https://sync.e-planning.net/um?uid=RX-6e6f60e8-35a0-40b1-a582-c5da107844cb-003&dc=fc741bbdfeedcd57&iss=1
date
Mon, 15 Jan 2024 17:57:17 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX6e6f60e835a040b1a582c5da107844cb003
content-type
text/html
15581
rtb.gumgum.com/usync/ Frame 7A2F 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D64997698ad5b31b1%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.148.20 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-148-20.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
0d9fda10530e0acec820b91e741136ff6ba5d24dc74a37220a8236a254a04fb2

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Mon, 15 Jan 2024 17:57:17 GMT
etag
W/"0383f787784ad4d2572f119c1f1f83432"
server
nginx
timing-allow-origin
*
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A781 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D64997698ad5b31b1%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-200.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=172223
content-encoding
gzip
content-length
5622
content-type
text/html
date
Mon, 15 Jan 2024 17:57:17 GMT
expires
Wed, 17 Jan 2024 17:47:40 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
setuid
prebid-stag.setupad.net/ Frame 59CE 		0
466 B 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid-stag.setupad.net/setuid?bidder=eplanning&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&f=b&uid=AGBpJE%2fUlC%2fuyZTt
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.68.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8460000e9f2856c6-OSL
content-encoding
br
content-type
text/html
date
Mon, 15 Jan 2024 17:57:17 GMT
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vc7JO2Ec79zXa%2Fi91fkjwc5ed79ZGtE95yyqNCPZjF4IHrJ8jL0WTLo1UPxIJRWjoMejunyDaaysmf5vn%2BVz03hp9rIlmUGb7JZnaXZ4ADKmeM69shey24thOmavyeTV4Y%2Fw%2BGeFv2Pj"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.176.78 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-176-78.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ezgif.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:57:17 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Mon, 15 Jan 2024 18:12:17 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16576/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-104.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ezgif.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 02:12:54 GMT
content-encoding
gzip
via
1.1 cae542650fb32c773cc494fc6e7e71e6.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:42 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
56664
x-amz-server-side-encryption
AES256
etag
W/"6e8b1f94eaf615b7d0953ad4e8d8bb85"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
ugvl-wJP_azdH5Kxs5J97acJt92lLhPzyPamfhfqiUHIreI11JdZkA==
hadron.js
cdn.hadronid.net/ 		55 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fezgif.com%2Fresize&ref=&_it=amazon&partner_id=533
Requested by
Host: ezgif.com
URL: https://ezgif.com/resize
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:35ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2365cc11ef3d43f265b848c7164e5487c7a49d6af06c2938ac9272c8d91fc1a2

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ezgif.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:57:17 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Wed, 29 Nov 2023 15:31:45 GMT
server
cloudflare
x-amz-request-id
01C975WVAA3JDKHJ
age
5174
etag
W/"13043c1bbaf21ccc6e8ed474a744d3f2"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
8460000f4edd712b-OSL
x-amz-id-2
hxb2Br8vf2uBBniSeqakgjztWKIPtATtD6bN1gV+n3Vg6mNMl2rDRQL+gF8pDyHWIII6UuGjSsI=
id5-api.js
cdn.id5-sync.com/api/1.0/ 		113 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d351ad9e0491a3bb72ba3995d0dfe67f6af54bbf7d97e18f43ff203ffc5efe1f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ezgif.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:57:17 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 08 Jan 2024 11:20:59 GMT
server
cloudflare
x-amz-request-id
6XY7VN7YSPXNABH2
age
1449
etag
W/"9692928e9024f20ea54c02122b35d5bb"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
8460000ec989712a-OSL
x-amz-id-2
z3/xhLoX0lJmAWMuOVqJLNGUiNuO3IHe5E4qpnaT17wXYxA21XUn+pyGOSPcGQ+V+qJjkI81GbQ=
launcher-stub.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.176.78 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-176-78.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ezgif.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:57:17 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 18:52:26 GMT
server
Apache
etag
"38c0-5e92054540ea5-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
5252
expires
Mon, 15 Jan 2024 18:12:17 GMT
pd
google-bidout-d.openx.net/w/1.0/ Frame 1D11 		199 B
298 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e

Request headers

Referer
https://ezgif.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
151
content-type
text/html
date
Mon, 15 Jan 2024 17:57:17 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
map
bcp.crwdcntrl.net/6/ 		60 B
329 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.170.29.7 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-170-29-7.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
d59823011623cf1f81ad963e70a691069c3ffc58c0ed9d31fedbf6f79605e48d

Request headers

Referer
https://ezgif.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:17 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://ezgif.com
cache-control
no-cache
x-server
10.45.9.141
access-control-allow-credentials
true
content-length
60
expires
0
hadron.json
id.hadron.ad.gt/v1/ 		94 B
285 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=533&sync=0&domain=ezgif.com&url=https://ezgif.com/resize
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fezgif.com%2Fresize&ref=&_it=amazon&partner_id=533
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9de63788976a6a3b3b75906d3cec42bcb25260d71199ab4826562c95e6db369f

Request headers

Referer
https://ezgif.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 15 Jan 2024 17:57:17 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
private,max-age=30
access-control-allow-credentials
true
debug
NON-OPTIONS
access-control-allow-headers
authorization
cf-ray
846000111caf5693-OSL
hadron.json
id.hadron.ad.gt/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=533&sync=0&domain=ezgif.com&url=https://ezgif.com/resize
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://ezgif.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin
*
allow
POST, OPTIONS, GET
cache-control
max-age=31536000 public, no-transform
cf-cache-status
DYNAMIC
cf-ray
846000103af05693-OSL
content-length
0
content-type
application/json
date
Mon, 15 Jan 2024 17:57:17 GMT
debug
OPTIONS block
expires
Tue, 14 Jan 2025 17:57:17 GMT
server
cloudflare
PugMaster
image6.pubmatic.com/AdServer/ Frame A781 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=52079815&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D64997698ad5b31b1%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:57:16 GMT
content-length
0
usersync
usersync.gumgum.com/ Frame 7A2F
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=5498199044226996140
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=5498199044226996140
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D64997698ad5b31b1%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 15 Jan 2024 17:57:17 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:17 GMT
an-x-request-uuid
ad42cd54-79fe-491a-b3dc-6b7eac458030
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://usersync.gumgum.com/usersync?b=apn&i=5498199044226996140
x-proxy-origin
178.255.148.165; 178.255.148.165; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 7A2F
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_2e6b5195-7336-4572-839a-b7fc5c71c798&gdpr=&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_2e6b5195-7336-4572-839a-b7fc5c71c798&gdpr=&gdpr_consent=&us_privacy=
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=gumgum2
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=gumgum2
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=1325312571758247641&ssp=gumgum2
  • https://usersync.gumgum.com/usersync?b=bsw&i=125f1bfd-f835-444f-aebb-fe39c951329f&gdpr=&gdpr_consent=&us_privacy=
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=125f1bfd-f835-444f-aebb-fe39c951329f&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D64997698ad5b31b1%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 15 Jan 2024 17:57:17 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
//usersync.gumgum.com/usersync?b=bsw&i=125f1bfd-f835-444f-aebb-fe39c951329f&gdpr=&gdpr_consent=&us_privacy=
date
Mon, 15 Jan 2024 17:57:17 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
cm
us-u.openx.net/w/1.0/ Frame 7A2F 		43 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D64997698ad5b31b1%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:17 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
usersync
usersync.gumgum.com/ Frame 7A2F
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-50c15911-bbf9-595b-7808-0521a737c370$ip$178.255.148.165
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-50c15911-bbf9-595b-7808-0521a737c370$ip$178.255.148.165
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D64997698ad5b31b1%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 15 Jan 2024 17:57:18 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-50c15911-bbf9-595b-7808-0521a737c370$ip$178.255.148.165
Date
Mon, 15 Jan 2024 17:57:17 GMT
Connection
keep-alive
Content-Length
129
Content-Type
text/html; charset=utf-8
gumgum
pr-bh.ybp.yahoo.com/sync/ Frame 7A2F 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D64997698ad5b31b1%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:3295:f713:9e96:927c Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:57:17 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
usersync
usersync.gumgum.com/ Frame 7A2F
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%...
  • https://usersync.gumgum.com/usersync?b=vnt&i=a49e1b87-15a1-4300-80a6-42101368b95b
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=a49e1b87-15a1-4300-80a6-42101368b95b
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D64997698ad5b31b1%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 15 Jan 2024 17:57:18 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=a49e1b87-15a1-4300-80a6-42101368b95b
Date
Mon, 15 Jan 2024 17:57:17 GMT
Connection
keep-alive
X-CI-RTID
a9d92a56-5b4b-4830-ad63-a36915335b6f
Content-Length
108
Content-Type
text/html; charset=utf-8
142
match.deepintent.com/usersync/ Frame 7A2F 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D64997698ad5b31b1%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:57:17 GMT
content-length
0
server
a
/
b1sync.zemanta.com/usersync/gumgum/ Frame 7A2F 		0
0
usersync
rtb.gumgum.com/ Frame 7A2F
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&us_privacy=${us_privacy}&gpp=$&gpp_sid=$&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://rtb.gumgum.com/usersync?b=pln&i=nexbIDoOEifh&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=pln&i=nexbIDoOEifh&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D64997698ad5b31b1%26uid%3D
Protocol
H2
Server
54.154.148.20 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-148-20.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:17 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
no-NO
location
https://rtb.gumgum.com/usersync?b=pln&i=nexbIDoOEifh&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-db744d8c7-2fvgp
expires
-1
usersync
usersync.gumgum.com/ Frame 7A2F
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=1632441555638621583
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=1632441555638621583
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D64997698ad5b31b1%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 15 Jan 2024 17:57:17 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=1632441555638621583
date
Mon, 15 Jan 2024 17:57:17 GMT
content-length
0
um
sync.e-planning.net/ Frame 7A2F 		42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?dc=1a6b1d3b3872943b&fi=64997698ad5b31b1&uid=e_2e6b5195-7336-4572-839a-b7fc5c71c798
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D64997698ad5b31b1%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

server
openresty
date
Mon, 15 Jan 2024 17:57:17 GMT
content-type
image/gif
usersync
usersync.gumgum.com/ Frame 66B3
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=adf&i=115044796224764342&gdpr=&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=adf&i=115044796224764342&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D64997698ad5b31b1%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 15 Jan 2024 17:57:17 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Mon, 15 Jan 2024 17:57:17 GMT
expires
-1
location
https://usersync.gumgum.com/usersync?b=adf&i=115044796224764342&gdpr=&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
pixel
cm.g.doubleclick.net/ Frame 488E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8yZTZiNTE5NS03MzM2LTQ1NzItODM5YS1iN2ZjNWM3MWM3OTg=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync...
  • https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8yZTZiNTE5NS03MzM2LTQ1NzItODM5YS1iN2ZjNWM3MWM3OTg=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync...
170 B
243 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8yZTZiNTE5NS03MzM2LTQ1NzItODM5YS1iN2ZjNWM3MWM3OTg=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv&google_tc=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D64997698ad5b31b1%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Mon, 15 Jan 2024 17:57:17 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
435
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 15 Jan 2024 17:57:17 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8yZTZiNTE5NS03MzM2LTQ1NzItODM5YS1iN2ZjNWM3MWM3OTg=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv&google_tc=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7819 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D64997698ad5b31b1%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-200.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=172223
content-encoding
gzip
content-length
5622
content-type
text/html
date
Mon, 15 Jan 2024 17:57:17 GMT
expires
Wed, 17 Jan 2024 17:47:40 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame A61E 		70 B
149 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D64997698ad5b31b1%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

content-length
70
content-type
image/gif
date
Mon, 15 Jan 2024 17:57:17 GMT
server
Kestrel
usersync
usersync.gumgum.com/ Frame CB70
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZaVx-sCo8YQAAAw9fLgAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZaVx-sCo8YQAAAw9fLgAAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D64997698ad5b31b1%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 15 Jan 2024 17:57:18 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Mon, 15 Jan 2024 17:57:18 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZaVx-sCo8YQAAAw9fLgAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
2
X-SO-Cluster-ID
0
X-SO-HostName
m-ad400.dc4p.scaleout.jp
X-SO-IP
178.255.148.165
X-SO-Key
ZaVx-sCo8YQAAAw9fLgAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"ZaVx-sCo8YQAAAw9fLgAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad400"}
X-SO-LB-Hostname
m-tgng32.dc4p.scaleout.jp
X-SO-Upstream-ID
m-ad400
usersync
usersync.gumgum.com/ Frame 5712
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=Hd2gM0OmKNOMuaQbiBEGjJDBp-VOmEcMMfds83BESbI&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=Hd2gM0OmKNOMuaQbiBEGjJDBp-VOmEcMMfds83BESbI&pi=gumgum&tc=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D64997698ad5b31b1%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 15 Jan 2024 17:57:17 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Mon, 15 Jan 2024 17:57:17 GMT Mon, 15 Jan 2024 17:57:17 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=Hd2gM0OmKNOMuaQbiBEGjJDBp-VOmEcMMfds83BESbI&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 5075
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D64997698ad5b31b1%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 15 Jan 2024 17:57:17 GMT
ETag
"280524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 15 Jan 2024 17:57:17 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
launcher.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 		49 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.176.78 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-176-78.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ezgif.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:57:17 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 18:52:26 GMT
server
Apache
etag
"c4b6-5e920545406d3-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17042
expires
Mon, 15 Jan 2024 18:12:17 GMT
launcher
proc.ad.cpe.dotomi.com/cvx/client/direct/ 		190 B
459 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://proc.ad.cpe.dotomi.com/cvx/client/direct/launcher?version=1.1.1&lid=681
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fa8:8806:21::1780 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ezgif.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:57:17 GMT
server
nginx
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
vary
Origin
content-type
application/json
access-control-allow-origin
https://ezgif.com
cache-control
max-age=1800
access-control-allow-credentials
true
content-length
190
expires
Mon, 15 Jan 2024 18:27:17 GMT
iu3
aax-eu.amazon-adsystem.com/s/ Frame 8563
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-index_rx_n-Azerion_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_n-smaato_n-sharethrough_n-onetag_pm-db5_ym_rbd_ppt_n-vmg_n-...
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-index_rx_n-Azerion_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_n-smaato_n-sharethrough_n-onetag_pm-db5_ym_rbd_ppt_n-vmg_n-...
434 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-index_rx_n-Azerion_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_n-smaato_n-sharethrough_n-onetag_pm-db5_ym_rbd_ppt_n-vmg_n-baidu_sovrn_n-Rise_3lift_n-Outbrain&dcc=t
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.226.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
89f04c750cd4ab9fbf62bdbda5bb0a13491ed743708400e5db579a78f85d0d6e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ezgif.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
434
Content-Type
text/html;charset=ISO-8859-1
Date
Mon, 15 Jan 2024 17:57:18 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
0JCFB1PE41M1EQAQVG0X

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Mon, 15 Jan 2024 17:57:17 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-index_rx_n-Azerion_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_n-smaato_n-sharethrough_n-onetag_pm-db5_ym_rbd_ppt_n-vmg_n-baidu_sovrn_n-Rise_3lift_n-Outbrain&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
XNAP20SGNB1T33TMSTVH
g_pbto
1x1.a-mo.net/hbx/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1x1.a-mo.net/hbx/g_pbto?A=undefined&bid=undefined&a=undefined&cn=undefined&aud=undefined&ts=1705341437706&eid=1446fead9fd0155d
Requested by
Host: ezgif.com
URL: https://ezgif.com/resize
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.217.158.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-217-158-231.compute-1.amazonaws.com
Software
MonetEngine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ezgif.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:57:18 GMT
cache-control
max-age=0, private, must-revalidate
server
MonetEngine
ads
securepubads.g.doubleclick.net/gampad/ 		132 KB
28 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2803986539947248&correlator=47308414472220&eid=31079956%2C31080255%2C31080441%2C31080328&output=ldjh&gdfp_req=1&vrg=202401080101&ptt=17&impl=fifs&gdpr=0&iu_parts=147246189%3A21770999482%2Cezgif.com_728x90_desktop_top%2Cezgif.com_300x600_1%2Cezgif.com_300x600_2%2Cezgif.com_728x90_desktop_middle&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=728x90%7C460x60%7C468x60%2C300x250%7C300x600%7C300x300%7C160x600%2C300x250%7C300x600%7C300x300%7C160x600%2C728x90%7C468x60&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1705341437717&lmt=1705341437&adxs=762%2C126%2C126%2C456&adys=28%2C189%2C810%2C883&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C0&ucis=1%7C2%7C3%7C4&oid=2&tos=~~~&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fezgif.com%2Fresize&vis=1&psz=728x-1%7C300x-1%7C300x-1%7C1018x-1&msz=728x-1%7C300x-1%7C300x-1%7C728x-1&fws=0%2C0%2C0%2C4&ohw=0%2C0%2C0%2C1018&ga_vid=789926922.1705341438&ga_sid=1705341438&ga_hid=1536378157&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQY4IWV8tAxSABSAghkEhkKCnB1YmNpZC5vcmcYxYaV8tAxSABSAghqEhgKCXlhaG9vLmNvbRj7h5Xy0DFIAFICCG8SFwoIcnRiaG91c2UYu4eV8tAxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGOCFlfLQMUgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2llRkZ2U25nMmEyeFJNVEpoVG1kMU1ERmtTMEUzZHowOUluMD0Y34qV8tAxSAASGQoKdWlkYXBpLmNvbRjghZXy0DFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGLmHlfLQMUgAUgIIag..&dlt=1705341435908&idt=698&prev_scp=amznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2&cust_params=category%3Dcomputing_graphics%26audience_interest%3Dcomputing%26origin%3Ddirect%26ECT%3D4g%26hb_rf%3D0&adks=2542854772%2C543920996%2C1294909727%2C2638066804&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401080101/pubads_impl.js?cb=31080328
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c853c08095e97fe82b720c113f308201e0071c3ab557f67746f3dbc305a02b2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ezgif.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:57:18 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28490
x-xss-protection
0
google-lineitem-id
6414731445,-1,6414738675,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138455454016,-1,138454930598,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ezgif.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0102 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401080101/pubads_impl.js?cb=31080328
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ezgif.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 15 Jan 2024 17:57:17 GMT
expires
Tue, 14 Jan 2025 17:57:17 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
publishertag.prebid.136.js
static.criteo.net/js/ld/ 		93 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.136.js
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0c1ce1aa8e07e9cd49cd881147c0495b5c636dab10ab1c30ceb935b74a8c0ecd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ezgif.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:57:17 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 19 May 2023 17:15:21 GMT
server
nginx
etag
W/"6467aea9-175c4"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 16 Jan 2024 17:57:17 GMT
533
a.ad.gt/api/v1/u/matches/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/u/matches/533?_it=amazon
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
361c3fe3c11a0fa81580e46d1b6928419bc5871c9416167baab060c0d341934d

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ezgif.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:57:17 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 15 Jan 2024 17:57:13 GMT
server
cloudflare
age
4
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cross-origin-resource-policy
cross-origin
cf-ray
8460001299a6568d-OSL
publishertag.prebid.136.js
static.criteo.net/js/ld/ 		93 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.136.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.136.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0c1ce1aa8e07e9cd49cd881147c0495b5c636dab10ab1c30ceb935b74a8c0ecd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ezgif.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:57:18 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 19 May 2023 17:15:21 GMT
server
nginx
etag
W/"6467aea9-175c4"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 16 Jan 2024 17:57:18 GMT
usync.js
eus.rubiconproject.com/ Frame 5075 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
4c8a159651778f0ae37bbaf10b6d87d1451ead7f3abe06a5436c4935290d285e

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 17:57:17 GMT
Content-Encoding
gzip
Last-Modified
Mon, 15 Jan 2024 04:50:42 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=39172
Connection
keep-alive
Content-Length
10963
Expires
Tue, 16 Jan 2024 04:50:09 GMT
coreid.min.js
secure.cdn.fastclick.net/js/cnvr-coreid/latest/ 		229 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-coreid/latest/coreid.min.js
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.176.78 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-176-78.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
eb87c0447bd19366919bdb8913f775caca732ac31cbc5e5d42e4db5df39437ce

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ezgif.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:57:17 GMT
content-encoding
gzip
last-modified
Mon, 23 Oct 2023 16:23:46 GMT
server
Apache
etag
"394d0-60864a57eaadc-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
67550
expires
Mon, 15 Jan 2024 18:12:17 GMT
setuid
prebid-stag.setupad.net/
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dsmartadserver%26gdpr%3D0%26gdpr_c...
  • https://prebid-stag.setupad.net/setuid?bidder=smartadserver&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=1632441555638621583
86 B
657 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-stag.setupad.net/setuid?bidder=smartadserver&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=1632441555638621583
Requested by
Host: ezgif.com
URL: https://ezgif.com/resize
Protocol
H2
Server
172.67.68.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ezgif.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:18 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0fNxs%2F7gk7hennQwDZNCsGZF%2F6uK9GfNn%2FvjsPuWdKEEkg2Ndhc%2BGqcDPo2e7fzU6Jha%2BArl95UHv4xshUFCN6jqmtw6G8%2Fwty3JkNi02E7QzZheNn90%2Ff19Gdvhmd2DIdmL3DVgANXB"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
cf-ray
84600016280a56c6-OSL
content-length
86
expires
0

Redirect headers

location
https://prebid-stag.setupad.net/setuid?bidder=smartadserver&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=1632441555638621583
date
Mon, 15 Jan 2024 17:57:17 GMT
content-length
0
khaos.json
token.rubiconproject.com/ Frame 5075 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
611afce88997db6fdd35eb213e662871
Expires
0
b-935e2f1-22fd8186.js
tagan.adlightning.com/setupad/ Frame 711E 		71 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/setupad/b-935e2f1-22fd8186.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-935e2f1-22fd8186.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2231903638371ed6f332ab6c4482f1b0716e4aabf55b98b3efef17e07e0fa22e

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ezgif.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 00:07:14 GMT
content-encoding
gzip
via
1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
x-amz-version-id
TSM1sCYCFVBYqK8r2.wgiAybDtOWIo_C
x-amz-cf-pop
FRA60-P4
age
4211405
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
27763
x-amz-meta-git_commit
935e2f1
last-modified
Tue, 03 Oct 2023 14:25:23 GMT
server
AmazonS3
etag
"7164aeb4f3f79e485a778007d9bf2ade"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
DPU0vzG-x0iHzM5l7pCItFFoIUUoZ2nqIbf5sXseJ_FCGuPUqYN-jw==
2779444486187304470
tpc.googlesyndication.com/simgad/ Frame 711E 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/2779444486187304470
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-935e2f1-22fd8186.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8cb7d14099073c15f077595ce8e7305944aadb3f96fe6bddb253e93159b3ba02
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ezgif.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Wed, 08 Jan 2025 10:04:07 GMT
date
Tue, 09 Jan 2024 10:04:07 GMT
x-content-type-options
nosniff
age
546791
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64282
x-xss-protection
0
last-modified
Tue, 21 Nov 2023 09:51:13 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 711E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-935e2f1-22fd8186.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ezgif.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 15:26:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
9053
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 29 Jan 2024 15:26:25 GMT
l
www.google.com/ads/measurement/ Frame 711E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQvMOOGrnNqrbYpA0p7D_mmBaorz8kY-35WqlNgs_6lS-E6uysHPvAKZH2M0qsDqWUCAk62YmtTq3Ag0CfQDRx9gsdzGg
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-935e2f1-22fd8186.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ezgif.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 711E 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-935e2f1-22fd8186.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ezgif.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:57:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704891455226136"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 15 Jan 2024 17:57:18 GMT
node.php
node.setupad.com/node/ 		0
240 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://node.setupad.com/node/node.php
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ezgif.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:18 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
X-Requested-With
container.html
0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A12C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ezgif.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 15 Jan 2024 17:57:17 GMT
expires
Tue, 14 Jan 2025 17:57:17 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
b-935e2f1-22fd8186.js
tagan.adlightning.com/setupad/ Frame 54FD 		71 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/setupad/b-935e2f1-22fd8186.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-935e2f1-22fd8186.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2231903638371ed6f332ab6c4482f1b0716e4aabf55b98b3efef17e07e0fa22e

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ezgif.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 00:07:14 GMT
content-encoding
gzip
via
1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
x-amz-version-id
TSM1sCYCFVBYqK8r2.wgiAybDtOWIo_C
x-amz-cf-pop
FRA60-P4
age
4211405
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
27763
x-amz-meta-git_commit
935e2f1
last-modified
Tue, 03 Oct 2023 14:25:23 GMT
server
AmazonS3
etag
"7164aeb4f3f79e485a778007d9bf2ade"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
czB16m1FENbW85H9ePtfoMCR8wI3yF_SkwxXlypta18ojMMVkSFaAQ==
350038708254257973
tpc.googlesyndication.com/simgad/ Frame 54FD 		159 KB
159 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/350038708254257973
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-935e2f1-22fd8186.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c1afda4e5ec51de511946228d2ff2f6ed95fd06cf8111b6025ab545bd7837c2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ezgif.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Wed, 08 Jan 2025 04:51:18 GMT
date
Tue, 09 Jan 2024 04:51:18 GMT
x-content-type-options
nosniff
age
565560
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
162450
x-xss-protection
0
last-modified
Tue, 21 Nov 2023 10:21:57 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 54FD 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-935e2f1-22fd8186.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ezgif.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 15:26:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
9053
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 29 Jan 2024 15:26:25 GMT
l
www.google.com/ads/measurement/ Frame 54FD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQFRUKG3LWe-RecW0-g1jYZQXqfq2su3chbNkULvV_sQMYMBIxg9VzaDAeg9WPmrc33MewwLe6mit_Cqg5swrdutGlyWg
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-935e2f1-22fd8186.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ezgif.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 54FD 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-935e2f1-22fd8186.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ezgif.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:57:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704891455226136"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 15 Jan 2024 17:57:18 GMT
node.php
node.setupad.com/node/ 		0
241 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://node.setupad.com/node/node.php
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ezgif.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:18 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
X-Requested-With
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
268 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
4686a917704d0e517dfe1c74138f2ebf2359b04d65570d55f566ca441a0c5590
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ezgif.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-origin
https://ezgif.com
date
Mon, 15 Jan 2024 17:57:17 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
bid
aax.amazon-adsystem.com/e/dtb/ 		264 B
700 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fezgif.com%2Fresize&pid=MWWDZPbq54pSg&cb=1&ws=1600x1200&v=23.1211.1645&t=1000&slots=%5B%7B%22sd%22%3A%22ezgif_com_728x90_middle_responsive%22%2C%22s%22%3A%5B%22728x90%22%2C%22468x60%22%5D%2C%22sn%22%3A%22%2F147246189%2C21770999482%2Fezgif.com_728x90_desktop_middle%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&schain=1.0%2C1!setupad.com%2C158%2C1%2C%2C%2C&pubid=d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D&vm=%7B%22ids%22%3A%7B%22id5%22%3A%220%22%2C%22pubcommon%22%3A%225b7c26e3-7b76-48cc-82bb-d00f99f6dc7e%22%2C%22audigent%22%3A%2206067chgl686bgb9l6g69b9b6a6ecfibjl902isq0040gqg600q06g6g0e0miougw%22%7D%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.119.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-119-77.fra60.r.cloudfront.net
Software
Server /
Resource Hash
ea72d881287433899ca7ef3154c0acf7786c7d7b8de521679ce4414b9a0b47aa
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ezgif.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:57:18 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P1
x-amz-rid
T4W6WG2F7VPTJ0FQ2TSS
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://ezgif.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
264
x-amz-cf-id
hFoRM4RftCh8Rjo2hFiGA-9VLoK6IhfZsBXY6Sqd8DG6dt1_OQvgnA==
auction
prebid-stag.setupad.net/openrtb2/ 		417 B
566 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-stag.setupad.net/openrtb2/auction
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.68.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
707009ebd075843a10654a31e762b04823c8a284b4db20c3136fdacad35b4546

Request headers

Referer
https://ezgif.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:18 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-prebid
pbs-go/0.259.0
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g85G4%2BCqy8z8u%2BPCvYlF3OcQxdWFN%2FL7Ox1dczn9eeGMqMWopkoZwc%2FHQdFNcRvhcbHSUrVBVYnXzjng8fgJzO7bJEhDjvwCBbOumNUy1wlO0Sj0nvlxG4xTO%2BWR80f81RQlviyI9EqL"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://ezgif.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
84600016fad156c6-OSL
expires
0
prebid
mp.4dex.io/ 		64 B
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:22b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c27414876349712983df81fb135ebf1c414976dde4a0e75d658e69f9dde06728

Request headers

Referer
https://ezgif.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-ams
date
Mon, 15 Jan 2024 17:57:18 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Floors. 1 inventory rules not found for mediatype: banner and adUnitCode: ezgif_com_728x90_middle_responsive
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ezgif.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
846000170c79b503-OSL
expires
0
cdb
bidder.criteo.com/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=136&profileId=185&av=36&wv=7.54.0&bundle=Jdzacl9zOTk0Sjl5S1JvR2UxOUt3Q3pkamVlalFVNElSenI0cTk1bUpnNHVYNHA0bWIlMkJiVVpHZnQ3cXJRZTF1UjdodXJGMmttdEVLNlRWUTNOTkFUcUtONTYxa0Z3VTFHWjViUXRsbmQyN0FCMnNBZnJIZnpVOURGdUZBdlk4TEdqMWJKbXJUMEtya2FUZXZXUGtlRnBzVE00ZyUzRCUzRA&cb=31159678382
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
c341e3b617ce3817b7fd4594439fe79c3670a664ef6593eb45ac89f8ea8ab160
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ezgif.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 15 Jan 2024 17:57:18 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://ezgif.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
auction
tlx.3lift.com/header/ 		19 B
600 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.54.0&referrer=https%3A%2F%2Fezgif.com%2Fresize&tmax=2000&gdpr=false
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.59.109.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-109-187.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ezgif.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:18 GMT
accept-ch
sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data
x-auction-status
29
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ezgif.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
receive-cookie-deprecation
1; Secure; HttpOnly; Path=/; SameSite=None; Partitioned
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
hb-multi
hb.yellowblue.io/ 		85 B
421 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.yellowblue.io/hb-multi
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.72.115.20 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-115-20.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
dba94ce0bf3ae84f4ffd077c9b2837406696029c4eb4cf2f96b167457046047f

Request headers

Referer
https://ezgif.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 15 Jan 2024 17:57:18 GMT
server
istio-envoy
x-reason
maxmind anonymous
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://ezgif.com
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
85
prebid
ib.adnxs.com/ut/v3/ 		16 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
747411abbe7d509e2efa5eaf329ca51af21c78d55bf56c92e3676726fe7f68c2
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ezgif.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:18 GMT
content-encoding
gzip
an-x-request-uuid
cb8e3125-3218-48a3-af9e-c8cbe83f4ccf
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ezgif.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.255.148.165; 178.255.148.165; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
c
prebid.a-mo.net/a/ 		0
232 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ezgif.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ezgif.com
date
Mon, 15 Jan 2024 17:57:18 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
23
server
envoy
vary
origin, Accept-Encoding
bid
ap.lijit.com/rtb/ 		25 B
521 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.54.0
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.91 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
243ed9d04bf5e8260623fe86d0f1ee1c2e9636c94092fc60af190273f54cd8f8

Request headers

Referer
https://ezgif.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 15 Jan 2024 17:57:18 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://ezgif.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
ad
lwadm.com/ 		613 B
683 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lwadm.com/ad
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.33.173 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-33-173.eu-central-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a28eb32e6fa8bdd93165a7248a090b2cd79f68df7f96c7b86ccf002da23ea92c

Request headers

Referer
https://ezgif.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 15 Jan 2024 17:57:18 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ezgif.com
cache-control
no-cache,no-store,max-age=0,must-revalidate,private
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ 		0
53 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ezgif.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ezgif.com
date
Mon, 15 Jan 2024 17:57:18 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
openrtb
adx.adform.net/adx/ 		0
619 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ezgif.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://ezgif.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=321807
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5beff48c3e7ba95facb73df023f25aa3ae9ac86b7d1ec3ae1cffce9c38f19a6e

Request headers

Referer
https://ezgif.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:18 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S17hGXhbPIGUpjPjAHMSaBVt8LDLPJ%2BndaL2fDqbFymxZc2m1SGAaXqynfDzcrUkm9378%2FtLE2PEI6sQdDRsy0KK8ZIECNAQU4NzKZES%2BUba41RrACpPCChUTRTRH%2BYTHk9TE0wV"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://ezgif.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
846000171ab756a9-OSL
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		316 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13606&site_id=227822&zone_id=1134632&size_id=2&alt_size_ids=1&gdpr=0&rp_schain=1.0,1!setupad.com,158,1,,,&eid_id5-sync.com=0%5E1%5E&eid_criteo.com=CF3hjl9GRzRRN0xSTyUyRlk5aVYlMkJoWUFuYXlWbjhMSFklMkJFVGxvSE5EV1lJY2tpNXpIdTlJNlZQY1JxQjZibDNicGhMWmJRNTNHSHFTb0dOZlc1WGo4NzJaanhOQSUzRCUzRA%5E1&rf=https%3A%2F%2Fezgif.com%2Fresize&tg_i.domain=ezgif.com&tg_i.page=https%3A%2F%2Fezgif.com%2Fresize&tk_flint=pbjs_lite_v7.54.0&x_source.tid=2ea1bb6f-e7b5-4719-a784-d98bc7994647&l_pb_bid_id=1927a4f5768eeca6&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=2ea1bb6f-e7b5-4719-a784-d98bc7994647&rp_maxbids=1&slots=1&rand=0.8016030704988111
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::91 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
29f9f0905cba1e46be98c773f3b3034fe61eb50c352945a8297d227314c64743

Request headers

Referer
https://ezgif.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:18 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://ezgif.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
316
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebidjs
rtb.openx.net/openrtbb/ 		53 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
87ffd0c70b8d940c922a0106649b0327bb601eaa353b44e53d29069a9377659f

Request headers

Referer
https://ezgif.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 15 Jan 2024 17:57:18 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://ezgif.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
v1
btlr.sharethrough.com/universal/ 		0
141 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.135.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-135-126.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ezgif.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ezgif.com
date
Mon, 15 Jan 2024 17:57:18 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
hb
rt.marphezis.com/ 		0
221 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rt.marphezis.com/hb
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.128.135.204 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ezgif.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ezgif.com
pragma
no-cache
date
Mon, 15 Jan 2024 17:57:18 GMT
cache-control
no-store
access-control-allow-credentials
true
vary
Origin
expires
0
v1
prg.smartadserver.com/prebid/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
92da394ece2be5a561fb5ae2d3d175269c29ebb089fce1c88dfbcfc4030e7b20

Request headers

Referer
https://ezgif.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:18 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://ezgif.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
pr
aax-eu.amazon-adsystem.com/s/v3/ Frame 3D6C 		5 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_rx_n-Azerion_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_n-smaato_n-sharethrough_n-onetag_pm-db5_ym_rbd_ppt_n-vmg_n-baidu_sovrn_n-Rise_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-index_rx_n-Azerion_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_n-smaato_n-sharethrough_n-onetag_pm-db5_ym_rbd_ppt_n-vmg_n-baidu_sovrn_n-Rise_3lift_n-Outbrain&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.226.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
e4752360b99e45da59742aea69b7a6999f4878e460df21f0c4182d2c6bfe62e0
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-index_rx_n-Azerion_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_n-smaato_n-sharethrough_n-onetag_pm-db5_ym_rbd_ppt_n-vmg_n-baidu_sovrn_n-Rise_3lift_n-Outbrain&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
5408
Content-Type
text/html;charset=ISO-8859-1
Date
Mon, 15 Jan 2024 17:57:18 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
HMCAWBWJ5F0YKDR0S91Z
setuid
prebid-stag.setupad.net/
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dmedianet%26gdp...
  • https://prebid-stag.setupad.net/setuid?bidder=medianet&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=0000EEA
86 B
696 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-stag.setupad.net/setuid?bidder=medianet&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=0000EEA
Requested by
Host: ezgif.com
URL: https://ezgif.com/resize
Protocol
H2
Server
172.67.68.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ezgif.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:18 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2TADcXfD1iYnSt%2BdngSHrrsNH8OIXypWNDQqoXcP%2Bwjj8p0StddSZH4x2l1MIv0oMdw6x5GxwoNGEmi1tWNBSmv83QHEbRdc7nCbdbXMRBHbh%2BpDwNha9fsYo08Q5zOUo7GWUJKpWXuD"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
cf-ray
84600018ff7e56c6-OSL
content-length
86
expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Mon, 15 Jan 2024 17:57:18 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
location
https://prebid-stag.setupad.net/setuid?bidder=medianet&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=0000EEA
content-type
text/html
cache-control
max-age=0, no-cache, no-store
content-length
154
x-mnet-hl2
E
expires
Mon, 15 Jan 2024 17:57:18 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 711E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst5SuZxuEjrJ5RQGVcOYubu9cicuKuqnHpdfVh72WPK1yGIlbzxgwdhP7EK3d5gptRNUZIpA5YT8Y1lg_bCw5thP3hJz9Xytu-zWkWeslmAzZgZcBoYA1EY7zg8qG1ytb5IMfiOsCwBBWrF20Jrw7i1DI_c1CP0zm1SBOvzrHLF2nSN58NqCk_EEZHqA1fc_KHAkvQleR5EWmveFAM1ZO-rMr-yfyvqk0zfXA-GD8ZXQArH7W9ngPVeoSDA-P34Fgbz3Ow95LHq4HfrOV8PSBeEsIRo21OvPFA7p7xzCouuDD_3UZdZIJcsGDbdQ9Vrn30oIWsadPx1cIvQp75l0y_KX-VetknRXCmBYWpCeys7iSdqurB4z840UFsdrDG11q7PG04yLx0gp5DVwsmzd-VpB64eLjayA7nvVLOaFmc4T68Rgc_J9F8XeQ&sai=AMfl-YRYd8-7Qf35jlwKCCo5JW2b01tRWjasfSHIvkiDePpoRMBWUqTnOWWxgeoFSA88bIwQMthlL1Jspj1OIetk5UjzwrG7LQsmaE5JUM3teHlAjOjRo9C0EvQ_Y9uSccM&sig=Cg0ArKJSzOT4QqPU3aFMEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-935e2f1-22fd8186.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ezgif.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:57:18 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
truncated
/ Frame 711E 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6dd750a21e87d257c684b6dc6efe45d7171386fc4e61bcd7816ae2fb12b6558d

Request headers

accept-language
no-NO,no;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/png
bl-250cc79-7b57fac3.js
tagan.adlightning.com/setupad/ Frame A12C 		72 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/setupad/bl-250cc79-7b57fac3.js
Requested by
Host: 0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com
URL: https://0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
44774be891c56e74c47471b718cc0846c3549496c82a9cda4ec4b47ccc325e35

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 11:37:57 GMT
content-encoding
gzip
via
1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
x-amz-version-id
bz.LJTOiikJkrZ_405ltiH2k3k8xaB9c
x-amz-cf-pop
FRA60-P4
age
195562
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
31148
x-amz-meta-git_commit
250cc79
last-modified
Sat, 13 Jan 2024 11:32:21 GMT
server
AmazonS3
etag
"a196e933fbe3bbafc363249ab99fcd33"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
OI7WoBCc-t-BiTZ-EuEJQSVY-QjFnrh_VAMgSl4SpOtHIHAxFMGifw==
b-935e2f1-22fd8186.js
tagan.adlightning.com/setupad/ Frame A12C 		71 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/setupad/b-935e2f1-22fd8186.js
Requested by
Host: 0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com
URL: https://0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2231903638371ed6f332ab6c4482f1b0716e4aabf55b98b3efef17e07e0fa22e

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 00:07:14 GMT
content-encoding
gzip
via
1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
x-amz-version-id
TSM1sCYCFVBYqK8r2.wgiAybDtOWIo_C
x-amz-cf-pop
FRA60-P4
age
4211405
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
27763
x-amz-meta-git_commit
935e2f1
last-modified
Tue, 03 Oct 2023 14:25:23 GMT
server
AmazonS3
etag
"7164aeb4f3f79e485a778007d9bf2ade"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
WJRM9AqOldW4DU27OTKvPVfV9zks2790lTXCDcyYC6k55qiwOqIyNA==
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame A12C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js
Requested by
Host: 0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com
URL: https://0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 15:26:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
9054
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 29 Jan 2024 15:26:25 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame A12C 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com
URL: https://0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 19:20:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
81427
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 28 Jan 2024 19:20:11 GMT
l
www.google.com/ads/measurement/ Frame A12C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaToMquKUzp0HEU0M2nPdOenEW1ddUQhwvsHuHu1ojHTAUa5DDps1EkuxutdVO_OhiXOmBikgUXY2HYt3DcydNOmTu-peQ
Requested by
Host: 0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com
URL: https://0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame A12C 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com
URL: https://0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 15:24:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
268392
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 11 Jan 2025 15:24:06 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame A12C 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com
URL: https://0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:57:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704891455226136"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 15 Jan 2024 17:57:18 GMT
events
bidder.criteo.com/csm/ 		0
187 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.136.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ezgif.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://ezgif.com
date
Mon, 15 Jan 2024 17:57:17 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
pixels
ssp-sync.criteo.com/user-sync/ 		448 B
663 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp-sync.criteo.com/user-sync/pixels
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.136.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
1b3ec5fbc3c013156f1fc01e274f6952afdfbb21f7dfc1843736f9a17555d503
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ezgif.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:57:18 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ezgif.com
cache-control
no-store,max-age=0
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
generic
match.adsrvr.org/track/cmf/ Frame 3D6C
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=amazon&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D&gdpr=0
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=536513027
70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=536513027
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_rx_n-Azerion_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_n-smaato_n-sharethrough_n-onetag_pm-db5_ym_rbd_ppt_n-vmg_n-baidu_sovrn_n-Rise_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
no-NO,no;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:57:18 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:18 GMT
etag
RX6e6f60e835a040b1a582c5da107844cb003
content-type
text/html
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=536513027
cache-control
no-store, no-cache, must-revalidate
expires
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 3D6C
Redirect Chain
  • https://ad.360yield.com/server_match?callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dazerion.com%26id%3D%7BPUB_USER_ID%7D&gdpr=0
  • https://ad.360yield.com/ul_cb/server_match?callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dazerion.com%26id%3D%7BPUB_USER_ID%7D&gdpr=0
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=azerion.com&id=fc2aff31-9c4a-4e3f-a561-5b4152c50304&gdpr=0
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=azerion.com&id=fc2aff31-9c4a-4e3f-a561-5b4152c50304&gdpr=0
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_rx_n-Azerion_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_n-smaato_n-sharethrough_n-onetag_pm-db5_ym_rbd_ppt_n-vmg_n-baidu_sovrn_n-Rise_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
67.220.226.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
no-NO,no;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 Jan 2024 17:57:19 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
96BERS58FV97BP5C335F
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=azerion.com&id=fc2aff31-9c4a-4e3f-a561-5b4152c50304&gdpr=0
access-control-allow-origin
*
date
Mon, 15 Jan 2024 17:57:19 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 3D6C
Redirect Chain
  • https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E&gdpr=0
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=media.net&id=3483430399418141000V10
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=media.net&id=3483430399418141000V10
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_rx_n-Azerion_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_n-smaato_n-sharethrough_n-onetag_pm-db5_ym_rbd_ppt_n-vmg_n-baidu_sovrn_n-Rise_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
67.220.226.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
no-NO,no;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 Jan 2024 17:57:19 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
KXYM8Y4KYX0KQ04FG965
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 15 Jan 2024 17:57:19 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=media.net&id=3483430399418141000V10
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
x-mnet-hl2
E
Expires
Mon, 15 Jan 2024 17:57:19 GMT
ecm3
s.amazon-adsystem.com/ Frame 3D6C
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID&gdpr=0
  • https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID&gdpr=0&_bee_ppp=1
  • https://s.amazon-adsystem.com/ecm3?id=AAGhc07LSuQAABQZpZ2XaQ&ex=beeswax.com
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=AAGhc07LSuQAABQZpZ2XaQ&ex=beeswax.com
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_rx_n-Azerion_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_n-smaato_n-sharethrough_n-onetag_pm-db5_ym_rbd_ppt_n-vmg_n-baidu_sovrn_n-Rise_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
no-NO,no;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 Jan 2024 17:57:19 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
NQFTZYC5Z6A0N2RNQRW6
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?id=AAGhc07LSuQAABQZpZ2XaQ&ex=beeswax.com
Date
Mon, 15 Jan 2024 17:57:19 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 3D6C
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com/s%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smaato.com&id=9c2c41f135
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smaato.com&id=9c2c41f135
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_rx_n-Azerion_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_n-smaato_n-sharethrough_n-onetag_pm-db5_ym_rbd_ppt_n-vmg_n-baidu_sovrn_n-Rise_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
67.220.226.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
no-NO,no;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 Jan 2024 17:57:19 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
FTKATRGZ5E730V0JN4XV
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Mon, 15 Jan 2024 17:56:44 GMT
via
1.1 cbe141923b7469a299306144733821c2.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-C2
age
35
x-cache
Hit from cloudfront
location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smaato.com&id=9c2c41f135
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
mKddFgcisZOQexJ9ab6phaURcou98uBMKKGGZmMF9BTQLNsxv4GaCw==
/
onetag-sys.com/match/ Frame 3D6C 		0
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=113&callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&gdpr=0
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_rx_n-Azerion_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_n-smaato_n-sharethrough_n-onetag_pm-db5_ym_rbd_ppt_n-vmg_n-baidu_sovrn_n-Rise_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
no-NO,no;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 3D6C
Redirect Chain
  • https://trace-eu.mediago.io/ju/cs/amazon?callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dbaidu.com%26id%3D%24UID&gdpr=0
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=baidu.com&id=acc8ce73d6e9cdf52605c500lrf89fsl
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=baidu.com&id=acc8ce73d6e9cdf52605c500lrf89fsl
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_rx_n-Azerion_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_n-smaato_n-sharethrough_n-onetag_pm-db5_ym_rbd_ppt_n-vmg_n-baidu_sovrn_n-Rise_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
67.220.226.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
no-NO,no;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 Jan 2024 17:57:19 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
GS3K1KW24NY6EXJ38SE8
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Mon, 15 Jan 2024 17:57:19 GMT
via
1.1 google
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8
location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=baidu.com&id=acc8ce73d6e9cdf52605c500lrf89fsl
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
/
b1sync.zemanta.com/usersync/amazon_tam/ Frame 3D6C 		0
0
view
securepubads.g.doubleclick.net/pcs/ Frame 54FD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuCEf-zhOliWU6_aJwMIE4S9b2owxBwokFrdPOBsqT1Z4nVrZJWHYxwcX8HKZgZCC0o8-_KMrRLmGvbB5MNc6egfp29oVp5_jnd5PgqaFduCMytJnqjjdFua7EbRQS3YIUcUTp7J-x9gaRfyAVRJf3BOyfxOfiILbDLsE-X6JVUGxwFXkZaVyK1T_usFXJJWL9ARFJBAnTNMb24vBc0xaNogjmEfzz9cHy40uwq7Kyx8EiJb29-Oq3WWpibj-nZr8bQh1FHX-mNeU-zMb2Be1u1sHZptIlGCu8JS7ZKfq5KlePzEGndVTgL__6gfjfrh_yyIazkG4XxXVRcEGEFdJUf44lAxkpqVm_hy4dT2o2EziYBueaKoA4QRYWGOxSYMz1UWgV5dRjmfNb0blfpcnWdg6wuh8Jypqj78QVgZ4X8Uw&sai=AMfl-YQXNsxzqH2lThXlXbfPJuEJ87sln776ILQOvsBT7DQ9bBCVhpdN7HrQWQ5oFj9ImHFZGcrIjOL1u6vmY8KOlB7qzRCAEltqWf_fgsZReRJVt-Ays1F3cMSp6tEMRRw&sig=Cg0ArKJSzOdujfUXCLAgEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-935e2f1-22fd8186.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ezgif.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:57:18 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
truncated
/ Frame 54FD 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b49e35933fc7f3d13f0588ff34693b776544803689019e72d5b996bf711f9aeb

Request headers

accept-language
no-NO,no;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/png
amzns2s
rtb.gumgum.com/usync/ Frame A86B 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_rx_n-Azerion_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_n-smaato_n-sharethrough_n-onetag_pm-db5_ym_rbd_ppt_n-vmg_n-baidu_sovrn_n-Rise_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.148.20 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-148-20.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
360cd718009b9e356e27bb0c26e48943a808a57df9f9d1672650a2dcd0867c26

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Mon, 15 Jan 2024 17:57:18 GMT
etag
W/"0154958bab47679991b54a16216b097b5"
server
nginx
timing-allow-origin
*
usermatch
ssum-sec.casalemedia.com/ Frame 31F4
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fgdpr%3D0%26ex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fgdpr%3D0%26ex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_rx_n-Azerion_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_n-smaato_n-sharethrough_n-onetag_pm-db5_ym_rbd_ppt_n-vmg_n-baidu_sovrn_n-Rise_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df8b0d1037f7c4e6ded5a2a96fd4bce4a82d5515d4113692314c4cd6da2bb068

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
84600019892ab4f9-OSL
content-encoding
br
content-type
text/html
date
Mon, 15 Jan 2024 17:57:19 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j73sVPgroK04Vsmz8eMx%2F9JlaKz3p6iJUVn7v3diMllzD4vLE5mH%2BHvlTHDKD6EwejJZp7nCIGEboqQrXiwEmRvPYi4hiy9GbsbETSLntQt4ZWZpABxK2lTAGTUIqh6NIRpDO1nsCEsORQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
846000191ec456a9-OSL
content-length
0
date
Mon, 15 Jan 2024 17:57:18 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fgdpr%3D0%26ex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3aisNUkPjuhYnga7AxFpFMOZnhtMOoQF1KUrO20%2BTQOf%2BWCnh%2Fn8%2FvC83LJeIwPaEpETBYt3wk%2F6Eb%2BThp7h25wcBMrR5AGsI2CAE0%2BpUeWniykbB0YdlxutzDYxQO2oIRcPjv3%2BtV360A%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
cm
u.openx.net/w/1.0/ Frame 2A43 		816 B
758 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_rx_n-Azerion_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_n-smaato_n-sharethrough_n-onetag_pm-db5_ym_rbd_ppt_n-vmg_n-baidu_sovrn_n-Rise_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
1b287c2726d63d59e8c112eb40dd6839ca6fda17dbdddb656215b20564cbc02e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
463
content-type
text/html
date
Mon, 15 Jan 2024 17:57:18 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
ecm3
aax-eu.amazon-adsystem.com/s/ Frame D6DC
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=2&gdpr=0
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smart.com&id=1632441555638621583&gdpr=0&gdpr_consent=
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smart.com&id=1632441555638621583&gdpr=0&gdpr_consent=
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_rx_n-Azerion_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_n-smaato_n-sharethrough_n-onetag_pm-db5_ym_rbd_ppt_n-vmg_n-baidu_sovrn_n-Rise_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.226.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 15 Jan 2024 17:57:18 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
6J1649WG4WEG64FT6FGW

Redirect headers

content-length
0
date
Mon, 15 Jan 2024 17:57:17 GMT
location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smart.com&id=1632441555638621583&gdpr=0&gdpr_consent=
current
amazon-tam-match.dotomi.com/match/bounce/ Frame 11B5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D&gdpr=0
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_rx_n-Azerion_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_n-smaato_n-sharethrough_n-onetag_pm-db5_ym_rbd_ppt_n-vmg_n-baidu_sovrn_n-Rise_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:21::1690 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

cache-control
no-cache, private, max-age=0, no-store
date
Mon, 15 Jan 2024 17:57:19 GMT
expires
0
pragma
no-cache
server
nginx
/
match.sharethrough.com/jwumXNuB/v1/ Frame E0CE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_rx_n-Azerion_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_n-smaato_n-sharethrough_n-onetag_pm-db5_ym_rbd_ppt_n-vmg_n-baidu_sovrn_n-Rise_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.87.169 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-87-169.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

date
Mon, 15 Jan 2024 17:57:19 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A724 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_rx_n-Azerion_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_n-smaato_n-sharethrough_n-onetag_pm-db5_ym_rbd_ppt_n-vmg_n-baidu_sovrn_n-Rise_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-200.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=172222
content-encoding
gzip
content-length
5622
content-type
text/html
date
Mon, 15 Jan 2024 17:57:18 GMT
expires
Wed, 17 Jan 2024 17:47:40 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
tamptsync
sync-amz.ads.yieldmo.com/ Frame 50DD 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_rx_n-Azerion_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_n-smaato_n-sharethrough_n-onetag_pm-db5_ym_rbd_ppt_n-vmg_n-baidu_sovrn_n-Rise_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.15.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-15-151.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
30bf16a1d7080c3ed5683222d602081fe7332dc955ff31ab9b321e05276711b1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html;charset=utf-8
date
Mon, 15 Jan 2024 17:57:19 GMT
pragma
no-cache
vary
accept-encoding
v3
id5-sync.com/gm/ 		318 B
592 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/gm/v3
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
8091f1ff2ac817adced3c0a3f7dc8da9b593d08756e3f5ab911d2fc8cfb0f7d1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://ezgif.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ezgif.com
date
Mon, 15 Jan 2024 17:57:18 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
view
securepubads.g.doubleclick.net/pcs/ Frame 711E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssqSp9u1NPl6Oq3xcFR0YrMFNG8qSj2h7xqx73Qjg7HUvlrCxqtw0IIiac5VTrHn5-RbF34SGhXB6OxJRxRul9Am97aoX2qtimWcAYHzKRj5S-we872Ib-7DeCtopQK0pEje8UzEzdUlfhQG6iblAf1K2fgr9InOqDvKt2TGqDPIEFPbdB58DUtyy6jT_Gm7Yy-ggXOvEW8gfvdOnni-SS6FJRsdgxFAsqW2KYEOBzX93t7rGIKNpdL5yAOiTsA8YgzuUorkm17-eej2XpY9o4zPV3XnHuuHXPIAD2BNGc-ZyslQAyz0SuUZK01WzKgwIYnta49vLxNzf-YHaxAP1cdCxcOrxlAvMNKRfDR_nn6LR99DW_T4iEGC2r1oHm9KXbq&sai=AMfl-YSQbdPDcPRcen116UymCubV3iWwxnuvHDokiGuXBDrFzEp_-tDeJWzLNErD0L-SsnV6j_6_gpNiU3HwS_mn-M-UEhaRIapRmdeX9dZ0-v5UUQ5V0B12yhxoGPZnO2o&sig=Cg0ArKJSzJd5kE3BRszBEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-935e2f1-22fd8186.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ezgif.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:57:19 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 15 Jan 2024 17:57:19 GMT
usync.html
eus.rubiconproject.com/ Frame AC76 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu&gdpr=0
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_rx_n-Azerion_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_n-smaato_n-sharethrough_n-onetag_pm-db5_ym_rbd_ppt_n-vmg_n-baidu_sovrn_n-Rise_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 15 Jan 2024 17:57:18 GMT
ETag
"280524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
visitormatch
bh.contextweb.com/ Frame 12E0 		951 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_rx_n-Azerion_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_n-smaato_n-sharethrough_n-onetag_pm-db5_ym_rbd_ppt_n-vmg_n-baidu_sovrn_n-Rise_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
208.93.169.131 , United States, ASN46244 (WEBMD-IDC1-AS, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
f42bb60626379f6947b62f9bd73ee1cb85c753c2e7d6c3fcb436a4e0dd77ed39
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cache-control
private, max-age=0, no-cache, no-store
content-language
no-NO
content-length
951
content-type
text/html;charset=iso-8859-1
cw-server
bh-deployment-db744d8c7-2fvgp
expires
-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server
Jetty(10.0.14)
strict-transport-security
max-age=15768000
sync
ups.analytics.yahoo.com/ups/58252/ Frame 5368 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ups.analytics.yahoo.com/ups/58252/sync?redir=true&gdpr=0
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_rx_n-Azerion_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_n-smaato_n-sharethrough_n-onetag_pm-db5_ym_rbd_ppt_n-vmg_n-baidu_sovrn_n-Rise_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

age
0
date
Mon, 15 Jan 2024 17:57:18 GMT
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.94
strict-transport-security
max-age=31536000
amazon
ap.lijit.com/beacon/ Frame 82CF 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_rx_n-Azerion_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_n-smaato_n-sharethrough_n-onetag_pm-db5_ym_rbd_ppt_n-vmg_n-baidu_sovrn_n-Rise_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.91 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
75a57f1b22c392dfe14def03fab16a60f71bce4890f7e8aead7a1a8998d6aca6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Encoding
gzip
Content-Length
465
Content-Type
text/html
Date
Mon, 15 Jan 2024 17:57:18 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
Vary
Accept-Encoding, User-Agent
X-Sovrn-Pod
ad_ap1ams1
sync-iframe
cs-server-s2s.yellowblue.io/ Frame 1698 		0
367 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D&gdpr=0
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_rx_n-Azerion_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_n-smaato_n-sharethrough_n-onetag_pm-db5_ym_rbd_ppt_n-vmg_n-baidu_sovrn_n-Rise_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.203.113.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-113-223.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
cs-server-s2s.yellowblue.io
content-length
0
content-type
text/html
date
Mon, 15 Jan 2024 17:57:19 GMT
server
istio-envoy
x-envoy-upstream-service-time
1
x-reason
could not perform CS due to GDPR policy: gdpr is not applied
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 161E
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID&gdpr=0
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=1848106323789703712951
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=1848106323789703712951
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_rx_n-Azerion_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_n-smaato_n-sharethrough_n-onetag_pm-db5_ym_rbd_ppt_n-vmg_n-baidu_sovrn_n-Rise_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.226.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 15 Jan 2024 17:57:19 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
JMS315QAFPY5J6HEXBYC

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Mon, 15 Jan 2024 17:57:19 GMT
location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=1848106323789703712951
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
view
securepubads.g.doubleclick.net/pcs/ Frame 54FD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss2tiuiivEWemeJNkuQbQz2crtwkfwMQMS3i47QQWmeTT8xoUm0VxJyQYXI1t-84041Em3cGFbFed6MML4GkJMWlW_eRFF0wkIksAL8bHnzTxHLbUXalgEmR7Raxw2Z2adNgvxy2XjsDQZfCOLKuzCsBVLuPtvL7U4R02sbd3YMHk0Vn5IrwHdv_XG5iRr8N9VWAe2_frETG7MvE0CdQMHHO-JvvQNKQwiRrxvVvOb_sAwuBRrUeArh2dyfzKTIb1Swu7ssv3MM1xNkOCOcyMfrSfU6BxN7S_bSWwbt8XtMEKXm_Ff20IaVM4svVApoJfhr_J44BwU4XRetKv0g1orTF9Vq6YdcwGjJETSbhBWZMr9VTVduaoSk&sai=AMfl-YRk6pFc1mnOTzvnwWaxAedwG3ehr7H2sh5FhyLhnsNc3e-lKN0VaiJF_Sim3DJleNyzISyqf4FJAV0nEWxsuZvmT09RdLFag7JiQpzuhCh3hpeoyhNY0ht7Rf4Lh2w&sig=Cg0ArKJSzHEVAR6KtAfJEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-935e2f1-22fd8186.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ezgif.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:57:19 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 15 Jan 2024 17:57:19 GMT
match
ssp-sync.criteo.com/user-sync/
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/cri?r=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fmatch%3fp%3dMDx_zl9iSmhVb2dSUW5tVndRUCUyQlplMGw3TFY4TlBCbUltcHBpWFpQeUJoUUg2VnMlM0Q%26u%3d%24%7bUSER_ID%...
  • https://match.prod.bidr.io/cookie-sync/cri?r=https%3A%2F%2Fssp-sync.criteo.com%2Fuser-sync%2Fmatch%3Fp%3DMDx_zl9iSmhVb2dSUW5tVndRUCUyQlplMGw3TFY4TlBCbUltcHBpWFpQeUJoUUg2VnMlM0Q%26u%3D%24%7BUSER_ID%...
  • https://ssp-sync.criteo.com/user-sync/match?p=MDx_zl9iSmhVb2dSUW5tVndRUCUyQlplMGw3TFY4TlBCbUltcHBpWFpQeUJoUUg2VnMlM0Q&u=AAH-j07LSuQAABQbEM-x0Q
0
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp-sync.criteo.com/user-sync/match?p=MDx_zl9iSmhVb2dSUW5tVndRUCUyQlplMGw3TFY4TlBCbUltcHBpWFpQeUJoUUg2VnMlM0Q&u=AAH-j07LSuQAABQbEM-x0Q
Requested by
Host: ezgif.com
URL: https://ezgif.com/resize
Protocol
H2
Server
2a02:2638:3::6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ezgif.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:57:19 GMT
cache-control
no-store,max-age=0
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Kestrel

Redirect headers

location
https://ssp-sync.criteo.com/user-sync/match?p=MDx_zl9iSmhVb2dSUW5tVndRUCUyQlplMGw3TFY4TlBCbUltcHBpWFpQeUJoUUg2VnMlM0Q&u=AAH-j07LSuQAABQbEM-x0Q
Date
Mon, 15 Jan 2024 17:57:19 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
match
ssp-sync.criteo.com/user-sync/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=criteo&custom_data=vtZN8l9HdWxsMUhncmJJdjN0M3lmSWxZTHNzUzBTaEU1V1lTRDQ5dEw5dkFzYXJZJTNE&gdpr=&gdpr_consent=&us_privacy=&cr_user_id=k-FUvD8RJJoTvOdMea8IxhIqUfuSFx3F9...
  • https://dis.criteo.com/dis/usersync.aspx?r=25&p=52&dis=0&gdpr=&gdpr_consent=&url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D462%26ssp%3Dcriteo%26user_id%3D%40%40CRITEO_USERID%40%40
  • https://x.bidswitch.net/sync?dsp_id=462&ssp=criteo&user_id=k-FUvD8RJJoTvOdMea8IxhIqUfuSFx3F9Ib76i_w&gdpr=&gdpr_consent=
  • https://ssp-sync.criteo.com/user-sync/match?p=vtZN8l9HdWxsMUhncmJJdjN0M3lmSWxZTHNzUzBTaEU1V1lTRDQ5dEw5dkFzYXJZJTNE&u=125f1bfd-f835-444f-aebb-fe39c951329f
0
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp-sync.criteo.com/user-sync/match?p=vtZN8l9HdWxsMUhncmJJdjN0M3lmSWxZTHNzUzBTaEU1V1lTRDQ5dEw5dkFzYXJZJTNE&u=125f1bfd-f835-444f-aebb-fe39c951329f
Requested by
Host: ezgif.com
URL: https://ezgif.com/resize
Protocol
H2
Server
2a02:2638:3::6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ezgif.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:57:18 GMT
cache-control
no-store,max-age=0
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Kestrel

Redirect headers

location
//ssp-sync.criteo.com/user-sync/match?p=vtZN8l9HdWxsMUhncmJJdjN0M3lmSWxZTHNzUzBTaEU1V1lTRDQ5dEw5dkFzYXJZJTNE&u=125f1bfd-f835-444f-aebb-fe39c951329f
date
Mon, 15 Jan 2024 17:57:19 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
usersync
usersync.gumgum.com/ Frame A86B
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=5498199044226996140
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=5498199044226996140
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 15 Jan 2024 17:57:19 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:19 GMT
an-x-request-uuid
3944762b-98fd-453c-9a71-61a23f8ef5d5
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://usersync.gumgum.com/usersync?b=apn&i=5498199044226996140
x-proxy-origin
178.255.148.165; 178.255.148.165; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
x.bidswitch.net/ Frame A86B
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_2e6b5195-7336-4572-839a-b7fc5c71c798&gdpr=0&gdpr_consent=&us_privacy=
  • https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_user_id=${BSW_USER_UD}&bsw_param=125f1bfd-f835-444f-aebb-fe39c951329f&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=&user_group=0&user_id=&ssp=gumgum2&bsw_param=125f1bfd-f835-444f-aebb-fe39c951329f
43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=&user_group=0&user_id=&ssp=gumgum2&bsw_param=125f1bfd-f835-444f-aebb-fe39c951329f
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Server
18.159.21.114 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-21-114.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:57:19 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

location
https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=&user_group=0&user_id=&ssp=gumgum2&bsw_param=125f1bfd-f835-444f-aebb-fe39c951329f
date
Mon, 15 Jan 2024 17:57:19 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame A86B
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=e19b92ee-28b7-44fc-a79b-d3b179a5b254
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=e19b92ee-28b7-44fc-a79b-d3b179a5b254
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 15 Jan 2024 17:57:19 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Mon, 15 Jan 2024 17:57:19 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=e19b92ee-28b7-44fc-a79b-d3b179a5b254
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame A86B
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-50c15911-bbf9-595b-7808-0521a737c370$ip$178.255.148.165
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-50c15911-bbf9-595b-7808-0521a737c370$ip$178.255.148.165
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 15 Jan 2024 17:57:19 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-50c15911-bbf9-595b-7808-0521a737c370$ip$178.255.148.165
Date
Mon, 15 Jan 2024 17:57:19 GMT
Connection
keep-alive
Content-Length
129
Content-Type
text/html; charset=utf-8
gumgum
pr-bh.ybp.yahoo.com/sync/ Frame A86B 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:3295:f713:9e96:927c Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:57:19 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
usersync
usersync.gumgum.com/ Frame A86B
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync...
  • https://usersync.gumgum.com/usersync?b=vnt&i=a49e1b87-15a1-4300-80a6-42101368b95b
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=a49e1b87-15a1-4300-80a6-42101368b95b
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 15 Jan 2024 17:57:19 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=a49e1b87-15a1-4300-80a6-42101368b95b
Date
Mon, 15 Jan 2024 17:57:19 GMT
Connection
keep-alive
X-CI-RTID
f99c9fac-abae-4886-8de5-d47ef9d94c0e
Content-Length
108
Content-Type
text/html; charset=utf-8
142
match.deepintent.com/usersync/ Frame A86B 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:57:19 GMT
content-length
0
server
a
/
b1sync.zemanta.com/usersync/gumgum/ Frame A86B 		0
0
usersync
usersync.gumgum.com/ Frame A86B
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=1632441555638621583
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=1632441555638621583
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 15 Jan 2024 17:57:19 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=1632441555638621583
date
Mon, 15 Jan 2024 17:57:18 GMT
content-length
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame A86B 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=gg.com&id=e_2e6b5195-7336-4572-839a-b7fc5c71c798
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.226.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 Jan 2024 17:57:19 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
6S6CCDF46GXG6QW3DDS2
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pbs-iframe
pbs-cs.yellowblue.io/ Frame 3C35 		0
361 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pbs-cs.yellowblue.io/pbs-iframe?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Drise%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%5BPBS_UID%5D
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.211.238.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-238-11.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ezgif.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://ezgif.com/
content-length
0
content-type
text/html
date
Mon, 15 Jan 2024 17:57:19 GMT
server
istio-envoy
x-envoy-upstream-service-time
1
x-reason
could not perform CS due to GDPR policy: gdpr is not applied
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 2A43 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=openx.com&id=4e704ae3-1c08-c750-00ee-41cbd9c678f2&gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.226.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 Jan 2024 17:57:19 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
GDWTDV6693GADK4Q8J8X
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 2A43
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1325312571758247641
43 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1325312571758247641
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:19 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1325312571758247641
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
dcm
aax-eu.amazon-adsystem.com/s/ Frame 2A43 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=4e704ae3-1c08-c750-00ee-41cbd9c678f2
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.226.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 Jan 2024 17:57:19 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
MFSSPH393F0QMXX00X2A
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
openx
match.adsrvr.org/track/cmf/ Frame 2A43 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=16a6369e-00a2-7caa-c0e0-c35cb1f5b312&gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:57:19 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 2A43 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=M2FjOWU1NTQtYzlkNS0yMjBlLWQ1MDAtOTllNTdiMTc3ZDcy
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 2A43
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDg7gcsNh6QPwV0etCYe9Ms&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDg7gcsNh6QPwV0etCYe9Ms&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:19 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:19 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDg7gcsNh6QPwV0etCYe9Ms&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame AC76 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
4c8a159651778f0ae37bbaf10b6d87d1451ead7f3abe06a5436c4935290d285e

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu&gdpr=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 17:57:19 GMT
Content-Encoding
gzip
Last-Modified
Mon, 15 Jan 2024 04:50:42 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=39170
Connection
keep-alive
Content-Length
10963
Expires
Tue, 16 Jan 2024 04:50:09 GMT
rtset
bh.contextweb.com/bh/ Frame 12E0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=d0ExQmxTZ0lQZ193c1BvbG9NX1NfQQ&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESENi3ZF0H_kRYrFL2Zvy_hkA&google_cver=1
49 B
795 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESENi3ZF0H_kRYrFL2Zvy_hkA&google_cver=1
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint
Protocol
H2
Server
208.93.169.131 , United States, ASN46244 (WEBMD-IDC1-AS, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
no-NO
content-type
image/gif;charset=iso-8859-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-db744d8c7-2fvgp
expires
-1

Redirect headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:19 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESENi3ZF0H_kRYrFL2Zvy_hkA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
335
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
current
pulsepoint-match.dotomi.com/match/bounce/ Frame 12E0 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pulsepoint-match.dotomi.com/match/bounce/current?networkId=14200&version=1&nuid=&gdpr=0&gdpr_consent=
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:21::1690 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:19 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
rtset
bh.contextweb.com/bh/ Frame 12E0
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=95&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=95&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=643f45c5-3ac6-4200-bac6-117cfb4e4b15-65a571ff-4e4f&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=643f45c5-3ac6-4200-bac6-117cfb4e4b15-65a571ff-4e4f&partner_url=https%3A%2F%2Fbh.contextweb.com%2Fbh%2Frtset%3Fdo%3Dadd%26pid...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=643f45c5-3ac6-4200-bac6-117cfb4e4b15-65a571ff-4e4f&partner_url=https%3A%2F%2Fbh.contextweb.com%2Fbh%2Frtset%3Fdo%3Dadd...
  • https://bh.contextweb.com/bh/rtset?do=add&pid=543793&ev=643f45c5-3ac6-4200-bac6-117cfb4e4b15-65a571ff-4e4f&gdpr_in_effect=0&gdpr_consent=
49 B
852 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=543793&ev=643f45c5-3ac6-4200-bac6-117cfb4e4b15-65a571ff-4e4f&gdpr_in_effect=0&gdpr_consent=
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint
Protocol
H2
Server
208.93.169.131 , United States, ASN46244 (WEBMD-IDC1-AS, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
no-NO
content-type
image/gif;charset=iso-8859-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-db744d8c7-2fvgp
expires
-1

Redirect headers

date
Mon, 15 Jan 2024 17:57:19 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://bh.contextweb.com/bh/rtset?do=add&pid=543793&ev=643f45c5-3ac6-4200-bac6-117cfb4e4b15-65a571ff-4e4f&gdpr_in_effect=0&gdpr_consent=
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 12E0 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=nexbIDoOEifh&ex=Pulsepoint
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 Jan 2024 17:57:19 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
ZZ33T09TN2RNM19FSK2H
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 31F4
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=0
  • https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZaVx-rC1Re9XqL1WAOmzmwAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECmJ96XV-0TpVWIEb8IECNE&google_cver=1&gdpr=0
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECmJ96XV-0TpVWIEb8IECNE&google_cver=1&gdpr=0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fgdpr%3D0%26ex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kcr%2BhT3F8dpMEW2z4odqg7jeTb4%2Bzf%2FFxIqKY%2Fy2gDbuJ1CLmbE1XSz4BA1JVuQO7qXWBPM93iiYFI2m1vWiMkmezpww5epBAxkBA65bXUuMowg9dbUHLhHHVN8GsQ2hSw9qJdNWUaKHiw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8460001ca828b4f9-OSL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:19 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECmJ96XV-0TpVWIEb8IECNE&google_cver=1&gdpr=0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 31F4 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=0&gdpr_consent=&id=ZaVx_rC1Re9XqL1WAOmzmwAAEUIAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fgdpr%3D0%26ex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 Jan 2024 17:57:19 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
B4RHSKVV0N3Y4SSRH682
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
28292
i6.liadm.com/s/ Frame 31F4
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZaVx-rC1Re9XqL1WAOmzmwAA%264418&gpdr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZaVx-rC1Re9XqL1WAOmzmwAA%264418&_li_chk=true&gpp_sid=&us_privacy=&gpdr=0&previous_uuid=af42ba1179794935a568a69523cf6237
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-8x90vhJJoTvOdMea8IxhIqUfuSFumCehZQdBrw
  • https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-8x90vhJJoTvOdMea8IxhIqUfuSFumCehZQdBrw
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-8x90vhJJoTvOdMea8IxhIqUfuSFumCehZQdBrw
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fgdpr%3D0%26ex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
Protocol
HTTP/1.1
Server
2600:1f18:ed:550a:ac77:9c63:d66e:ebeb Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 17:57:21 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
0
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-8x90vhJJoTvOdMea8IxhIqUfuSFumCehZQdBrw
Date
Mon, 15 Jan 2024 17:57:20 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
3
usermatchredir
ssum-sec.casalemedia.com/ Frame 31F4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZaVx_rC1Re9XqL1WAOmzmwAAEUIAAAIB&gdpr_consent=&us_privacy=&gdpr=0&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=0&gpp=&gpp_sid=&google_gid=CAESEIcM82DkedPDcTANhzmziAE&google_cver=1
43 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=0&gpp=&gpp_sid=&google_gid=CAESEIcM82DkedPDcTANhzmziAE&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fgdpr%3D0%26ex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ujgy3czyD97weZPuYMk69LhPLyf3PuCNG6GqhLY%2FSpwLMw%2BFz%2FZlSOkdrHscP%2BHhh28qa94PslsMpoKjlqETEhNw1QaF4fSY4LAPAh9cUdo0uqk9uLCpZqTBIeczre%2BcONcC7MUV0lVpwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8460001ca825b4f9-OSL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:19 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=0&gpp=&gpp_sid=&google_gid=CAESEIcM82DkedPDcTANhzmziAE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
365
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 31F4
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=0&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1721066239&external_user_id=70e56c33-9a17-47db-8b6d-6ec4ee1cf463
43 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1721066239&external_user_id=70e56c33-9a17-47db-8b6d-6ec4ee1cf463
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fgdpr%3D0%26ex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JTtIay0fPHJ%2F4%2F5%2FEsaDm2v47SujB6XnAGKD6vGYxUbxbyu8jlZRGeepJK%2FcYnEmteWlUyfd1gdSQlAObKVmGVv0%2BmrW6KptfRlByGXNJl4Uz2JyNqt4vptmuhGNaJG343Ot1zxFw%2Bwt2A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8460001d89ebb4f9-OSL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Mon, 15 Jan 2024 17:57:19 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.casalemedia.com
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1721066239&external_user_id=70e56c33-9a17-47db-8b6d-6ec4ee1cf463
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
bridge
cm.adgrx.com/ Frame 31F4 		43 B
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE&gdpr=0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fgdpr%3D0%26ex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.231.180.197 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
ams-delivery-4.sys.adgear.com
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:19 GMT
server
Cowboy
content-type
image/gif
p3p
CP="NOI OTC OTP OUR NOR"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
ams-delivery-1
content-length
43
expires
Thu, 23 Sep 2004 17:42:04 GMT
rum
dsum-sec.casalemedia.com/ Frame 31F4
Redirect Chain
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=0&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=2d50a1a0-9f9e-4e06-810d-450430d1ce7c&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=0
43 B
480 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=2d50a1a0-9f9e-4e06-810d-450430d1ce7c&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fgdpr%3D0%26ex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4VxyiYQRcEFs1iavFhefYX7%2B6st%2FhnW5FtLQyLhpghNrwvA%2FL6%2BLLiOfRdnqaJJMBeKwRPZr%2FQpA94P0xxVJsdr%2BP4xyan%2FPxhHIVLAmI1f9Y4xeUvkfY83D5UJDm6XPFQNHJGkhAaCFEg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache
cf-ray
8460001d69b0b4f9-OSL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=2d50a1a0-9f9e-4e06-810d-450430d1ce7c&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=0
date
Mon, 15 Jan 2024 17:57:19 GMT
server
_
content-length
0
user-registering
ads.stickyadstv.com/ Frame 31F4 		43 B
654 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZaVx_rC1Re9XqL1WAOmzmwAAEUIAAAIB&gdpr_consent=&us_privacy=&gdpr=0&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fgdpr%3D0%26ex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
2607:ae80:192:1::173 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 Jan 2024 17:57:19 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1705341439591005-413
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 31F4 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?gdpr=0&ex=index.com&id=ZaVx_rC1Re9XqL1WAOmzmwAAEUIAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fgdpr%3D0%26ex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.226.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 Jan 2024 17:57:19 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
JHM10TJR20QTVK3NN9J1
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 82CF 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?id=H_yVpBZHWQWJzeE7RW-dyeUS&ex=sovrn.com&gdpr=0&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.226.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 Jan 2024 17:57:19 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
8NSQ19VZ7XPFMA406DR6
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame 82CF
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://ce.lijit.com/merge?3pid=AAGhc07LSuQAABQZpZ2XaQ&pid=85&gdpr=0
43 B
859 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?3pid=AAGhc07LSuQAABQZpZ2XaQ&pid=85&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0
Protocol
HTTP/1.1
Server
216.52.2.16 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 Jan 2024 17:57:19 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ams1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?3pid=AAGhc07LSuQAABQZpZ2XaQ&pid=85&gdpr=0
Date
Mon, 15 Jan 2024 17:57:19 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
merge
ce.lijit.com/ Frame 82CF
Redirect Chain
  • https://cms.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=43&gdpr=&gdpr_consent=&us_privacy=&3pid=3T1Cg9w5RdDGP0WE3zwOhtg-FobGMUHV0zzOI_ni
0
654 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=43&gdpr=&gdpr_consent=&us_privacy=&3pid=3T1Cg9w5RdDGP0WE3zwOhtg-FobGMUHV0zzOI_ni
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0
Protocol
HTTP/1.1
Server
216.52.2.16 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Expires
Fri, 20 Mar 2009 00:00:00 GMT
Pragma
no-cache
Date
Mon, 15 Jan 2024 17:57:19 GMT
X-MERGE
GDPR Optout true
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ams1
P3P
CP="CUR ADM OUR NOR STA NID"

Redirect headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:19 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://ce.lijit.com/merge?pid=43&gdpr=&gdpr_consent=&us_privacy=&3pid=3T1Cg9w5RdDGP0WE3zwOhtg-FobGMUHV0zzOI_ni
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
merge
ce.lijit.com/ Frame 82CF
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub10014056052800&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?3pid=OPU808a358805d44a548b9bb717fd8a65a8&gdpr=0&gdpr_consent=&pid=103
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?3pid=OPU808a358805d44a548b9bb717fd8a65a8&gdpr=0&gdpr_consent=&pid=103
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0
Protocol
HTTP/1.1
Server
216.52.2.16 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 Jan 2024 17:57:19 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ams1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:19 GMT
server
nginx
access-control-allow-methods
POST, GET
content-type
text/html; charset=utf-8
access-control-allow-origin
*
location
https://ce.lijit.com/merge?3pid=OPU808a358805d44a548b9bb717fd8a65a8&gdpr=0&gdpr_consent=&pid=103
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
131
expires
Mon, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 82CF
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=SF95VnBCWkhXUVdKemVFN1JXLWR5ZVVT&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=SF95VnBCWkhXUVdKemVFN1JXLWR5ZVVT&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0
Protocol
H3
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 15 Jan 2024 17:57:19 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=SF95VnBCWkhXUVdKemVFN1JXLWR5ZVVT&gdpr=0
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
merge
ce.lijit.com/ Frame 82CF
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=27&uid=H_yVpBZHWQWJzeE7RW-dyeUS&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=66&3pid=877233762466
0
654 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=66&3pid=877233762466
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0
Protocol
HTTP/1.1
Server
216.52.2.16 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Expires
Fri, 20 Mar 2009 00:00:00 GMT
Pragma
no-cache
Date
Mon, 15 Jan 2024 17:57:19 GMT
X-MERGE
GDPR Optout true
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ams1
P3P
CP="CUR ADM OUR NOR STA NID"

Redirect headers

access-control-allow-origin
*
location
https://ce.lijit.com/merge?pid=66&3pid=877233762466
content-length
0
usersync
usersync.gumgum.com/ Frame D70B
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=adf&i=1325312571758247641&gdpr=0&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=adf&i=1325312571758247641&gdpr=0&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 15 Jan 2024 17:57:19 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Mon, 15 Jan 2024 17:57:19 GMT
expires
-1
location
https://usersync.gumgum.com/usersync?b=adf&i=1325312571758247641&gdpr=0&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
pixel
cm.g.doubleclick.net/ Frame 5827 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8yZTZiNTE5NS03MzM2LTQ1NzItODM5YS1iN2ZjNWM3MWM3OTg=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Mon, 15 Jan 2024 17:57:19 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8D5E 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-200.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=172221
content-encoding
gzip
content-length
5622
content-type
text/html
date
Mon, 15 Jan 2024 17:57:19 GMT
expires
Wed, 17 Jan 2024 17:47:40 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame 5EB0 		70 B
148 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

content-length
70
content-type
image/gif
date
Mon, 15 Jan 2024 17:57:19 GMT
server
Kestrel
usersync
usersync.gumgum.com/ Frame 77C7
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZaVx-8Co8YQAAAw9fNEAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZaVx-8Co8YQAAAw9fNEAAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 15 Jan 2024 17:57:19 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Mon, 15 Jan 2024 17:57:19 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZaVx-8Co8YQAAAw9fNEAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
1
X-SO-Cluster-ID
0
X-SO-HostName
m-ad430.dc4p.scaleout.jp
X-SO-IP
178.255.148.165
X-SO-Key
ZaVx-8Co8YQAAAw9fNEAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"ZaVx-8Co8YQAAAw9fNEAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad430"}
X-SO-LB-Hostname
m-tgng32.dc4p.scaleout.jp
X-SO-Upstream-ID
m-ad430
usersync
usersync.gumgum.com/ Frame BD53
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://usersync.gumgum.com/usersync?b=rth&i=Hd2gM0OmKNOMuaQbiBEGjJDBp-VOmEcMMfds83BESbI&pi=gumgum
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=Hd2gM0OmKNOMuaQbiBEGjJDBp-VOmEcMMfds83BESbI&pi=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 15 Jan 2024 17:57:19 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Mon, 15 Jan 2024 17:57:19 GMT Mon, 15 Jan 2024 17:57:19 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=Hd2gM0OmKNOMuaQbiBEGjJDBp-VOmEcMMfds83BESbI&pi=gumgum
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 5889
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 15 Jan 2024 17:57:19 GMT
ETag
"280524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 15 Jan 2024 17:57:19 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
ads
securepubads.g.doubleclick.net/gampad/ 		26 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2803986539947248&correlator=4117108421016336&eid=31079956%2C31080255%2C31080441%2C31080328&output=ldjh&gdfp_req=1&vrg=202401080101&ptt=17&impl=fifs&gdpr=0&iu_parts=147246189%3A21770999482%2Cezgif.com_728x90_desktop_middle&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C468x60&ifi=5&sfv=1-0-40&rcs=1&eri=1&sc=1&cookie=ID%3Da02bb1ffa8c4684c%3AT%3D1705341437%3ART%3D1705341437%3AS%3DALNI_MbWZMqFAhyQtkO2MZk3Xzuq4xBuRw&gpic=UID%3D00000d41d1eae43c%3AT%3D1705341437%3ART%3D1705341437%3AS%3DALNI_MYlB0tfLtc7Yg3RXPV5tQ4bZTJ2AQ&abxe=1&dt=1705341439256&lmt=1705341439&adxs=456&adys=883&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fezgif.com%2Fresize&vis=1&psz=1018x-1&msz=728x-1&fws=4&ohw=1018&psts=AOrYGskfYYrgGgjustP_3OMolT3nNuUAP_lrZWqQJGNI5Nj5LCYdL1p-0gdJI6TXSoeXzIGHAKaup1mh9d-DkKQ%2CAOrYGsmIFLGfN0cvHEtrYW-jhYn8Yz7LOMcwqWL7OoDU0_QHPOwX9dKwrtCRAlMAu1KDdHDx24gsuwURQwWcqos&ga_vid=789926922.1705341438&ga_sid=1705341438&ga_hid=1536378157&ga_fc=false&a3p=EhgKCXlhaG9vLmNvbRj7h5Xy0DFIAFICCG8SGQoKdWlkYXBpLmNvbRjghZXy0DFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGLmHlfLQMUgAUgIIahIcCg1jcndkY250cmwubmV0GOCFlfLQMUgAUgIIZBIZCgpwdWJjaWQub3JnGMWGlfLQMUgAUgIIahIXCghydGJob3VzZRi7h5Xy0DFIAFICCGoSHQoOZXNwLmNyaXRlby5jb20Y4IWV8tAxSABSAghkEj4KBW9wZW54EixleUpwSWpvaWVGRnZTbmcyYTJ4Uk1USmhUbWQxTURGa1MwRTNkejA5SW4wPRjfipXy0DFIAA..&dlt=1705341435908&idt=698&prev_scp=amznbid%3D2%26amznp%3D2%26hb_env%3Dweb%26hb_adomain%3Dfunction(e)%257Breturn%2520e.meta.advertiserDomains%255B0%255D%257D%26hb_source%3Dclient%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.07%26hb_adid%3D204d21b30d60ac%26hb_bidder%3Doftmedia%26hb_rf%3D1&cust_params=category%3Dcomputing_graphics%26audience_interest%3Dcomputing%26origin%3Ddirect%26ECT%3D4g&adks=2638066804&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401080101/pubads_impl.js?cb=31080328
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
332233ce0886ab37a701247c9121ae1f9fd0f3436dca93a93ecdc6259bd7adf8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ezgif.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:57:19 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12175
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ezgif.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 50DD 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=ym.com&id=VEpIiaa11SaoKNVWkSDn&gdpr=0
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.226.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 Jan 2024 17:57:19 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
AATQMRA2VA0ED2FZ7RSY
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame 50DD 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=yieldmo&ttd_tpi=1&ttd_puid=VEpIiaa11SaoKNVWkSDn
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:57:19 GMT
server
Kestrel
content-length
70
content-type
image/gif
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 50DD 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=yieldmo
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
08fc1f390a6968c5983b6715b2a92536
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ImgSync
image8.pubmatic.com/AdServer/ Frame 50DD 		0
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=160648&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.yieldmo.com%252Fsync%253Fpn_id%253Dpub%2526id%253D%2523PMUID%2526gdpr%253DPM_GDPR%2526gdpr_consent%253DPM_CONSENT
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:57:19 GMT
content-length
0
sync
ads.yieldmo.com/v000/ Frame 50DD
Redirect Chain
  • https://ib.adnxs.com/getuid?https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an
  • https://ads.yieldmo.com/v000/sync?userid=5498199044226996140&pn_id=an
43 B
599 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?userid=5498199044226996140&pn_id=an
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
52.213.174.136 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-174-136.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:19 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:19 GMT
an-x-request-uuid
6d83f54b-9d51-4883-8f04-51c66aa2ba42
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ads.yieldmo.com/v000/sync?userid=5498199044226996140&pn_id=an
x-proxy-origin
178.255.148.165; 178.255.148.165; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 50DD 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_hm=VkVwSWlhYTExU2FvS05WV2tTRG4=
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
afr.php
ads.eu.criteo.com/delivery/r/ Frame A5F0 		149 KB
49 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaVx_QAM3gMIu8YTAAK5n1Jn4cTJg96n9YTRYA&u=%7CTquV4ic3XspJRcMBC18oi3VS3vzCcSGKb%2BXvjALF6B0%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oU-fBZNObj24EfUS2J5cBE6K6feSLM5sOg8eYxw9f09-pJvs8iAwk--40Ni-7U0wFOhRRorZm7rwbq-1BhyldvAUaMKmWpeg7BEC81sFoXEDv_CpHgITpGSmVW4wUZ7_d5iM_0_9FG9hEnuzwCNAhcCHViEm1TaE4De32f-czP12HrT1dpvIBqPJ7ogeO8HFuFdRPoL5Dx16DTXTDSlTVfRnXsp7ShiAQHUkK0uXZ_3UNfrfQGf-1-0S5e_Lxtq-OqkY3gfDGji2ur4TDH3WGi42SkSliocRdHnmRLCrtMuL14FrugeRBvmDd512Ekr2A9XL2MDUGDm_YHrrCIs69FyFhbB49C-6ptH5ucz9SIFeWjKTBhr36Sg6XJBOuZq40_DKYN3-r8rc6gZ_jfk5n6lC2Vc-jfa2psHppJvLPZ2f-WUJQu_BFSoOvyEDnIzat4a5b2aO8G90ZeNqXieZV4OSJpkaUPzBA6_ZIQo0PWK6IXIG5Qp-hOSmNWrncr1XYkdhC_g7P51N4q6wdRkmbzr4w8edmA6RMoQg17zPEGUslVXEKMEthvMHU9rzI8TpzLn4UPxMArU2z_S6xI34y-AgDp5kPCQcTtnb-_YftOrq122Whi39l3HSdQT6NQotk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvr_J_XGlZYO8M5OM7_UPn_OK2APJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItNzM4MzE3MTgzMDYxNDIxNsgBCakCrAbXlFhbsj7gAgCoAwHIAwKqBJcCT9B7FJxE68svv4iMEe3JOZjFs57Rid5Nr5TcMI5VlzFYNvKqiH2rp27pPsnEtGIA2M9Ngz2-GuL8H5YJUo_a18bkmXbDvIQHBrlxaysgG8XU3BSZK7ZdwLY66nlG5WhcZtCgRYfGZLgbi3fgP_pLaex0NDPEzRo56wtfowLlvHLUOOvTi81EQqW5a0lgsGc1iZMhBcpUKx1yfE4T7RuEnLWwhpoWhI4U6S3S8nAbKgXnZrX-mJjK0XJe_RT2WJVz2QQnhD1yUeEk6lYsAQqItuqnb33cj0CNQsJK0tIHOOsUYfX_A2_HmVRJVc6zjerZQlSlONYq9OOCMdXEl8Fyuc6OkZDU5taDD9D3VJ4SWzsZVczNQdeu4AQBgAa3zazTroKSq-8BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WPv5-fT734MD8ggbYWR4LXN1YnN5bi0xMzk0NTAxMTA4NzkyOTkz-gsCCAGADAHiDRMIs9369PvfgwMVE8a7CB2fuQI70BUBgBcB%26num%3D1%26sig%3DAOD64_1zx-MDGZs1CVqeNypZzAmcmy3Dmg%26client%3Dca-pub-7383171830614216%26adurl%3D
Requested by
Host: 0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com
URL: https://0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
97b4d981be00086d5db9b0ca2a64dc60c3ee5e96e9235d2d6136968579b19cd4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Mon, 15 Jan 2024 17:57:19 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=rilMr95jL9D2RobwVumNUeh4hXJ_YTsmhsfEgUc2dBwFW0uJFn4equV_Y8Zmzn0ql400h0g6CAnPJavYyhuy8BJ2JHoFQPC1bdhJ6GMk_ROUcq9M8lmuO005vpJaNA7s1mH_y9gsM2gPY-8ecd13ZI9bez8xpnFnYbCBjdjwPMMW5CDvslOGsA1lHhMa_KJ9WvlhEtXoPuZ8F8R3w12hJfiA0EIR3XTZ2oXZfcbagNTCavvCwertOy3np_-70RfZVF_eLw"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
55898649
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
khaos.json
token.rubiconproject.com/ Frame AC76 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
611afce88997db6fdd35eb213e662871
Expires
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame E3AA 		1 KB
1001 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com
URL: https://0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

age
81428
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 14 Jan 2024 19:20:11 GMT
etag
48472445140208031
expires
Mon, 15 Jan 2024 19:20:11 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
usync.js
eus.rubiconproject.com/ Frame 5889 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
4c8a159651778f0ae37bbaf10b6d87d1451ead7f3abe06a5436c4935290d285e

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 17:57:19 GMT
Content-Encoding
gzip
Last-Modified
Mon, 15 Jan 2024 04:50:42 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=39170
Connection
keep-alive
Content-Length
10963
Expires
Tue, 16 Jan 2024 04:50:09 GMT
setuid
prebid-stag.setupad.net/
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24UID
  • https://prebid-stag.setupad.net/setuid?bidder=adform&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=1325312571758247641
86 B
930 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-stag.setupad.net/setuid?bidder=adform&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=1325312571758247641
Requested by
Host: ezgif.com
URL: https://ezgif.com/resize
Protocol
H2
Server
172.67.68.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ezgif.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C4qselfYgL5SGHeVRLfqOzKUS51YHyn5v7J62amFSzaq3tBdu1jsj9KgzgchLQqjcUb%2BCFgBBqWER1mG0j0ClppeAX4lgnHGiPpQBwoqg5UuoLpBh10rtQGYdP7sPir6xaJSSkB9DK5A"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
cf-ray
8460001f1c2a56c6-OSL
content-length
86
expires
0

Redirect headers

location
https://prebid-stag.setupad.net/setuid?bidder=adform&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=1325312571758247641
date
Mon, 15 Jan 2024 17:57:19 GMT
server
nginx
content-length
0
content-type
text/plain
truncated
/ Frame A12C 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b49491dbfb4389e83afc2993ae4e7768a78dc4cd54feef10b885d2378d5db142

Request headers

accept-language
no-NO,no;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/png
privacy_small.svg
static.criteo.net/flash/icon/ Frame A5F0 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaVx_QAM3gMIu8YTAAK5n1Jn4cTJg96n9YTRYA&u=%7CTquV4ic3XspJRcMBC18oi3VS3vzCcSGKb%2BXvjALF6B0%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oU-fBZNObj24EfUS2J5cBE6K6feSLM5sOg8eYxw9f09-pJvs8iAwk--40Ni-7U0wFOhRRorZm7rwbq-1BhyldvAUaMKmWpeg7BEC81sFoXEDv_CpHgITpGSmVW4wUZ7_d5iM_0_9FG9hEnuzwCNAhcCHViEm1TaE4De32f-czP12HrT1dpvIBqPJ7ogeO8HFuFdRPoL5Dx16DTXTDSlTVfRnXsp7ShiAQHUkK0uXZ_3UNfrfQGf-1-0S5e_Lxtq-OqkY3gfDGji2ur4TDH3WGi42SkSliocRdHnmRLCrtMuL14FrugeRBvmDd512Ekr2A9XL2MDUGDm_YHrrCIs69FyFhbB49C-6ptH5ucz9SIFeWjKTBhr36Sg6XJBOuZq40_DKYN3-r8rc6gZ_jfk5n6lC2Vc-jfa2psHppJvLPZ2f-WUJQu_BFSoOvyEDnIzat4a5b2aO8G90ZeNqXieZV4OSJpkaUPzBA6_ZIQo0PWK6IXIG5Qp-hOSmNWrncr1XYkdhC_g7P51N4q6wdRkmbzr4w8edmA6RMoQg17zPEGUslVXEKMEthvMHU9rzI8TpzLn4UPxMArU2z_S6xI34y-AgDp5kPCQcTtnb-_YftOrq122Whi39l3HSdQT6NQotk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvr_J_XGlZYO8M5OM7_UPn_OK2APJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItNzM4MzE3MTgzMDYxNDIxNsgBCakCrAbXlFhbsj7gAgCoAwHIAwKqBJcCT9B7FJxE68svv4iMEe3JOZjFs57Rid5Nr5TcMI5VlzFYNvKqiH2rp27pPsnEtGIA2M9Ngz2-GuL8H5YJUo_a18bkmXbDvIQHBrlxaysgG8XU3BSZK7ZdwLY66nlG5WhcZtCgRYfGZLgbi3fgP_pLaex0NDPEzRo56wtfowLlvHLUOOvTi81EQqW5a0lgsGc1iZMhBcpUKx1yfE4T7RuEnLWwhpoWhI4U6S3S8nAbKgXnZrX-mJjK0XJe_RT2WJVz2QQnhD1yUeEk6lYsAQqItuqnb33cj0CNQsJK0tIHOOsUYfX_A2_HmVRJVc6zjerZQlSlONYq9OOCMdXEl8Fyuc6OkZDU5taDD9D3VJ4SWzsZVczNQdeu4AQBgAa3zazTroKSq-8BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WPv5-fT734MD8ggbYWR4LXN1YnN5bi0xMzk0NTAxMTA4NzkyOTkz-gsCCAGADAHiDRMIs9369PvfgwMVE8a7CB2fuQI70BUBgBcB%26num%3D1%26sig%3DAOD64_1zx-MDGZs1CVqeNypZzAmcmy3Dmg%26client%3Dca-pub-7383171830614216%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:57:19 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 09 Jan 2025 17:57:19 GMT
adchoices_no.svg
static.criteo.net/flash/icon/ Frame A5F0 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_no.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaVx_QAM3gMIu8YTAAK5n1Jn4cTJg96n9YTRYA&u=%7CTquV4ic3XspJRcMBC18oi3VS3vzCcSGKb%2BXvjALF6B0%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oU-fBZNObj24EfUS2J5cBE6K6feSLM5sOg8eYxw9f09-pJvs8iAwk--40Ni-7U0wFOhRRorZm7rwbq-1BhyldvAUaMKmWpeg7BEC81sFoXEDv_CpHgITpGSmVW4wUZ7_d5iM_0_9FG9hEnuzwCNAhcCHViEm1TaE4De32f-czP12HrT1dpvIBqPJ7ogeO8HFuFdRPoL5Dx16DTXTDSlTVfRnXsp7ShiAQHUkK0uXZ_3UNfrfQGf-1-0S5e_Lxtq-OqkY3gfDGji2ur4TDH3WGi42SkSliocRdHnmRLCrtMuL14FrugeRBvmDd512Ekr2A9XL2MDUGDm_YHrrCIs69FyFhbB49C-6ptH5ucz9SIFeWjKTBhr36Sg6XJBOuZq40_DKYN3-r8rc6gZ_jfk5n6lC2Vc-jfa2psHppJvLPZ2f-WUJQu_BFSoOvyEDnIzat4a5b2aO8G90ZeNqXieZV4OSJpkaUPzBA6_ZIQo0PWK6IXIG5Qp-hOSmNWrncr1XYkdhC_g7P51N4q6wdRkmbzr4w8edmA6RMoQg17zPEGUslVXEKMEthvMHU9rzI8TpzLn4UPxMArU2z_S6xI34y-AgDp5kPCQcTtnb-_YftOrq122Whi39l3HSdQT6NQotk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvr_J_XGlZYO8M5OM7_UPn_OK2APJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItNzM4MzE3MTgzMDYxNDIxNsgBCakCrAbXlFhbsj7gAgCoAwHIAwKqBJcCT9B7FJxE68svv4iMEe3JOZjFs57Rid5Nr5TcMI5VlzFYNvKqiH2rp27pPsnEtGIA2M9Ngz2-GuL8H5YJUo_a18bkmXbDvIQHBrlxaysgG8XU3BSZK7ZdwLY66nlG5WhcZtCgRYfGZLgbi3fgP_pLaex0NDPEzRo56wtfowLlvHLUOOvTi81EQqW5a0lgsGc1iZMhBcpUKx1yfE4T7RuEnLWwhpoWhI4U6S3S8nAbKgXnZrX-mJjK0XJe_RT2WJVz2QQnhD1yUeEk6lYsAQqItuqnb33cj0CNQsJK0tIHOOsUYfX_A2_HmVRJVc6zjerZQlSlONYq9OOCMdXEl8Fyuc6OkZDU5taDD9D3VJ4SWzsZVczNQdeu4AQBgAa3zazTroKSq-8BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WPv5-fT734MD8ggbYWR4LXN1YnN5bi0xMzk0NTAxMTA4NzkyOTkz-gsCCAGADAHiDRMIs9369PvfgwMVE8a7CB2fuQI70BUBgBcB%26num%3D1%26sig%3DAOD64_1zx-MDGZs1CVqeNypZzAmcmy3Dmg%26client%3Dca-pub-7383171830614216%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
062ae97c3beccec19d98bd998586b18af77b7f2868d3c1d1b18a01290dc6e75a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:57:19 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-75b"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 09 Jan 2025 17:57:19 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame A5F0 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaVx_QAM3gMIu8YTAAK5n1Jn4cTJg96n9YTRYA&u=%7CTquV4ic3XspJRcMBC18oi3VS3vzCcSGKb%2BXvjALF6B0%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oU-fBZNObj24EfUS2J5cBE6K6feSLM5sOg8eYxw9f09-pJvs8iAwk--40Ni-7U0wFOhRRorZm7rwbq-1BhyldvAUaMKmWpeg7BEC81sFoXEDv_CpHgITpGSmVW4wUZ7_d5iM_0_9FG9hEnuzwCNAhcCHViEm1TaE4De32f-czP12HrT1dpvIBqPJ7ogeO8HFuFdRPoL5Dx16DTXTDSlTVfRnXsp7ShiAQHUkK0uXZ_3UNfrfQGf-1-0S5e_Lxtq-OqkY3gfDGji2ur4TDH3WGi42SkSliocRdHnmRLCrtMuL14FrugeRBvmDd512Ekr2A9XL2MDUGDm_YHrrCIs69FyFhbB49C-6ptH5ucz9SIFeWjKTBhr36Sg6XJBOuZq40_DKYN3-r8rc6gZ_jfk5n6lC2Vc-jfa2psHppJvLPZ2f-WUJQu_BFSoOvyEDnIzat4a5b2aO8G90ZeNqXieZV4OSJpkaUPzBA6_ZIQo0PWK6IXIG5Qp-hOSmNWrncr1XYkdhC_g7P51N4q6wdRkmbzr4w8edmA6RMoQg17zPEGUslVXEKMEthvMHU9rzI8TpzLn4UPxMArU2z_S6xI34y-AgDp5kPCQcTtnb-_YftOrq122Whi39l3HSdQT6NQotk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvr_J_XGlZYO8M5OM7_UPn_OK2APJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItNzM4MzE3MTgzMDYxNDIxNsgBCakCrAbXlFhbsj7gAgCoAwHIAwKqBJcCT9B7FJxE68svv4iMEe3JOZjFs57Rid5Nr5TcMI5VlzFYNvKqiH2rp27pPsnEtGIA2M9Ngz2-GuL8H5YJUo_a18bkmXbDvIQHBrlxaysgG8XU3BSZK7ZdwLY66nlG5WhcZtCgRYfGZLgbi3fgP_pLaex0NDPEzRo56wtfowLlvHLUOOvTi81EQqW5a0lgsGc1iZMhBcpUKx1yfE4T7RuEnLWwhpoWhI4U6S3S8nAbKgXnZrX-mJjK0XJe_RT2WJVz2QQnhD1yUeEk6lYsAQqItuqnb33cj0CNQsJK0tIHOOsUYfX_A2_HmVRJVc6zjerZQlSlONYq9OOCMdXEl8Fyuc6OkZDU5taDD9D3VJ4SWzsZVczNQdeu4AQBgAa3zazTroKSq-8BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WPv5-fT734MD8ggbYWR4LXN1YnN5bi0xMzk0NTAxMTA4NzkyOTkz-gsCCAGADAHiDRMIs9369PvfgwMVE8a7CB2fuQI70BUBgBcB%26num%3D1%26sig%3DAOD64_1zx-MDGZs1CVqeNypZzAmcmy3Dmg%26client%3Dca-pub-7383171830614216%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:57:19 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Thu, 09 Jan 2025 17:57:19 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame A5F0 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaVx_QAM3gMIu8YTAAK5n1Jn4cTJg96n9YTRYA&u=%7CTquV4ic3XspJRcMBC18oi3VS3vzCcSGKb%2BXvjALF6B0%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oU-fBZNObj24EfUS2J5cBE6K6feSLM5sOg8eYxw9f09-pJvs8iAwk--40Ni-7U0wFOhRRorZm7rwbq-1BhyldvAUaMKmWpeg7BEC81sFoXEDv_CpHgITpGSmVW4wUZ7_d5iM_0_9FG9hEnuzwCNAhcCHViEm1TaE4De32f-czP12HrT1dpvIBqPJ7ogeO8HFuFdRPoL5Dx16DTXTDSlTVfRnXsp7ShiAQHUkK0uXZ_3UNfrfQGf-1-0S5e_Lxtq-OqkY3gfDGji2ur4TDH3WGi42SkSliocRdHnmRLCrtMuL14FrugeRBvmDd512Ekr2A9XL2MDUGDm_YHrrCIs69FyFhbB49C-6ptH5ucz9SIFeWjKTBhr36Sg6XJBOuZq40_DKYN3-r8rc6gZ_jfk5n6lC2Vc-jfa2psHppJvLPZ2f-WUJQu_BFSoOvyEDnIzat4a5b2aO8G90ZeNqXieZV4OSJpkaUPzBA6_ZIQo0PWK6IXIG5Qp-hOSmNWrncr1XYkdhC_g7P51N4q6wdRkmbzr4w8edmA6RMoQg17zPEGUslVXEKMEthvMHU9rzI8TpzLn4UPxMArU2z_S6xI34y-AgDp5kPCQcTtnb-_YftOrq122Whi39l3HSdQT6NQotk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvr_J_XGlZYO8M5OM7_UPn_OK2APJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItNzM4MzE3MTgzMDYxNDIxNsgBCakCrAbXlFhbsj7gAgCoAwHIAwKqBJcCT9B7FJxE68svv4iMEe3JOZjFs57Rid5Nr5TcMI5VlzFYNvKqiH2rp27pPsnEtGIA2M9Ngz2-GuL8H5YJUo_a18bkmXbDvIQHBrlxaysgG8XU3BSZK7ZdwLY66nlG5WhcZtCgRYfGZLgbi3fgP_pLaex0NDPEzRo56wtfowLlvHLUOOvTi81EQqW5a0lgsGc1iZMhBcpUKx1yfE4T7RuEnLWwhpoWhI4U6S3S8nAbKgXnZrX-mJjK0XJe_RT2WJVz2QQnhD1yUeEk6lYsAQqItuqnb33cj0CNQsJK0tIHOOsUYfX_A2_HmVRJVc6zjerZQlSlONYq9OOCMdXEl8Fyuc6OkZDU5taDD9D3VJ4SWzsZVczNQdeu4AQBgAa3zazTroKSq-8BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WPv5-fT734MD8ggbYWR4LXN1YnN5bi0xMzk0NTAxMTA4NzkyOTkz-gsCCAGADAHiDRMIs9369PvfgwMVE8a7CB2fuQI70BUBgBcB%26num%3D1%26sig%3DAOD64_1zx-MDGZs1CVqeNypZzAmcmy3Dmg%26client%3Dca-pub-7383171830614216%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:57:19 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Thu, 09 Jan 2025 17:57:19 GMT
lg.php
cat.nl3.eu.criteo.com/delivery/ Frame A5F0 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=miH2aXIxHLoKpkjyTVYr4db4fqZbEfas_2s-vKNmOHyF7miwUv88ih9KaEyc2EXiZcDJvFwgEa2JUjETOfamCxqDzLwnyPYCpcOtGqm6RueWU2g2YFTev_S1kcMgBTvtGD0tRVbzrWgSU3CCyWP4cVJaC7nGaa0JVSt9TXWVMAWgBndkONNbb7T7EUije4GxKLDE6c9qOuUHwjjTSm3Gu-xNfEIC044PGAsJyXKJjfK5927dZnPEyGL-kXj4dLxvGcX6WuDD19zMoY0pz46pLYb0nbps_u1uI0Z9XVgM73m70kpwyiEodIjfmuTj9HmacvYGUnTqdFUG-e_48VX_sb5ZnmEkwMVjvxpqmKhtCZTmfb1GHqmfEM8QUIb1bpavUEIHrWlZtMbaAeR6jG2HwmqjkFuIPUtZYgL0B_tPvnYAm7iT
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaVx_QAM3gMIu8YTAAK5n1Jn4cTJg96n9YTRYA&u=%7CTquV4ic3XspJRcMBC18oi3VS3vzCcSGKb%2BXvjALF6B0%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oU-fBZNObj24EfUS2J5cBE6K6feSLM5sOg8eYxw9f09-pJvs8iAwk--40Ni-7U0wFOhRRorZm7rwbq-1BhyldvAUaMKmWpeg7BEC81sFoXEDv_CpHgITpGSmVW4wUZ7_d5iM_0_9FG9hEnuzwCNAhcCHViEm1TaE4De32f-czP12HrT1dpvIBqPJ7ogeO8HFuFdRPoL5Dx16DTXTDSlTVfRnXsp7ShiAQHUkK0uXZ_3UNfrfQGf-1-0S5e_Lxtq-OqkY3gfDGji2ur4TDH3WGi42SkSliocRdHnmRLCrtMuL14FrugeRBvmDd512Ekr2A9XL2MDUGDm_YHrrCIs69FyFhbB49C-6ptH5ucz9SIFeWjKTBhr36Sg6XJBOuZq40_DKYN3-r8rc6gZ_jfk5n6lC2Vc-jfa2psHppJvLPZ2f-WUJQu_BFSoOvyEDnIzat4a5b2aO8G90ZeNqXieZV4OSJpkaUPzBA6_ZIQo0PWK6IXIG5Qp-hOSmNWrncr1XYkdhC_g7P51N4q6wdRkmbzr4w8edmA6RMoQg17zPEGUslVXEKMEthvMHU9rzI8TpzLn4UPxMArU2z_S6xI34y-AgDp5kPCQcTtnb-_YftOrq122Whi39l3HSdQT6NQotk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvr_J_XGlZYO8M5OM7_UPn_OK2APJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItNzM4MzE3MTgzMDYxNDIxNsgBCakCrAbXlFhbsj7gAgCoAwHIAwKqBJcCT9B7FJxE68svv4iMEe3JOZjFs57Rid5Nr5TcMI5VlzFYNvKqiH2rp27pPsnEtGIA2M9Ngz2-GuL8H5YJUo_a18bkmXbDvIQHBrlxaysgG8XU3BSZK7ZdwLY66nlG5WhcZtCgRYfGZLgbi3fgP_pLaex0NDPEzRo56wtfowLlvHLUOOvTi81EQqW5a0lgsGc1iZMhBcpUKx1yfE4T7RuEnLWwhpoWhI4U6S3S8nAbKgXnZrX-mJjK0XJe_RT2WJVz2QQnhD1yUeEk6lYsAQqItuqnb33cj0CNQsJK0tIHOOsUYfX_A2_HmVRJVc6zjerZQlSlONYq9OOCMdXEl8Fyuc6OkZDU5taDD9D3VJ4SWzsZVczNQdeu4AQBgAa3zazTroKSq-8BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WPv5-fT734MD8ggbYWR4LXN1YnN5bi0xMzk0NTAxMTA4NzkyOTkz-gsCCAGADAHiDRMIs9369PvfgwMVE8a7CB2fuQI70BUBgBcB%26num%3D1%26sig%3DAOD64_1zx-MDGZs1CVqeNypZzAmcmy3Dmg%26client%3Dca-pub-7383171830614216%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:19 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2229412
expires
Mon, 26 Jul 1997 05:00:00 GMT
m
secure-gl.imrworldwide.com/cgi-bin/ Frame A5F0 		44 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1705341438
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaVx_QAM3gMIu8YTAAK5n1Jn4cTJg96n9YTRYA&u=%7CTquV4ic3XspJRcMBC18oi3VS3vzCcSGKb%2BXvjALF6B0%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oU-fBZNObj24EfUS2J5cBE6K6feSLM5sOg8eYxw9f09-pJvs8iAwk--40Ni-7U0wFOhRRorZm7rwbq-1BhyldvAUaMKmWpeg7BEC81sFoXEDv_CpHgITpGSmVW4wUZ7_d5iM_0_9FG9hEnuzwCNAhcCHViEm1TaE4De32f-czP12HrT1dpvIBqPJ7ogeO8HFuFdRPoL5Dx16DTXTDSlTVfRnXsp7ShiAQHUkK0uXZ_3UNfrfQGf-1-0S5e_Lxtq-OqkY3gfDGji2ur4TDH3WGi42SkSliocRdHnmRLCrtMuL14FrugeRBvmDd512Ekr2A9XL2MDUGDm_YHrrCIs69FyFhbB49C-6ptH5ucz9SIFeWjKTBhr36Sg6XJBOuZq40_DKYN3-r8rc6gZ_jfk5n6lC2Vc-jfa2psHppJvLPZ2f-WUJQu_BFSoOvyEDnIzat4a5b2aO8G90ZeNqXieZV4OSJpkaUPzBA6_ZIQo0PWK6IXIG5Qp-hOSmNWrncr1XYkdhC_g7P51N4q6wdRkmbzr4w8edmA6RMoQg17zPEGUslVXEKMEthvMHU9rzI8TpzLn4UPxMArU2z_S6xI34y-AgDp5kPCQcTtnb-_YftOrq122Whi39l3HSdQT6NQotk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvr_J_XGlZYO8M5OM7_UPn_OK2APJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItNzM4MzE3MTgzMDYxNDIxNsgBCakCrAbXlFhbsj7gAgCoAwHIAwKqBJcCT9B7FJxE68svv4iMEe3JOZjFs57Rid5Nr5TcMI5VlzFYNvKqiH2rp27pPsnEtGIA2M9Ngz2-GuL8H5YJUo_a18bkmXbDvIQHBrlxaysgG8XU3BSZK7ZdwLY66nlG5WhcZtCgRYfGZLgbi3fgP_pLaex0NDPEzRo56wtfowLlvHLUOOvTi81EQqW5a0lgsGc1iZMhBcpUKx1yfE4T7RuEnLWwhpoWhI4U6S3S8nAbKgXnZrX-mJjK0XJe_RT2WJVz2QQnhD1yUeEk6lYsAQqItuqnb33cj0CNQsJK0tIHOOsUYfX_A2_HmVRJVc6zjerZQlSlONYq9OOCMdXEl8Fyuc6OkZDU5taDD9D3VJ4SWzsZVczNQdeu4AQBgAa3zazTroKSq-8BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WPv5-fT734MD8ggbYWR4LXN1YnN5bi0xMzk0NTAxMTA4NzkyOTkz-gsCCAGADAHiDRMIs9369PvfgwMVE8a7CB2fuQI70BUBgBcB%26num%3D1%26sig%3DAOD64_1zx-MDGZs1CVqeNypZzAmcmy3Dmg%26client%3Dca-pub-7383171830614216%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:2800:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:57:19 GMT
via
1.1 3a3c1dcacd115187f53f40028ae4bd24.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
p3p
P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
cross-origin-resource-policy
cross-origin
content-length
44
pragma
no-cache
server
nginx
accept-ch
Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
access-control-allow-methods
POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
x-amz-cf-id
Ew5v49XccFz57Ra_YuGSPa3lZbFVCrIdHlbtilW_2G8SZQIJJFfv4w==
expires
Thu, 01 Dec 1994 16:00:00 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame A5F0 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaVx_QAM3gMIu8YTAAK5n1Jn4cTJg96n9YTRYA&u=%7CTquV4ic3XspJRcMBC18oi3VS3vzCcSGKb%2BXvjALF6B0%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oU-fBZNObj24EfUS2J5cBE6K6feSLM5sOg8eYxw9f09-pJvs8iAwk--40Ni-7U0wFOhRRorZm7rwbq-1BhyldvAUaMKmWpeg7BEC81sFoXEDv_CpHgITpGSmVW4wUZ7_d5iM_0_9FG9hEnuzwCNAhcCHViEm1TaE4De32f-czP12HrT1dpvIBqPJ7ogeO8HFuFdRPoL5Dx16DTXTDSlTVfRnXsp7ShiAQHUkK0uXZ_3UNfrfQGf-1-0S5e_Lxtq-OqkY3gfDGji2ur4TDH3WGi42SkSliocRdHnmRLCrtMuL14FrugeRBvmDd512Ekr2A9XL2MDUGDm_YHrrCIs69FyFhbB49C-6ptH5ucz9SIFeWjKTBhr36Sg6XJBOuZq40_DKYN3-r8rc6gZ_jfk5n6lC2Vc-jfa2psHppJvLPZ2f-WUJQu_BFSoOvyEDnIzat4a5b2aO8G90ZeNqXieZV4OSJpkaUPzBA6_ZIQo0PWK6IXIG5Qp-hOSmNWrncr1XYkdhC_g7P51N4q6wdRkmbzr4w8edmA6RMoQg17zPEGUslVXEKMEthvMHU9rzI8TpzLn4UPxMArU2z_S6xI34y-AgDp5kPCQcTtnb-_YftOrq122Whi39l3HSdQT6NQotk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvr_J_XGlZYO8M5OM7_UPn_OK2APJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItNzM4MzE3MTgzMDYxNDIxNsgBCakCrAbXlFhbsj7gAgCoAwHIAwKqBJcCT9B7FJxE68svv4iMEe3JOZjFs57Rid5Nr5TcMI5VlzFYNvKqiH2rp27pPsnEtGIA2M9Ngz2-GuL8H5YJUo_a18bkmXbDvIQHBrlxaysgG8XU3BSZK7ZdwLY66nlG5WhcZtCgRYfGZLgbi3fgP_pLaex0NDPEzRo56wtfowLlvHLUOOvTi81EQqW5a0lgsGc1iZMhBcpUKx1yfE4T7RuEnLWwhpoWhI4U6S3S8nAbKgXnZrX-mJjK0XJe_RT2WJVz2QQnhD1yUeEk6lYsAQqItuqnb33cj0CNQsJK0tIHOOsUYfX_A2_HmVRJVc6zjerZQlSlONYq9OOCMdXEl8Fyuc6OkZDU5taDD9D3VJ4SWzsZVczNQdeu4AQBgAa3zazTroKSq-8BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WPv5-fT734MD8ggbYWR4LXN1YnN5bi0xMzk0NTAxMTA4NzkyOTkz-gsCCAGADAHiDRMIs9369PvfgwMVE8a7CB2fuQI70BUBgBcB%26num%3D1%26sig%3DAOD64_1zx-MDGZs1CVqeNypZzAmcmy3Dmg%26client%3Dca-pub-7383171830614216%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:57:19 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
4722713
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4420
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=whhxuINhWqLGP%2BjJFTjWEuHT42PfP7K8HoN%2FBAeGz%2BUC%2BPNnx60D1Dcf60CUqX%2FC27yXwf3RVnnkj0Sw9sIC5skc0paIpDv1Qg1Ai%2FwvCZT9B4I9hCjpOesHh8O2mq12%2FKZZie7YFHPkqeiQLGodeLtf"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8460001eb8f30b41-OSL
expires
Sat, 04 Jan 2025 17:57:19 GMT
f9d5f193fe704d30bc6e97384f41c8fe_relative-bold-pro.woff
static.criteo.net/design/dt/ Frame A5F0 		57 KB
57 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/f9d5f193fe704d30bc6e97384f41c8fe_relative-bold-pro.woff
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaVx_QAM3gMIu8YTAAK5n1Jn4cTJg96n9YTRYA&u=%7CTquV4ic3XspJRcMBC18oi3VS3vzCcSGKb%2BXvjALF6B0%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oU-fBZNObj24EfUS2J5cBE6K6feSLM5sOg8eYxw9f09-pJvs8iAwk--40Ni-7U0wFOhRRorZm7rwbq-1BhyldvAUaMKmWpeg7BEC81sFoXEDv_CpHgITpGSmVW4wUZ7_d5iM_0_9FG9hEnuzwCNAhcCHViEm1TaE4De32f-czP12HrT1dpvIBqPJ7ogeO8HFuFdRPoL5Dx16DTXTDSlTVfRnXsp7ShiAQHUkK0uXZ_3UNfrfQGf-1-0S5e_Lxtq-OqkY3gfDGji2ur4TDH3WGi42SkSliocRdHnmRLCrtMuL14FrugeRBvmDd512Ekr2A9XL2MDUGDm_YHrrCIs69FyFhbB49C-6ptH5ucz9SIFeWjKTBhr36Sg6XJBOuZq40_DKYN3-r8rc6gZ_jfk5n6lC2Vc-jfa2psHppJvLPZ2f-WUJQu_BFSoOvyEDnIzat4a5b2aO8G90ZeNqXieZV4OSJpkaUPzBA6_ZIQo0PWK6IXIG5Qp-hOSmNWrncr1XYkdhC_g7P51N4q6wdRkmbzr4w8edmA6RMoQg17zPEGUslVXEKMEthvMHU9rzI8TpzLn4UPxMArU2z_S6xI34y-AgDp5kPCQcTtnb-_YftOrq122Whi39l3HSdQT6NQotk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvr_J_XGlZYO8M5OM7_UPn_OK2APJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItNzM4MzE3MTgzMDYxNDIxNsgBCakCrAbXlFhbsj7gAgCoAwHIAwKqBJcCT9B7FJxE68svv4iMEe3JOZjFs57Rid5Nr5TcMI5VlzFYNvKqiH2rp27pPsnEtGIA2M9Ngz2-GuL8H5YJUo_a18bkmXbDvIQHBrlxaysgG8XU3BSZK7ZdwLY66nlG5WhcZtCgRYfGZLgbi3fgP_pLaex0NDPEzRo56wtfowLlvHLUOOvTi81EQqW5a0lgsGc1iZMhBcpUKx1yfE4T7RuEnLWwhpoWhI4U6S3S8nAbKgXnZrX-mJjK0XJe_RT2WJVz2QQnhD1yUeEk6lYsAQqItuqnb33cj0CNQsJK0tIHOOsUYfX_A2_HmVRJVc6zjerZQlSlONYq9OOCMdXEl8Fyuc6OkZDU5taDD9D3VJ4SWzsZVczNQdeu4AQBgAa3zazTroKSq-8BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WPv5-fT734MD8ggbYWR4LXN1YnN5bi0xMzk0NTAxMTA4NzkyOTkz-gsCCAGADAHiDRMIs9369PvfgwMVE8a7CB2fuQI70BUBgBcB%26num%3D1%26sig%3DAOD64_1zx-MDGZs1CVqeNypZzAmcmy3Dmg%26client%3Dca-pub-7383171830614216%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0c94f7120af1dd1e52881cfb218fb4fda3f26d6971c0ebd317ba23b459dcaa1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Origin
https://ads.eu.criteo.com
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:57:19 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 20 Apr 2023 14:26:14 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"64414b86-e41c"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 09 Jan 2025 17:57:19 GMT
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame E3AA
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEN9IRrO-9Np89eAHzX9PoLY&google_cver=1&google_push=AXcoOmSm1aM5dt4nrgkqIzXOdeYNSdeA7KbOCU5JvdEvahA8DO2h6ED3j1OhmLAFwbkvDb5x0L7TaWthGwSjhn1yt17b-iGa-rnd
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mzg5NzY5NDk2NzkyNzQzMjE1NA==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEN9IRrO-9Np89eAHzX9PoLY&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEN9IRrO-9Np89eAHzX9PoLY&google_cver=1
Requested by
Host: 0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com
URL: https://0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 15 Jan 2024 17:57:19 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:19 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEN9IRrO-9Np89eAHzX9PoLY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E3AA
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEGgpFLChMUy0fjYM0TqTEbQ&google_cver=1&google_push=AXcoOmSvMuXfhhItxgJIJVXyz-PwYBkQpiTXe_gqiAfa5O-ZjYq5m0-O5Wt1FbdzfkMNWyX8GkhmP...
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmSvMuXfhhItxgJIJVXyz-PwYBkQpiTXe_gqiAfa5O-ZjYq5m0-O5Wt1FbdzfkMNWyX8GkhmPyQAfzTSTanoQHOrxRl-94mK
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmSvMuXfhhItxgJIJVXyz-PwYBkQpiTXe_gqiAfa5O-ZjYq5m0-O5Wt1FbdzfkMNWyX8GkhmPyQAfzTSTanoQHOrxRl-94mK
Requested by
Host: 0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com
URL: https://0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 15 Jan 2024 17:57:19 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 1843FDC1B9414CBC96B773EFAC06E21E Ref B: STOEDGE1217 Ref C: 2024-01-15T17:57:19Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
location
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmSvMuXfhhItxgJIJVXyz-PwYBkQpiTXe_gqiAfa5O-ZjYq5m0-O5Wt1FbdzfkMNWyX8GkhmPyQAfzTSTanoQHOrxRl-94mK
x-li-proto
http/2
content-length
0
x-li-uuid
AAYO/77AGUPYvOpf9dpnbQ==
google
match.adsrvr.org/track/cmf/ Frame E3AA 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEHJozM7hlUWOuVKkqtLW_9g&google_cver=1&google_push=AXcoOmSAxQC7YMDof-P1653IuAYmgJrysXQgwaJIYsw4pId658cB_hh3pz5z10X7jue5r_0JhL6YivvxFLYjbOD0nwwnKGCfYhM
Requested by
Host: 0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com
URL: https://0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:57:19 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame E3AA
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESENBPbxZBro8zGoX6Aw5HtlY&google_cver=1&google_push=AXcoOmSUFsWQbjvbkvRcXvH-ahKdbb2qO1XkT1djk6A1lvyyptZ8ruByUZqs-77GQBH2R0wfMpzhllGaFZHbkzl9YQyb...
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=125f1bfd-f835-444f-aebb-fe39c951329f&gdpr=&gdpr_consent=
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=125f1bfd-f835-444f-aebb-fe39c951329f&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=ad043c2e-bb10-4580-ae2f-ff79fc664b34&ssp=google&expires=30&user_group=5&bsw_param=125f1bfd-f835-444f-aebb-fe39c951329f
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmSUFsWQbjvbkvRcXvH-ahKdbb2qO1XkT1djk6A1lvyyptZ8ruByUZqs-77GQBH2R0wfMpzhllGaFZHbkzl9YQybZid4PvUX&google_hm=El8b_fg1RE-uu_45yVEynw==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmSUFsWQbjvbkvRcXvH-ahKdbb2qO1XkT1djk6A1lvyyptZ8ruByUZqs-77GQBH2R0wfMpzhllGaFZHbkzl9YQybZid4PvUX&google_hm=El8b_fg1RE-uu_45yVEynw==
Requested by
Host: 0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com
URL: https://0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmSUFsWQbjvbkvRcXvH-ahKdbb2qO1XkT1djk6A1lvyyptZ8ruByUZqs-77GQBH2R0wfMpzhllGaFZHbkzl9YQybZid4PvUX&google_hm=El8b_fg1RE-uu_45yVEynw==
date
Mon, 15 Jan 2024 17:57:20 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
pixel
cm.g.doubleclick.net/ Frame E3AA
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEEuiYv5IMx1eFvxPZWjYHBM&google_cver=1&google_push=AXcoOmSvEydKAj7EGoYSQnWbjuNzyMZ1ce8jETKZ1KTjQSws2l7dpdclMIsYH4W-yv5NC2yjdSkTuua5nkHZUa8bAqO8r8C...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEEuiYv5IMx1eFvxPZWjYHBM&google_cver=1&google_push=AXcoOmSvEydKAj7EGoYSQnWbjuNzyMZ1ce8jETKZ1KTjQSws2l7dpdclMIsYH4W-yv5NC2yjdSkTuua5nkHZUa8bAqO8r...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSvEydKAj7EGoYSQnWbjuNzyMZ1ce8jETKZ1KTjQSws2l7dpdclMIsYH4W-yv5NC2yjdSkTuua5nkHZUa8bAqO8r8CSTztd
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSvEydKAj7EGoYSQnWbjuNzyMZ1ce8jETKZ1KTjQSws2l7dpdclMIsYH4W-yv5NC2yjdSkTuua5nkHZUa8bAqO8r8CSTztd
Requested by
Host: 0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com
URL: https://0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSvEydKAj7EGoYSQnWbjuNzyMZ1ce8jETKZ1KTjQSws2l7dpdclMIsYH4W-yv5NC2yjdSkTuua5nkHZUa8bAqO8r8CSTztd
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame E3AA
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEPzxiSXrhPk3ERr8hr2VYbs&google_cver=1&google_push=AXcoOmSYyaEeMvKkcRMATqek8N2qbj53xtodpMm_JxxFH6TasmhPlyR29G1oCPEkuoDy1KTjC5r...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJGODlFNkktMVgtM0lLSg==&google_push=AXcoOmSYyaEeMvKkcRMATqek8N2qbj53xtodpMm_JxxFH6TasmhPlyR29G1oCPEkuoDy1KTjC5rdwy7E06NZCN4lVoY8SFRVY17D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJGODlFNkktMVgtM0lLSg==&google_push=AXcoOmSYyaEeMvKkcRMATqek8N2qbj53xtodpMm_JxxFH6TasmhPlyR29G1oCPEkuoDy1KTjC5rdwy7E06NZCN4lVoY8SFRVY17D
Requested by
Host: 0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com
URL: https://0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJGODlFNkktMVgtM0lLSg==&google_push=AXcoOmSYyaEeMvKkcRMATqek8N2qbj53xtodpMm_JxxFH6TasmhPlyR29G1oCPEkuoDy1KTjC5rdwy7E06NZCN4lVoY8SFRVY17D
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Expires
0
spacer.gif
an.yandex.ru/resource/ Frame E3AA
Redirect Chain
  • https://an.yandex.ru/mapuid/google/CAESEDM2j_0zkYeNw8alAemNdvc?ext-param=AXcoOmTnFHyLX4U0HYsgUeW3-dCGI47V6tG-Cu_PKrmTKi1LQue3kyXC2jDYJcVQGyyv3rTDI9YbVSeSy8ENgLqi3r8UtSfUo_g_&partner-tag=yandex_ag&g...
  • https://an.yandex.ru/mapuid/google/CAESEDM2j_0zkYeNw8alAemNdvc?redir-setuniq=1&ext-param=AXcoOmTnFHyLX4U0HYsgUeW3-dCGI47V6tG-Cu_PKrmTKi1LQue3kyXC2jDYJcVQGyyv3rTDI9YbVSeSy8ENgLqi3r8UtSfUo_g_&partner...
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEDM2j_0zkYeNw8alAemNdvc&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
  • https://an.yandex.ru/resource/spacer.gif
43 B
144 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/resource/spacer.gif
Requested by
Host: ezgif.com
URL: https://ezgif.com/resize
Protocol
H2
Server
2a02:6b8::90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:57:20 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Wed, 18 Apr 2001 10:28:03 GMT
content-type
image/gif
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Mon, 30 Dec 2024 17:57:20 GMT

Redirect headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:20 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://an.yandex.ru/resource/spacer.gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
237
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame E3AA 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KoEZUkmlf19r-fLBBYnKl2LvpNNdOopAvsKZHMzj8leQopwYWdPGFHxaxEj7BCuXXYc1U1JA
Requested by
Host: 0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com
URL: https://0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:57:19 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
animejs.js
static.criteo.net/animejs/ Frame A5F0 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaVx_QAM3gMIu8YTAAK5n1Jn4cTJg96n9YTRYA&u=%7CTquV4ic3XspJRcMBC18oi3VS3vzCcSGKb%2BXvjALF6B0%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oU-fBZNObj24EfUS2J5cBE6K6feSLM5sOg8eYxw9f09-pJvs8iAwk--40Ni-7U0wFOhRRorZm7rwbq-1BhyldvAUaMKmWpeg7BEC81sFoXEDv_CpHgITpGSmVW4wUZ7_d5iM_0_9FG9hEnuzwCNAhcCHViEm1TaE4De32f-czP12HrT1dpvIBqPJ7ogeO8HFuFdRPoL5Dx16DTXTDSlTVfRnXsp7ShiAQHUkK0uXZ_3UNfrfQGf-1-0S5e_Lxtq-OqkY3gfDGji2ur4TDH3WGi42SkSliocRdHnmRLCrtMuL14FrugeRBvmDd512Ekr2A9XL2MDUGDm_YHrrCIs69FyFhbB49C-6ptH5ucz9SIFeWjKTBhr36Sg6XJBOuZq40_DKYN3-r8rc6gZ_jfk5n6lC2Vc-jfa2psHppJvLPZ2f-WUJQu_BFSoOvyEDnIzat4a5b2aO8G90ZeNqXieZV4OSJpkaUPzBA6_ZIQo0PWK6IXIG5Qp-hOSmNWrncr1XYkdhC_g7P51N4q6wdRkmbzr4w8edmA6RMoQg17zPEGUslVXEKMEthvMHU9rzI8TpzLn4UPxMArU2z_S6xI34y-AgDp5kPCQcTtnb-_YftOrq122Whi39l3HSdQT6NQotk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvr_J_XGlZYO8M5OM7_UPn_OK2APJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItNzM4MzE3MTgzMDYxNDIxNsgBCakCrAbXlFhbsj7gAgCoAwHIAwKqBJcCT9B7FJxE68svv4iMEe3JOZjFs57Rid5Nr5TcMI5VlzFYNvKqiH2rp27pPsnEtGIA2M9Ngz2-GuL8H5YJUo_a18bkmXbDvIQHBrlxaysgG8XU3BSZK7ZdwLY66nlG5WhcZtCgRYfGZLgbi3fgP_pLaex0NDPEzRo56wtfowLlvHLUOOvTi81EQqW5a0lgsGc1iZMhBcpUKx1yfE4T7RuEnLWwhpoWhI4U6S3S8nAbKgXnZrX-mJjK0XJe_RT2WJVz2QQnhD1yUeEk6lYsAQqItuqnb33cj0CNQsJK0tIHOOsUYfX_A2_HmVRJVc6zjerZQlSlONYq9OOCMdXEl8Fyuc6OkZDU5taDD9D3VJ4SWzsZVczNQdeu4AQBgAa3zazTroKSq-8BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WPv5-fT734MD8ggbYWR4LXN1YnN5bi0xMzk0NTAxMTA4NzkyOTkz-gsCCAGADAHiDRMIs9369PvfgwMVE8a7CB2fuQI70BUBgBcB%26num%3D1%26sig%3DAOD64_1zx-MDGZs1CVqeNypZzAmcmy3Dmg%26client%3Dca-pub-7383171830614216%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:57:19 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 09 Jan 2025 17:57:19 GMT
img
imageproxy.eu.criteo.net/img/ Frame A5F0 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=104&m=0&partner=2861&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F230524%2Fab5244b2b96f4d3db06cb0ff9e6efb06_logo_n_horizontal_9.png&v=3&w=596&rid=4&s=hu-rrsXgrWtTIm0W2dfFyA7r
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaVx_QAM3gMIu8YTAAK5n1Jn4cTJg96n9YTRYA&u=%7CTquV4ic3XspJRcMBC18oi3VS3vzCcSGKb%2BXvjALF6B0%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oU-fBZNObj24EfUS2J5cBE6K6feSLM5sOg8eYxw9f09-pJvs8iAwk--40Ni-7U0wFOhRRorZm7rwbq-1BhyldvAUaMKmWpeg7BEC81sFoXEDv_CpHgITpGSmVW4wUZ7_d5iM_0_9FG9hEnuzwCNAhcCHViEm1TaE4De32f-czP12HrT1dpvIBqPJ7ogeO8HFuFdRPoL5Dx16DTXTDSlTVfRnXsp7ShiAQHUkK0uXZ_3UNfrfQGf-1-0S5e_Lxtq-OqkY3gfDGji2ur4TDH3WGi42SkSliocRdHnmRLCrtMuL14FrugeRBvmDd512Ekr2A9XL2MDUGDm_YHrrCIs69FyFhbB49C-6ptH5ucz9SIFeWjKTBhr36Sg6XJBOuZq40_DKYN3-r8rc6gZ_jfk5n6lC2Vc-jfa2psHppJvLPZ2f-WUJQu_BFSoOvyEDnIzat4a5b2aO8G90ZeNqXieZV4OSJpkaUPzBA6_ZIQo0PWK6IXIG5Qp-hOSmNWrncr1XYkdhC_g7P51N4q6wdRkmbzr4w8edmA6RMoQg17zPEGUslVXEKMEthvMHU9rzI8TpzLn4UPxMArU2z_S6xI34y-AgDp5kPCQcTtnb-_YftOrq122Whi39l3HSdQT6NQotk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvr_J_XGlZYO8M5OM7_UPn_OK2APJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItNzM4MzE3MTgzMDYxNDIxNsgBCakCrAbXlFhbsj7gAgCoAwHIAwKqBJcCT9B7FJxE68svv4iMEe3JOZjFs57Rid5Nr5TcMI5VlzFYNvKqiH2rp27pPsnEtGIA2M9Ngz2-GuL8H5YJUo_a18bkmXbDvIQHBrlxaysgG8XU3BSZK7ZdwLY66nlG5WhcZtCgRYfGZLgbi3fgP_pLaex0NDPEzRo56wtfowLlvHLUOOvTi81EQqW5a0lgsGc1iZMhBcpUKx1yfE4T7RuEnLWwhpoWhI4U6S3S8nAbKgXnZrX-mJjK0XJe_RT2WJVz2QQnhD1yUeEk6lYsAQqItuqnb33cj0CNQsJK0tIHOOsUYfX_A2_HmVRJVc6zjerZQlSlONYq9OOCMdXEl8Fyuc6OkZDU5taDD9D3VJ4SWzsZVczNQdeu4AQBgAa3zazTroKSq-8BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WPv5-fT734MD8ggbYWR4LXN1YnN5bi0xMzk0NTAxMTA4NzkyOTkz-gsCCAGADAHiDRMIs9369PvfgwMVE8a7CB2fuQI70BUBgBcB%26num%3D1%26sig%3DAOD64_1zx-MDGZs1CVqeNypZzAmcmy3Dmg%26client%3Dca-pub-7383171830614216%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
940237e5b80c927a656ad2ac73211077ac8fa628d5d07583ed42e911c2c140a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:57:19 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
14467
expires
Mon, 06 Jan 2025 02:36:19 GMT
img
imageproxy.eu.criteo.net/img/ Frame A5F0 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F0%2FlogoDigitalInsight-GmbH-352399DE-2401132150.png%3Feb%3D1&v=3&w=400&rid=4&s=bdxNL5TWUod_WrbL04rpgFpJ&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaVx_QAM3gMIu8YTAAK5n1Jn4cTJg96n9YTRYA&u=%7CTquV4ic3XspJRcMBC18oi3VS3vzCcSGKb%2BXvjALF6B0%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oU-fBZNObj24EfUS2J5cBE6K6feSLM5sOg8eYxw9f09-pJvs8iAwk--40Ni-7U0wFOhRRorZm7rwbq-1BhyldvAUaMKmWpeg7BEC81sFoXEDv_CpHgITpGSmVW4wUZ7_d5iM_0_9FG9hEnuzwCNAhcCHViEm1TaE4De32f-czP12HrT1dpvIBqPJ7ogeO8HFuFdRPoL5Dx16DTXTDSlTVfRnXsp7ShiAQHUkK0uXZ_3UNfrfQGf-1-0S5e_Lxtq-OqkY3gfDGji2ur4TDH3WGi42SkSliocRdHnmRLCrtMuL14FrugeRBvmDd512Ekr2A9XL2MDUGDm_YHrrCIs69FyFhbB49C-6ptH5ucz9SIFeWjKTBhr36Sg6XJBOuZq40_DKYN3-r8rc6gZ_jfk5n6lC2Vc-jfa2psHppJvLPZ2f-WUJQu_BFSoOvyEDnIzat4a5b2aO8G90ZeNqXieZV4OSJpkaUPzBA6_ZIQo0PWK6IXIG5Qp-hOSmNWrncr1XYkdhC_g7P51N4q6wdRkmbzr4w8edmA6RMoQg17zPEGUslVXEKMEthvMHU9rzI8TpzLn4UPxMArU2z_S6xI34y-AgDp5kPCQcTtnb-_YftOrq122Whi39l3HSdQT6NQotk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvr_J_XGlZYO8M5OM7_UPn_OK2APJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItNzM4MzE3MTgzMDYxNDIxNsgBCakCrAbXlFhbsj7gAgCoAwHIAwKqBJcCT9B7FJxE68svv4iMEe3JOZjFs57Rid5Nr5TcMI5VlzFYNvKqiH2rp27pPsnEtGIA2M9Ngz2-GuL8H5YJUo_a18bkmXbDvIQHBrlxaysgG8XU3BSZK7ZdwLY66nlG5WhcZtCgRYfGZLgbi3fgP_pLaex0NDPEzRo56wtfowLlvHLUOOvTi81EQqW5a0lgsGc1iZMhBcpUKx1yfE4T7RuEnLWwhpoWhI4U6S3S8nAbKgXnZrX-mJjK0XJe_RT2WJVz2QQnhD1yUeEk6lYsAQqItuqnb33cj0CNQsJK0tIHOOsUYfX_A2_HmVRJVc6zjerZQlSlONYq9OOCMdXEl8Fyuc6OkZDU5taDD9D3VJ4SWzsZVczNQdeu4AQBgAa3zazTroKSq-8BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WPv5-fT734MD8ggbYWR4LXN1YnN5bi0xMzk0NTAxMTA4NzkyOTkz-gsCCAGADAHiDRMIs9369PvfgwMVE8a7CB2fuQI70BUBgBcB%26num%3D1%26sig%3DAOD64_1zx-MDGZs1CVqeNypZzAmcmy3Dmg%26client%3Dca-pub-7383171830614216%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
989dea90c47659a4256d2bb0a90697f1fa986287ffd6b763cf69a2d3c81d75aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:57:19 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=85497
timing-allow-origin
*
content-length
5510
expires
Tue, 16 Jan 2024 06:23:43 GMT
img
imageproxy.eu.criteo.net/img/ Frame A5F0 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F3%2FlogoGleissner-Melzer-Automobile-GmbH-303779DE-2312081433.gif%3Feb%3D1&v=3&w=400&rid=4&s=Bfh2LiIbdaQHG3HxWbJxQEs2&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaVx_QAM3gMIu8YTAAK5n1Jn4cTJg96n9YTRYA&u=%7CTquV4ic3XspJRcMBC18oi3VS3vzCcSGKb%2BXvjALF6B0%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oU-fBZNObj24EfUS2J5cBE6K6feSLM5sOg8eYxw9f09-pJvs8iAwk--40Ni-7U0wFOhRRorZm7rwbq-1BhyldvAUaMKmWpeg7BEC81sFoXEDv_CpHgITpGSmVW4wUZ7_d5iM_0_9FG9hEnuzwCNAhcCHViEm1TaE4De32f-czP12HrT1dpvIBqPJ7ogeO8HFuFdRPoL5Dx16DTXTDSlTVfRnXsp7ShiAQHUkK0uXZ_3UNfrfQGf-1-0S5e_Lxtq-OqkY3gfDGji2ur4TDH3WGi42SkSliocRdHnmRLCrtMuL14FrugeRBvmDd512Ekr2A9XL2MDUGDm_YHrrCIs69FyFhbB49C-6ptH5ucz9SIFeWjKTBhr36Sg6XJBOuZq40_DKYN3-r8rc6gZ_jfk5n6lC2Vc-jfa2psHppJvLPZ2f-WUJQu_BFSoOvyEDnIzat4a5b2aO8G90ZeNqXieZV4OSJpkaUPzBA6_ZIQo0PWK6IXIG5Qp-hOSmNWrncr1XYkdhC_g7P51N4q6wdRkmbzr4w8edmA6RMoQg17zPEGUslVXEKMEthvMHU9rzI8TpzLn4UPxMArU2z_S6xI34y-AgDp5kPCQcTtnb-_YftOrq122Whi39l3HSdQT6NQotk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvr_J_XGlZYO8M5OM7_UPn_OK2APJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItNzM4MzE3MTgzMDYxNDIxNsgBCakCrAbXlFhbsj7gAgCoAwHIAwKqBJcCT9B7FJxE68svv4iMEe3JOZjFs57Rid5Nr5TcMI5VlzFYNvKqiH2rp27pPsnEtGIA2M9Ngz2-GuL8H5YJUo_a18bkmXbDvIQHBrlxaysgG8XU3BSZK7ZdwLY66nlG5WhcZtCgRYfGZLgbi3fgP_pLaex0NDPEzRo56wtfowLlvHLUOOvTi81EQqW5a0lgsGc1iZMhBcpUKx1yfE4T7RuEnLWwhpoWhI4U6S3S8nAbKgXnZrX-mJjK0XJe_RT2WJVz2QQnhD1yUeEk6lYsAQqItuqnb33cj0CNQsJK0tIHOOsUYfX_A2_HmVRJVc6zjerZQlSlONYq9OOCMdXEl8Fyuc6OkZDU5taDD9D3VJ4SWzsZVczNQdeu4AQBgAa3zazTroKSq-8BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WPv5-fT734MD8ggbYWR4LXN1YnN5bi0xMzk0NTAxMTA4NzkyOTkz-gsCCAGADAHiDRMIs9369PvfgwMVE8a7CB2fuQI70BUBgBcB%26num%3D1%26sig%3DAOD64_1zx-MDGZs1CVqeNypZzAmcmy3Dmg%26client%3Dca-pub-7383171830614216%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
d98d8b4a70e98068a431ae38d8d5c371518ac3591026f3339b3ba43af286c20d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:57:19 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=85499
timing-allow-origin
*
content-length
2144
expires
Tue, 16 Jan 2024 11:18:05 GMT
img
imageproxy.eu.criteo.net/img/ Frame A5F0 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FC%2FlogoBWI-GmbH-82433DE-2208161325.gif%3Feb%3D1&v=3&w=400&rid=4&s=EtBeg5nQSnr_a19B0xzUOSo-&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaVx_QAM3gMIu8YTAAK5n1Jn4cTJg96n9YTRYA&u=%7CTquV4ic3XspJRcMBC18oi3VS3vzCcSGKb%2BXvjALF6B0%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oU-fBZNObj24EfUS2J5cBE6K6feSLM5sOg8eYxw9f09-pJvs8iAwk--40Ni-7U0wFOhRRorZm7rwbq-1BhyldvAUaMKmWpeg7BEC81sFoXEDv_CpHgITpGSmVW4wUZ7_d5iM_0_9FG9hEnuzwCNAhcCHViEm1TaE4De32f-czP12HrT1dpvIBqPJ7ogeO8HFuFdRPoL5Dx16DTXTDSlTVfRnXsp7ShiAQHUkK0uXZ_3UNfrfQGf-1-0S5e_Lxtq-OqkY3gfDGji2ur4TDH3WGi42SkSliocRdHnmRLCrtMuL14FrugeRBvmDd512Ekr2A9XL2MDUGDm_YHrrCIs69FyFhbB49C-6ptH5ucz9SIFeWjKTBhr36Sg6XJBOuZq40_DKYN3-r8rc6gZ_jfk5n6lC2Vc-jfa2psHppJvLPZ2f-WUJQu_BFSoOvyEDnIzat4a5b2aO8G90ZeNqXieZV4OSJpkaUPzBA6_ZIQo0PWK6IXIG5Qp-hOSmNWrncr1XYkdhC_g7P51N4q6wdRkmbzr4w8edmA6RMoQg17zPEGUslVXEKMEthvMHU9rzI8TpzLn4UPxMArU2z_S6xI34y-AgDp5kPCQcTtnb-_YftOrq122Whi39l3HSdQT6NQotk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvr_J_XGlZYO8M5OM7_UPn_OK2APJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItNzM4MzE3MTgzMDYxNDIxNsgBCakCrAbXlFhbsj7gAgCoAwHIAwKqBJcCT9B7FJxE68svv4iMEe3JOZjFs57Rid5Nr5TcMI5VlzFYNvKqiH2rp27pPsnEtGIA2M9Ngz2-GuL8H5YJUo_a18bkmXbDvIQHBrlxaysgG8XU3BSZK7ZdwLY66nlG5WhcZtCgRYfGZLgbi3fgP_pLaex0NDPEzRo56wtfowLlvHLUOOvTi81EQqW5a0lgsGc1iZMhBcpUKx1yfE4T7RuEnLWwhpoWhI4U6S3S8nAbKgXnZrX-mJjK0XJe_RT2WJVz2QQnhD1yUeEk6lYsAQqItuqnb33cj0CNQsJK0tIHOOsUYfX_A2_HmVRJVc6zjerZQlSlONYq9OOCMdXEl8Fyuc6OkZDU5taDD9D3VJ4SWzsZVczNQdeu4AQBgAa3zazTroKSq-8BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WPv5-fT734MD8ggbYWR4LXN1YnN5bi0xMzk0NTAxMTA4NzkyOTkz-gsCCAGADAHiDRMIs9369PvfgwMVE8a7CB2fuQI70BUBgBcB%26num%3D1%26sig%3DAOD64_1zx-MDGZs1CVqeNypZzAmcmy3Dmg%26client%3Dca-pub-7383171830614216%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
cc3b04e00cede182123138355e4659b44ea24ad4a89243615203533591cedc61
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:57:19 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=86385
timing-allow-origin
*
content-length
4456
expires
Tue, 16 Jan 2024 12:17:01 GMT
img
imageproxy.eu.criteo.net/img/ Frame A5F0 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FA%2FlogoDRK-Soziale-Dienste-in-der-Region-Hannover-gGmbH-282044DE-2111081613.gif%3Feb%3D1&v=3&w=400&rid=4&s=v0wGyt-x33-NIzXug9oDIffn&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaVx_QAM3gMIu8YTAAK5n1Jn4cTJg96n9YTRYA&u=%7CTquV4ic3XspJRcMBC18oi3VS3vzCcSGKb%2BXvjALF6B0%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oU-fBZNObj24EfUS2J5cBE6K6feSLM5sOg8eYxw9f09-pJvs8iAwk--40Ni-7U0wFOhRRorZm7rwbq-1BhyldvAUaMKmWpeg7BEC81sFoXEDv_CpHgITpGSmVW4wUZ7_d5iM_0_9FG9hEnuzwCNAhcCHViEm1TaE4De32f-czP12HrT1dpvIBqPJ7ogeO8HFuFdRPoL5Dx16DTXTDSlTVfRnXsp7ShiAQHUkK0uXZ_3UNfrfQGf-1-0S5e_Lxtq-OqkY3gfDGji2ur4TDH3WGi42SkSliocRdHnmRLCrtMuL14FrugeRBvmDd512Ekr2A9XL2MDUGDm_YHrrCIs69FyFhbB49C-6ptH5ucz9SIFeWjKTBhr36Sg6XJBOuZq40_DKYN3-r8rc6gZ_jfk5n6lC2Vc-jfa2psHppJvLPZ2f-WUJQu_BFSoOvyEDnIzat4a5b2aO8G90ZeNqXieZV4OSJpkaUPzBA6_ZIQo0PWK6IXIG5Qp-hOSmNWrncr1XYkdhC_g7P51N4q6wdRkmbzr4w8edmA6RMoQg17zPEGUslVXEKMEthvMHU9rzI8TpzLn4UPxMArU2z_S6xI34y-AgDp5kPCQcTtnb-_YftOrq122Whi39l3HSdQT6NQotk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvr_J_XGlZYO8M5OM7_UPn_OK2APJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItNzM4MzE3MTgzMDYxNDIxNsgBCakCrAbXlFhbsj7gAgCoAwHIAwKqBJcCT9B7FJxE68svv4iMEe3JOZjFs57Rid5Nr5TcMI5VlzFYNvKqiH2rp27pPsnEtGIA2M9Ngz2-GuL8H5YJUo_a18bkmXbDvIQHBrlxaysgG8XU3BSZK7ZdwLY66nlG5WhcZtCgRYfGZLgbi3fgP_pLaex0NDPEzRo56wtfowLlvHLUOOvTi81EQqW5a0lgsGc1iZMhBcpUKx1yfE4T7RuEnLWwhpoWhI4U6S3S8nAbKgXnZrX-mJjK0XJe_RT2WJVz2QQnhD1yUeEk6lYsAQqItuqnb33cj0CNQsJK0tIHOOsUYfX_A2_HmVRJVc6zjerZQlSlONYq9OOCMdXEl8Fyuc6OkZDU5taDD9D3VJ4SWzsZVczNQdeu4AQBgAa3zazTroKSq-8BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WPv5-fT734MD8ggbYWR4LXN1YnN5bi0xMzk0NTAxMTA4NzkyOTkz-gsCCAGADAHiDRMIs9369PvfgwMVE8a7CB2fuQI70BUBgBcB%26num%3D1%26sig%3DAOD64_1zx-MDGZs1CVqeNypZzAmcmy3Dmg%26client%3Dca-pub-7383171830614216%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
67d7cb7afb56ee620a4d283d05f216bb372a23a664fa226619bedf684614ea22
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:57:19 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=85493
timing-allow-origin
*
content-length
2806
expires
Mon, 15 Jan 2024 19:57:37 GMT
all
csm.eu.criteo.net/ Frame A5F0 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=rilMr95jL9D2RobwVumNUeh4hXJ_YTsmhsfEgUc2dBwFW0uJFn4equV_Y8Zmzn0ql400h0g6CAnPJavYyhuy8BJ2JHoFQPC1bdhJ6GMk_ROUcq9M8lmuO005vpJaNA7s1mH_y9gsM2gPY-8ecd13ZI9bez8xpnFnYbCBjdjwPMMW5CDvslOGsA1lHhMa_KJ9WvlhEtXoPuZ8F8R3w12hJfiA0EIR3XTZ2oXZfcbagNTCavvCwertOy3np_-70RfZVF_eLw&sds=2&rev=90025&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaVx_QAM3gMIu8YTAAK5n1Jn4cTJg96n9YTRYA&u=%7CTquV4ic3XspJRcMBC18oi3VS3vzCcSGKb%2BXvjALF6B0%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oU-fBZNObj24EfUS2J5cBE6K6feSLM5sOg8eYxw9f09-pJvs8iAwk--40Ni-7U0wFOhRRorZm7rwbq-1BhyldvAUaMKmWpeg7BEC81sFoXEDv_CpHgITpGSmVW4wUZ7_d5iM_0_9FG9hEnuzwCNAhcCHViEm1TaE4De32f-czP12HrT1dpvIBqPJ7ogeO8HFuFdRPoL5Dx16DTXTDSlTVfRnXsp7ShiAQHUkK0uXZ_3UNfrfQGf-1-0S5e_Lxtq-OqkY3gfDGji2ur4TDH3WGi42SkSliocRdHnmRLCrtMuL14FrugeRBvmDd512Ekr2A9XL2MDUGDm_YHrrCIs69FyFhbB49C-6ptH5ucz9SIFeWjKTBhr36Sg6XJBOuZq40_DKYN3-r8rc6gZ_jfk5n6lC2Vc-jfa2psHppJvLPZ2f-WUJQu_BFSoOvyEDnIzat4a5b2aO8G90ZeNqXieZV4OSJpkaUPzBA6_ZIQo0PWK6IXIG5Qp-hOSmNWrncr1XYkdhC_g7P51N4q6wdRkmbzr4w8edmA6RMoQg17zPEGUslVXEKMEthvMHU9rzI8TpzLn4UPxMArU2z_S6xI34y-AgDp5kPCQcTtnb-_YftOrq122Whi39l3HSdQT6NQotk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvr_J_XGlZYO8M5OM7_UPn_OK2APJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItNzM4MzE3MTgzMDYxNDIxNsgBCakCrAbXlFhbsj7gAgCoAwHIAwKqBJcCT9B7FJxE68svv4iMEe3JOZjFs57Rid5Nr5TcMI5VlzFYNvKqiH2rp27pPsnEtGIA2M9Ngz2-GuL8H5YJUo_a18bkmXbDvIQHBrlxaysgG8XU3BSZK7ZdwLY66nlG5WhcZtCgRYfGZLgbi3fgP_pLaex0NDPEzRo56wtfowLlvHLUOOvTi81EQqW5a0lgsGc1iZMhBcpUKx1yfE4T7RuEnLWwhpoWhI4U6S3S8nAbKgXnZrX-mJjK0XJe_RT2WJVz2QQnhD1yUeEk6lYsAQqItuqnb33cj0CNQsJK0tIHOOsUYfX_A2_HmVRJVc6zjerZQlSlONYq9OOCMdXEl8Fyuc6OkZDU5taDD9D3VJ4SWzsZVczNQdeu4AQBgAa3zazTroKSq-8BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WPv5-fT734MD8ggbYWR4LXN1YnN5bi0xMzk0NTAxMTA4NzkyOTkz-gsCCAGADAHiDRMIs9369PvfgwMVE8a7CB2fuQI70BUBgBcB%26num%3D1%26sig%3DAOD64_1zx-MDGZs1CVqeNypZzAmcmy3Dmg%26client%3Dca-pub-7383171830614216%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 15 Jan 2024 17:57:19 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
privacy.svg
static.criteo.net/flash/icon/ Frame A5F0 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaVx_QAM3gMIu8YTAAK5n1Jn4cTJg96n9YTRYA&u=%7CTquV4ic3XspJRcMBC18oi3VS3vzCcSGKb%2BXvjALF6B0%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oU-fBZNObj24EfUS2J5cBE6K6feSLM5sOg8eYxw9f09-pJvs8iAwk--40Ni-7U0wFOhRRorZm7rwbq-1BhyldvAUaMKmWpeg7BEC81sFoXEDv_CpHgITpGSmVW4wUZ7_d5iM_0_9FG9hEnuzwCNAhcCHViEm1TaE4De32f-czP12HrT1dpvIBqPJ7ogeO8HFuFdRPoL5Dx16DTXTDSlTVfRnXsp7ShiAQHUkK0uXZ_3UNfrfQGf-1-0S5e_Lxtq-OqkY3gfDGji2ur4TDH3WGi42SkSliocRdHnmRLCrtMuL14FrugeRBvmDd512Ekr2A9XL2MDUGDm_YHrrCIs69FyFhbB49C-6ptH5ucz9SIFeWjKTBhr36Sg6XJBOuZq40_DKYN3-r8rc6gZ_jfk5n6lC2Vc-jfa2psHppJvLPZ2f-WUJQu_BFSoOvyEDnIzat4a5b2aO8G90ZeNqXieZV4OSJpkaUPzBA6_ZIQo0PWK6IXIG5Qp-hOSmNWrncr1XYkdhC_g7P51N4q6wdRkmbzr4w8edmA6RMoQg17zPEGUslVXEKMEthvMHU9rzI8TpzLn4UPxMArU2z_S6xI34y-AgDp5kPCQcTtnb-_YftOrq122Whi39l3HSdQT6NQotk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvr_J_XGlZYO8M5OM7_UPn_OK2APJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItNzM4MzE3MTgzMDYxNDIxNsgBCakCrAbXlFhbsj7gAgCoAwHIAwKqBJcCT9B7FJxE68svv4iMEe3JOZjFs57Rid5Nr5TcMI5VlzFYNvKqiH2rp27pPsnEtGIA2M9Ngz2-GuL8H5YJUo_a18bkmXbDvIQHBrlxaysgG8XU3BSZK7ZdwLY66nlG5WhcZtCgRYfGZLgbi3fgP_pLaex0NDPEzRo56wtfowLlvHLUOOvTi81EQqW5a0lgsGc1iZMhBcpUKx1yfE4T7RuEnLWwhpoWhI4U6S3S8nAbKgXnZrX-mJjK0XJe_RT2WJVz2QQnhD1yUeEk6lYsAQqItuqnb33cj0CNQsJK0tIHOOsUYfX_A2_HmVRJVc6zjerZQlSlONYq9OOCMdXEl8Fyuc6OkZDU5taDD9D3VJ4SWzsZVczNQdeu4AQBgAa3zazTroKSq-8BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WPv5-fT734MD8ggbYWR4LXN1YnN5bi0xMzk0NTAxMTA4NzkyOTkz-gsCCAGADAHiDRMIs9369PvfgwMVE8a7CB2fuQI70BUBgBcB%26num%3D1%26sig%3DAOD64_1zx-MDGZs1CVqeNypZzAmcmy3Dmg%26client%3Dca-pub-7383171830614216%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:57:19 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 09 Jan 2025 17:57:19 GMT
khaos.json
token.rubiconproject.com/ Frame 5889 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
611afce88997db6fdd35eb213e662871
Expires
0
container.html
0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 22CA 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ezgif.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 15 Jan 2024 17:57:17 GMT
expires
Tue, 14 Jan 2025 17:57:17 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bl-250cc79-7b57fac3.js
tagan.adlightning.com/setupad/ Frame 22CA 		72 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/setupad/bl-250cc79-7b57fac3.js
Requested by
Host: 0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com
URL: https://0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
44774be891c56e74c47471b718cc0846c3549496c82a9cda4ec4b47ccc325e35

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 11:37:57 GMT
content-encoding
gzip
via
1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
x-amz-version-id
bz.LJTOiikJkrZ_405ltiH2k3k8xaB9c
x-amz-cf-pop
FRA60-P4
age
195563
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
31148
x-amz-meta-git_commit
250cc79
last-modified
Sat, 13 Jan 2024 11:32:21 GMT
server
AmazonS3
etag
"a196e933fbe3bbafc363249ab99fcd33"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
_WiqcT3MRRMwD0JR7dWWYXFRYhdRVGO2Htt4vOLmtAcsKtgLEKmOjg==
b-935e2f1-22fd8186.js
tagan.adlightning.com/setupad/ Frame 22CA 		71 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/setupad/b-935e2f1-22fd8186.js
Requested by
Host: 0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com
URL: https://0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2231903638371ed6f332ab6c4482f1b0716e4aabf55b98b3efef17e07e0fa22e

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 00:07:14 GMT
content-encoding
gzip
via
1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
x-amz-version-id
TSM1sCYCFVBYqK8r2.wgiAybDtOWIo_C
x-amz-cf-pop
FRA60-P4
age
4211406
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
27763
x-amz-meta-git_commit
935e2f1
last-modified
Tue, 03 Oct 2023 14:25:23 GMT
server
AmazonS3
etag
"7164aeb4f3f79e485a778007d9bf2ade"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
7azS4w--Sz46BkeE-vk2Uy6Ot6bwo3BOBa2a-oMmrtlCnXMea9MBng==
gen_204
pagead2.googlesyndication.com/pagead/ Frame 22CA 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Ckm0SVf4xX-WoQNXIRYZCVnM5dsKpxRlLC5kq59C_FlCgvJSsSTT8jdwX1S9U2JjdDNZ9tVAla1nRIwDjyXSsUccIGzqiOZzJMoIuBU2FC2v8444I
Requested by
Host: 0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com
URL: https://0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 22CA 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com
URL: https://0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:57:19 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Mon, 15 Jan 2024 17:57:19 GMT
ai.aspx
m.exactag.com/ Frame 22CA 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.exactag.com/ai.aspx?tc=ca46ee1d44fc11c31437ef5ebe322260&rnd=1705341439343098
Requested by
Host: 0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com
URL: https://0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.202.235.10 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
/
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Date
Mon, 15 Jan 2024 17:57:20 GMT
X-Content-Type-Options
nosniff
P3P
policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy
cross-origin
Connection
close
X-ET-Monitoring
1
Content-Length
43
X-Xss-Protection
0
Pragma
no-cache
Last-Modified
Mo, 15 Jan 2024 05:57:20 GMT
X-ET-Code
0
Accept-CH
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
Access-Control-Max-Age
1000
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com
Cache-Control
private
Access-Control-Allow-Credentials
true
X-ET-Camp
713
Access-Control-Allow-Headers
*
Expires
Mon, 26 Jul 1997 05:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 22CA 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js
Requested by
Host: 0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com
URL: https://0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 15:26:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
9055
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 29 Jan 2024 15:26:25 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 22CA 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com
URL: https://0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 19:20:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
81428
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 28 Jan 2024 19:20:11 GMT
l
www.google.com/ads/measurement/ Frame 22CA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTLlutx5x9NpXCAFrCkCqYZdSsGs-6L-5MbNFkSB1mFJ8g80gHBpU-zKuOyCDyQQUplgWSbfKSTXuIvoWymAfuhRQiILw
Requested by
Host: 0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com
URL: https://0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 22CA 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com
URL: https://0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:57:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704891455226136"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 15 Jan 2024 17:57:19 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 711E 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvE0HmexVn3bnQ6VxVXDrUBCRqx_e7CHvBWuBIS5de7UA3TNtghex61NC2_81xxMrCuq-XRj0b0q7XJQBH7OnWEzyCOa9erEVUxL7I3hZgpRTkgPoPCVSaYth6rB2TrOTzCq2NVpr9zbCP5yCcUPGrk9PE2&sig=Cg0ArKJSzJABKdfJ37vWEAE&id=lidar2&mcvt=1001&p=28,762,118,1490&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20240110&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=2542854772&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705341438285&rpt=644&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-935e2f1-22fd8186.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ezgif.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A058 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-200.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://ezgif.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=172220
content-encoding
gzip
content-length
5622
content-type
text/html
date
Mon, 15 Jan 2024 17:57:20 GMT
expires
Wed, 17 Jan 2024 17:47:40 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
pixel
googleads.g.doubleclick.net/xbbe/ Frame 1815 		499 B
269 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CM_cnJQCEOXw25gCGKfPhN4BMAE&v=APEucNX2s44RPyxGEIx95mbHpXjc6B2zgBnaxWBlcmjsn8ILWFWIR2B1Op_-t1X2LC3ZfQpvpOQHuyEUMvJCc5YP7aVyioAMgDJvjb-el_Nms9aoFYstpMU
Requested by
Host: 0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com
URL: https://0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5ee2a16d4f8f9629ae75e0f94473f8601a4e0bf9527ba4467a094926e0947505
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
183
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 15 Jan 2024 17:57:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 54FD 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuFiMJ7_12UBpPyTqROQSY1DTnwzM2YF6kbPrtZLHOXncv4qPWnrjI1lDzzQ-675wRO_VF1ArvOCvWWBaOAw29i3f1jAsZxBtLj49QjUllA8_auOZXSjee3Jag4turAvrTKGUh6i1Wsbxshxm29UC7ZMam8&sig=Cg0ArKJSzEyd4uAL7ckTEAE&id=lidar2&mcvt=1145&p=810,126,1060,426&mtos=1145,1145,1145,1145,1145&tos=1145,0,0,0,0&v=20240110&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=1294909727&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705341438462&rpt=531&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-935e2f1-22fd8186.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ezgif.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame A12C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CyMGI_XGlZYO8M5OM7_UPn_OK2APJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItNzM4MzE3MTgzMDYxNDIxNsgBCakCrAbXlFhbsj7gAgCoAwHIAwKqBJQCT9B7FJxE68svv4iMEe3JOZjFs57Rid5Nr5TcMI5VlzFYNvKqiH2rp27pPsnEtGIA2M9Ngz2-GuL8H5YJUo_a18bkmXbDvIQHBrlxaysgG8XU3BSZK7ZdwLY66nlG5WhcZtCgRYfGZLgbi3fgP_pLaex0NDPEzRo56wtfowLlvHLUOOvTi81EQqW5a0lgsGc1iZMhBcpUKx1yfE4T7RuEnLWwhpoWhI4U6S3S8nAbKgXnZrX-mJjK0XJe_RT2WJVz2QQnhD1yUeEk6lYsAQqItuqnb33cj0CNQsJK0tIHOOsUYfX_A2_HmVRJVc6zjajbY8YlqwYXUjOl61nkfmV8nsQ4m77MZGJLMnYF64A-Q6PTwewk4AQBgAa3zazTroKSq-8BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WPv5-fT734MD8ggbYWR4LXN1YnN5bi0xMzk0NTAxMTA4NzkyOTkzgAoD-gsCCAGADAHiDRMIs9369PvfgwMVE8a7CB2fuQI70BUBgBcBshccChoSFHB1Yi03MzgzMTcxODMwNjE0MjE2GJXiHw&sigh=V5iapTETBYw&uach_m=%5BUACH%5D&cid=CAQSPAAvHhf_rWyJ7VqaVpawB7WKo5x6mSnNfz0NzaniulT3DAzcyxIxdhUKsjx5jHJLLZ6e0XLwTA1dXuzW-xgB&cbvp=2&vis=1
Requested by
Host: 0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com
URL: https://0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers
notify
rtb.nl3.eu.criteo.com/google/auction/ Frame A12C 		0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=k5XPF4G2XawC2ASdg2ICAgAAAGZsDEYmgWEa4LMnt_nn2owQ_XGlZe3Prw8QQ89cSt4AABIAAAoKQVFVREFRRUJBUQ&wp=ZaVx_QAM3gMIu8YTAAK5n1Jn4cTJg96n9YTRYA&cbvp=2
Requested by
Host: 0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com
URL: https://0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:57:20 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
153828
server
Kestrel
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 22CA 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6951301137441&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 22CA 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6951301137441&version=m202309260101&ct=119&x=1&cor=11887821453636248000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 22CA 		91 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CzDd8kvL8-tVxeg7RyVddy3LOkkdS0ZZxEecek9RQtXhcdxcq24zYWF7ds9V7PxU7XwRy-TttcecHFpedc77JyA3WtQvZfKpzOQHEwI9b86Ogxp2-4SBJ5PI5C_vt3afMmYXM60IYNZJHUs5VWrHuKcaAaMUkHznPOMwnMOB869MooKdi176GSNSyfopTBiVWodq5q&cry=1&dbm_d=AKAmf-CiDiWo97Oe7hTp7fNFV3EhF9Bfhii-yXlJNG3-4BrF4o5APprIHda7WjuyrPz_CdvK0-BoIVoDgYjxgKPdYs-2oKDbu9Yi3r1Y7p_PD5eZla4AKYGGiUUQ2n21PclwpahsXPjsz18VJh-0rNnOcZC8bRVAMioHylSd2hF14OlIPkX5CE41lQWdWq5xF6h50BYlDdmAEihmEzbUSJlbJKtr5BN3_q0K4rV58HRNHxp-KRACmgo7WzPZhr8YeNS_hyHVtU2yI98hOmqw13TbfdaK-JbcmWl3yybwbat3ctfwmyxwFvK4XRKD3YFppV21dzsPGbymKMlYQ1LdgnsJ9e9R6kDIlQrSSPjX9cqg7mkfBBCyrNBpqgPuyXLXRwlUPZOl6EHhDtewIUqJiEisF08OaSMR6zOCjsK22lAF_Yu8gPHlANPZt_YWsX20EKrD0alUflAq6k3GsNqvxiT8fKa7oZiiTCluC4_JTI-IH38VhfCcOz2cRB1AvRmQeUn4PdBeZq9jdhlwyjDIrV11Ly_9AQgs_zLuZPtC9zEe4o5Ca7c8g7zJA9vUp6Z8cH3KtGtE3ps-hWKFgK6JRwUFQ3LsglxPFQqjZCLE1qm84IDKeJZZgR5vHiy0ZYWEm5jf67_dW0v28-Evru9UIMskk_AtQr4o5iVHrSYhRwNzvGSIUUbYjnLF2LntBLvXwApqFLRH5jQ3_Rf_PWpL8i9iTu2bxS5aEjbyr0-ijlb-JPPGAm0mKrJmJmDgRfoAF7QFBl_vfI_MxHPG-u_x1qKVnuqnmNLnlImh075PxNAuiEp9kyE4Orx2aVBivxFg9B5OcqNO9t_UnXATiKBvRjQ-9yzqucS0Dt526-UhbxDc5-jSyBckyICW6RZqKyk2SdB9yAsR5xBIhkN-7q_tND0gjIbPOnfBKXl3r3kI1LJYIa39PEwDndk8SaSDi_gL50Bf4QFRF5bvh9FCxLMHjcSWUktbLTb5FVl0A404l4KJVjrB_F4xTNBmR__B2iLQT4hpIailaT9CUubsMxuCeRSarWTvMR6R2i5RSz7fskZgbJrqmhHSHSWy8MnHZZnbtOhJdo4dtrrY_YY6Tv12jRyJxM-57bdVP0zl_Plc84MFee253OBU-5XcVSWVPdsjyL6dmDgeJNvasLiXeu58teyIYtZLe4VKnEYR9UA1CqzH5OVGiNzqC11QUh87cEotDEqoiV5c8l-RsRwd3y4XgXnRNZ5mgvv9kyIk1cFGLGrHMBUnSKsj7AcRm1f8Oz-mYmVODl-cogwTQ0tG1dIqZ3wp6PU_P6BgOD7ElZXdZKh1qICJrZxaL9wGEE3_fWklZfD2EZY4qiBuozSqHNFvkLaMZ4yHjds-dxVUDcYkIAmsPAiOiX86EZNFEoPTbIbpUt3QNVXnMuQ2LKBtPuOoigNMZV2D7ifHE1U6UKJqg7EnsifKzBjGmHZorSzj22q1EQoWPVZdCHUUkbGAm29c5tUbeSu_TCruAcnppqehvrlL0YpkBgaEWRN9tEZd9fNr4H_Lw_YRr8MkzQrxP__Crsc750Ox-IWT8ejvS0qZfAWymjmNYFAUOk4WP-E0Ty8Bh-pmqmR-ZL8KyroNY0JfeLKiqNYt2YBFEoo_RLsg7hPV0LEAYh2FDhTfv3165VruUvEccls0abPuO2qfMp1XApQZNHjTIzRFvo4TvjTAUJK9q_miHBQw5503MedpDOaxHXdtHwX2Xgfr4sSc4_7vZtIfLOUGq9lhZQGzM7Z9KVX4IqubjcNFYQaMJ8nQWUXTquNHTyXR1XcqVU2T7qUjo-ogO_xl3RGrt_bTUVSnVwgWs99KkAmJY85kS4CD4wVilUmQB5RF3Z8rYHDwG4GCygRap9T0uiiJ8mAbnM519efZvOnnK8T5MtW54GYJ78ITg-tirZgp89ua7zdJGKY5hXlHoK_NJTNDxK7357Ov5EQmPPtyQVjtUMg2TmMmxDUGZgPefSrRRRSL1jJiX4RoH7TT0pFFth-7surrZ8YX0Iamm7mfQ-iPlF5bOAX8j1SBK-JyxRtaGcylYp9PkpgH4vY0A3MnG45kq2Id-giAOxHyyqZcn8zDefENIBtV3V9MC0T5AbhFjTCP2ZYNXRLij65VLLSilyQN6pY5-_5i7D_wDlYmJThur9cxjBx4Iq8MBXS3K10xnwm4zgc_WbYUHxHqbR65mlMXHqKWKvIG85_6lbJ4C-Zy8HShTn_ris532c8jjp3UVNiIB7xkK6pHHj1ZlWYnZchh-wBNEsE3vGBJU0xaZDt6F_hrNWtngDu3fbqfBRp2Tl3UDHlswVg3YdE2LOsEYvOC9WdQDTBWpdtiBsnWmhVcN0NlmXOvDc85Fli-FMy2mb4-98yjyGcvr0M7pqGYOrIV7CW4jXxMERPm4nfKPKPAQAs_kirjg5vOn_w1AUJmoitwb6uiIxD2g0xKgzwUz6s-roaFTtekmRulhuB-tqtn9pdMOqOLCFK0qaM23p4KSeNaeOSekZO4ebJe4t7bNZDsx9M4zUTYLUsex5Swsp4iq5v3vIirIh6EImbIUtZ4mibnTmGA4aGuKudZ6gRBhd9i1UYKxGFXBehtzlnLs2Zu9qRAX_ujOcNLixJuCxf4j_ZqM12KwIxqaqQCHH73lpDTGyX03C72_a69EZqoaXbyXaeE3Zct_WTklPripP6KZFwYvLQOcynhwPItwy5KaViDFL6GCvnacsx77u2HRgwbgPMSmzqIW_HSULKsFcN9vUTKpux0mGDGoHXzqmMKsKEF21TBfz2NQM76jwLbUZTU4cX-jb3AFpVEeAvj51B-SFwcVyovnb6f7IuYGq1FCdXGnYCEhY-zBt7DI_MOJ2jky30-Mnk4h-bx9cWxHSsBc5sumIV8fkrqzkaLh5UOx51D2Z_CPRElPO-jNYPxCclwTI5BX78uLazSIS6TL6BX1fSom8wqbnF1KHoE4lu0sagycNHSVtJMYYl53CpAG0mjLcwWzuikTNCD5c-y8ifY8kU9OY7toI19_VKpzx1WB-fl5zJyGgdwOR1I9FOtMskIvFoNB2O-tFhlxmt6MMzC6i9mOjXJGjU5R-lFWaigFa800h8RFIa7cSQBR_WT3IoTstzSC_ZbC0xOXpIuP_tGhYBxvxuCsgQluRrg2y1Fk2AkfTa7JcFjyCmFuRHPvIS-fnXH0flkJWbKHNue2Io_76NJtU-pYJuBoh2M_Z9tMnpEHNKNjedFT6HTzb7pv7GnH1rofgu6SkbruiaIMA-Klw43ymWe1h-DDyIsK8r0Pum63MOGmskYEaH4LobF6IBCDH1mmloNran6m2mhFyh-TkxqEvfnpy6bAcDLSn-UHgz2X5Wwc1G6ifsAyUgXi64qKx28N0j3YZKlMiD7-Wlem4mKgLhoqMBIXPoiK4ez1bOo3waGtCRxRIkuLbcUvHICudsTB6Mg7Z7wAvZzuyZLk22t-K3CO-N18TZDS56TdrUFdJzxK_FCz4vtqIA_cdFM--s_XXj8yWc71vA4ebEJTbNGuGzMBq7Ct5kwCIkNZPVwFwD7XnnMes8MZHP2dr90pEnJvSa2qX9tGsnMUdDbdIDiKXU01WDL60zqfiNv-8WCtgxXUQ7_0wsZxnk0H11QE-7slDO7wYEM9FimretRzo830V0jL0ZwW3Cd8VH1Z-qQ9OZqlAAErtScvHC0m7tVtzppjNXJv48NGAYPCkgupnbnYtpEudx1vX0a3uXTAMF_6joCTa3BIg4q2JC6KiJkHWm6Y2qt4MumC3bQ19y7idbn7wWhuFgAjAzNj0mb2pB8yvpaLBPkdhqbMN6oT1Y0w2RH7UZob51HOOuxLocdL3a9maYeZq0JRIrL4fuXwgIRO2ScKcszITACk0JX8BoTnFEeC9-JXvRofH1ocQGl0EQVVfZvPmaap3InGWMExraEFlaPR3ZKrftZ1HEHVFTY_8m8ntifuIP8Va29xMv5tOfDEUV7ANQXgObu-fgQW8EOuvNdLGUZ3HmU8BU6zHwEHJrO-27xZNix4_Eao_jjoc59t7nFYX-74VxeE-W05qoPcUgYgAW-PU-AFy60zUXtkAB3cF0Z0-CizYuQKpbeb-Lyp8uqLWUba3NE5IZOqdcVMjL1duP17AQybnpwzLffaueTYEiGbeIOnElKn5SvJjZxDEkWCWwOGa_QuUMZ89_gqZeGIwa5lnuELxDr-yaBhEVv97FJQxEV_fDwdJkUmZ8m6gExlfB_wyemV9k4MXwjoyQZumfpbE0xxo0o-h_tJKE8csD6l8hBlGv1gsA7h0cZLf_gb6Gbh64ZQ6QQpFTY04vz9E8NmomgVqEdNqRnhudSz2V5dzLJA0--R0BOd5BC5rSsqAfFFQrnI-4wzqsKl_VbT4P57oJ9v4-PtsBTeHN7r7VKB3isowBYgLCuHd_aEzvm8_-ghGVyLFnUsNAvLCmNx8_oLNPUkIA3rc6brNY&cid=CAQSPAAvHhf_O_MYOh0LBcKuLTTGQ-rTAmAWnO-Q2kzPz3dDK1Df3Y8PBuo6CFFMfpI2HogTRZ76SEor-ueiPxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fezgif.com%2F&ds=l&xdt=1&iif=1&cor=11887821453636248000&adk=943508964&idt=198&cac=0&dtd=104
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-935e2f1-22fd8186.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fba971016483d2b3a3a0fa8ce940ccb0257bb2521abb9301633289d454479969
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:20 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38736
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame C1B2 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d112de6466ef345fbad5d15bd8cc6c5504261a96e8784a3543d108090ee8af44

Request headers

Referer
https://ezgif.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
846000226ac3b4f9-OSL
content-encoding
br
content-type
text/html
date
Mon, 15 Jan 2024 17:57:20 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uWy0FinJZ32yNGsVarddl16n2ZdbX%2FQi6eBnCbPh7TIDvXj3DAzpbtJYLYUUa%2BBcfiMC3Vgn5dlxebA3zloxJ%2FcKN%2F7W6VlZDh9%2BbxeHKy4HXk%2BKFHjmSsdf3STirJShMRY4r6amPTxkfA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
node.php
node.setupad.com/node/ 		0
240 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://node.setupad.com/node/node.php
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ezgif.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:20 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
X-Requested-With
casale
match.adsrvr.org/track/cmf/ Frame C1B2 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:57:20 GMT
server
Kestrel
content-length
70
content-type
image/gif
31327
i6.liadm.com/s/ Frame C1B2
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZaVx-rC1Re9XqL1WAOmzmwAA%264418&gpdr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i6.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZaVx-rC1Re9XqL1WAOmzmwAA%264418&gpp_sid=&us_privacy=&gpdr=0
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i6.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZaVx-rC1Re9XqL1WAOmzmwAA%264418&gpp_sid=&us_privacy=&gpdr=0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
2600:1f18:ed:550a:ac77:9c63:d66e:ebeb Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 17:57:21 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
0
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZaVx-rC1Re9XqL1WAOmzmwAA%264418&gpp_sid=&us_privacy=&gpdr=0
Date
Mon, 15 Jan 2024 17:57:20 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
3
ZaVx_rC1Re9XqL1WAOmzmwAAEUIAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame C1B2 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZaVx_rC1Re9XqL1WAOmzmwAAEUIAAAIB?gdpr_consent=&us_privacy=&gdpr=0&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:3295:f713:9e96:927c Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:57:20 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum-sec.casalemedia.com/ Frame C1B2
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5498199044226996140&gdpr=0
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5498199044226996140&gdpr=0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:20 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MHWkTGTkgm5IquNsgJd5vCxoro5f6GHPb%2B%2B0YyNUccgHwOIxpZnuTHmlMuOwSVHs%2F0fSiffLmcW9xqBiKZcYMSCue0N%2FvA5UAxK6LaHrjob9lMsfdnXuNCakj7ASR0HkkEqk%2FScdhc9HTA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
846000237c76b4f9-OSL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:20 GMT
an-x-request-uuid
6b5c91ae-50c2-4933-bb14-4553c989ef5e
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5498199044226996140&gdpr=0
x-proxy-origin
178.255.148.165; 178.255.148.165; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame C1B2
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68&gdpr=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=UMFZEbv5WVt4CAUhpzfDcLL_lKU
43 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=UMFZEbv5WVt4CAUhpzfDcLL_lKU
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:20 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2AdreU8%2FV%2B6%2B7ZDxJsrjsboSx0N6PNtnaUKMCMLzx4MoJ0Y2MdUgmapeiOdLAv7YPlZ%2FSV0AJPRSyqn3tJZBUuZlp29snUaQ7pVUGBsJ7q7GuK%2BVNV%2F60fBqWf4pufmmz%2FduXrSjdlRDsg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
846000241d8fb4f9-OSL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=UMFZEbv5WVt4CAUhpzfDcLL_lKU
Date
Mon, 15 Jan 2024 17:57:20 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
crum
dsum-sec.casalemedia.com/ Frame C1B2
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29&gdpr=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=1325312571758247641&expiration=1706551106
43 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=1325312571758247641&expiration=1706551106
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:20 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pk4pRqqo9N5dIVG8unB3kLvSPXOFFLq0Jv7aXSsoUP9Kf61a33%2BL%2B%2F4e%2Fh%2BPH78CuA9GaaRCHpBWpU46W%2B20Q4QK8CHsQmPQCdQ8kehUeMLmi5knwEjXa9MyxJ8sdjBZVcL5Ic08683fVA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
846000234c21b4f9-OSL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=1325312571758247641&expiration=1706551106
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
crum
dsum-sec.casalemedia.com/ Frame C1B2
Redirect Chain
  • https://trace.mediago.io/ju/cs/indexexchange
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=acc8ce73d6e9cdf52605c500lrf89fsl
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=acc8ce73d6e9cdf52605c500lrf89fsl
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:20 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LzvXbOpdhqkp%2Bc%2FTpF%2BYstQl459%2BiiaU70ZXhOyljgQr1DRKRZ36g9ddKnOwJgySl3qeyxnl702wnKhWnrtaS13XELEwywohxkHigu9hl3Bi%2Fkt2mNl6yhmMabax%2BgPasjuhkRxcb0Es6w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84600025f942b4f9-OSL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Mon, 15 Jan 2024 17:57:20 GMT
via
1.1 google
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=acc8ce73d6e9cdf52605c500lrf89fsl
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
rum
r.casalemedia.com/ Frame C1B2
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=0
  • https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=643f45c5-3ac6-4200-bac6-117cfb4e4b15-65a571ff-4e4f&gdpr=0&gdpr_consent=
43 B
542 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=643f45c5-3ac6-4200-bac6-117cfb4e4b15-65a571ff-4e4f&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:20 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zMgjBRX5ui75gqIlG4oY7jw1rPag62HGYaeGK2cwhT4aVg7QYJRelqtE6%2BCepl5AQOn0rtmVbyhBpuAbtuKF%2FCxJZm4erFPxAwbhvRvmipaitgSwpUqJzBJVRtmQOqQ4bhEe"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
846000236d1d56a9-OSL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:19 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=643f45c5-3ac6-4200-bac6-117cfb4e4b15-65a571ff-4e4f&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
setuid
prebid-stag.setupad.net/ Frame C1B2 		0
843 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-stag.setupad.net/setuid?bidder=ix&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&f=b&uid=ZaVx-rC1Re9XqL1WAOmzmwAA%264418
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.68.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:20 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cswXtbVxsguhlHr0TxTHB5k2K6K3oqs8yxwm5%2FAuTn9i%2FCukJoUOIVdd1YuitB7vM0iBcuweCeqvXx%2FkbutJK7FlxNGTzEPr%2FL%2BAA1Z0nPLN%2Flp5jUB3cPRMXvIpW%2F7WNbhyZvGpx%2FGy"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
no-cache, no-store, must-revalidate
cf-ray
84600022fb8556c6-OSL
expires
0
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 22CA 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-935e2f1-22fd8186.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com/
Origin
https://0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 21:44:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
72781
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 15 Jan 2024 21:44:19 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/ Frame 22CA 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/omrhp.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-935e2f1-22fd8186.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:05:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
67894
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
14415875674906819925
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 28 Jan 2024 23:05:46 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/ Frame 22CA 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/abg_lite.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-935e2f1-22fd8186.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9dfbb8e1be036059aea6dd87bdbefa7ecada3617fb3f404ba4647ebbbf8160b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:27:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
66611
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11885
x-xss-protection
0
server
cafe
etag
16863283086342074828
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 28 Jan 2024 23:27:09 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 22CA 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-935e2f1-22fd8186.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 20:07:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
251372
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 11 Jan 2025 20:07:48 GMT
pixel
cm.g.doubleclick.net/ Frame 1815 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM_cnJQCEOXw25gCGKfPhN4BMAE&v=APEucNX2s44RPyxGEIx95mbHpXjc6B2zgBnaxWBlcmjsn8ILWFWIR2B1Op_-t1X2LC3ZfQpvpOQHuyEUMvJCc5YP7aVyioAMgDJvjb-el_Nms9aoFYstpMU
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 1815
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECmJ96XV-0TpVWIEb8IECNE&google_cver=1&gdpr=0
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECmJ96XV-0TpVWIEb8IECNE&google_cver=1&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM_cnJQCEOXw25gCGKfPhN4BMAE&v=APEucNX2s44RPyxGEIx95mbHpXjc6B2zgBnaxWBlcmjsn8ILWFWIR2B1Op_-t1X2LC3ZfQpvpOQHuyEUMvJCc5YP7aVyioAMgDJvjb-el_Nms9aoFYstpMU
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:20 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D5j0k%2BhTuQ9Ft5wusfbtv3moouCDllteqCwl%2BQCKSD7MaTWBab4arEdz78KxzXYpEz47GiQy%2BRTPuMdRIVZ2JvMiB1WoEccN6KQmdsiF9%2BAlgCGa8EG3pa81nWPkquZT7k%2FPvqcZutZaAw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84600024beeab4f9-OSL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:20 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECmJ96XV-0TpVWIEb8IECNE&google_cver=1&gdpr=0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
324
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 1815
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZaVx-rC1Re9XqL1WAOmzmwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECmJ96XV-0TpVWIEb8IECNE&google_cver=1&gdpr=0
43 B
730 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECmJ96XV-0TpVWIEb8IECNE&google_cver=1&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM_cnJQCEOXw25gCGKfPhN4BMAE&v=APEucNX2s44RPyxGEIx95mbHpXjc6B2zgBnaxWBlcmjsn8ILWFWIR2B1Op_-t1X2LC3ZfQpvpOQHuyEUMvJCc5YP7aVyioAMgDJvjb-el_Nms9aoFYstpMU
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:20 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EXM7hNsKUj9VhNo2J7xv0EBsfsGaqm3X%2BmRc1xEPM7tCc4FN%2FlmmkB3JZD4495TEMu0veIAD28hzdDZSUdbIkklII9z2tAavJdmNtgOBNG05uOFOHM1Yla2OykOaK4ByXz0fXmiaQwvE9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
846000255843b4f9-OSL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:20 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECmJ96XV-0TpVWIEb8IECNE&google_cver=1&gdpr=0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
324
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame FA9F 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com
URL: https://0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

age
81429
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 14 Jan 2024 19:20:11 GMT
etag
48472445140208031
expires
Mon, 15 Jan 2024 19:20:11 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 22CA 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0d557f93bcc7decdbdd71a4dc3dc5bb920fce903721f4e9a5897aadaea67e0f9

Request headers

accept-language
no-NO,no;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/png
activeview
pagead2.googlesyndication.com/pcs/ Frame A12C 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstbwAvt20sj08lm32NUm46FVfaqQZ3sM8QHG5BdqOGciNEu5ZJl_Y6eSyvgFfxlNRhR8qUwYMGDmfTHDDgHXYrIwyi9TisDt128t51uV8rlmtV2X705TTc&sig=Cg0ArKJSzDHjHlSia2_-EAE&id=lidar2&mcvt=1019&p=189,126,789,426&mtos=1019,1019,1019,1019,1019&tos=1019,0,0,0,0&v=20240110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=543920996&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705341438455&rpt=1196&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-935e2f1-22fd8186.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pd
setupad-d.openx.net/w/1.0/ Frame 0F01 		590 B
653 B 		Document
General
Check archive.org
Download Go to
Full URL
https://setupad-d.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
1d4ddf14d9c8ebe35fd992eb7e975d0e4928c67704fddbaf38a2da265533f0c5

Request headers

Referer
https://ezgif.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
348
content-type
text/html
date
Mon, 15 Jan 2024 17:57:20 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
ixmatch.html
js-sec.indexww.com/um/ Frame 7545 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://ezgif.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

age
716
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
846000252a565689-OSL
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 15 Jan 2024 17:57:20 GMT
expires
Mon, 15 Jan 2024 21:57:20 GMT
last-modified
Mon, 25 Jul 2022 19:18:26 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame C5C9 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=0
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ezgif.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 15 Jan 2024 17:57:20 GMT
ETag
"280524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
isyn
prebid.a-mo.net/ Frame F6D2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://ezgif.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
date
Mon, 15 Jan 2024 17:57:20 GMT
server
envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 99A2 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191&gdpr=0&gdpr_consent=
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-200.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://ezgif.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=172220
content-encoding
gzip
content-length
5622
content-type
text/html
date
Mon, 15 Jan 2024 17:57:20 GMT
expires
Wed, 17 Jan 2024 17:47:40 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync
eb2.3lift.com/ Frame 5EA7 		37 B
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://ezgif.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Mon, 15 Jan 2024 17:57:20 GMT
/
rtb-csync.smartadserver.com/redir/
Redirect Chain
  • https://cms.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=80&&partneruserid=eGESv3llFexjYxW4emBeun1iRrpjbRHpdmCA8jFq
43 B
429 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=80&&partneruserid=eGESv3llFexjYxW4emBeun1iRrpjbRHpdmCA8jFq
Requested by
Host: ezgif.com
URL: https://ezgif.com/resize
Protocol
HTTP/1.1
Server
5.135.209.105 , France, ASN16276 (OVH, FR),
Reverse DNS
ip105.ip-5-135-209.eu
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ezgif.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 15 Jan 2024 17:57:21 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:20 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://rtb-csync.smartadserver.com/redir/?partnerid=80&&partneruserid=eGESv3llFexjYxW4emBeun1iRrpjbRHpdmCA8jFq
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
UCookieSetPug
image6.pubmatic.com/AdServer/ 		0
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?&rd=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D91%26partneruserid%3D%23PM_USER_ID%26gdpr%3DPM_GDPR%26gdpr_consent%3DPM_CONSENT&gdpr=0&gdpr_consent=
Requested by
Host: ezgif.com
URL: https://ezgif.com/resize
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ezgif.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 15 Jan 2024 17:57:19 GMT
content-length
0
content-type
text/html; charset=UTF-8
/
rtb-csync.smartadserver.com/redir/
Redirect Chain
  • https://cs.admanmedia.com/e09bad714a425a93d6dea503dcf9c528.gif?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D130%26partneruserid%3D%5BUID%5D%26gdpr%3D%5BGDPR%5...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=130&partneruserid=9739865c-41f0-4758-8d7a-571ced2f6a59&gdpr=0&gdpr_consent=[GDPR_CONSENT]
43 B
470 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=130&partneruserid=9739865c-41f0-4758-8d7a-571ced2f6a59&gdpr=0&gdpr_consent=[GDPR_CONSENT]
Requested by
Host: ezgif.com
URL: https://ezgif.com/resize
Protocol
HTTP/1.1
Server
5.135.209.105 , France, ASN16276 (OVH, FR),
Reverse DNS
ip105.ip-5-135-209.eu
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ezgif.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 15 Jan 2024 17:57:21 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Pragma
no-cache
Date
Mon, 15 Jan 2024 17:57:21 GMT
Server
nginx
Location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=130&partneruserid=9739865c-41f0-4758-8d7a-571ced2f6a59&gdpr=0&gdpr_consent=[GDPR_CONSENT]
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
0
pl
lwadm.com/usermatch/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3a%2f%2flwadm.com%2fusermatch%2fpl%3fcb%3d638409382369000173%26bid%3d03485854-5ae2-43d5-8d5d-cfe9b12ac08c%26lwuid%3d5b7c26e3-7b76-48cc-82bb-d00f99f6dc7e%26buid%3d$UID
  • https://lwadm.com/usermatch/pl?cb=638409382369000173&bid=03485854-5ae2-43d5-8d5d-cfe9b12ac08c&lwuid=5b7c26e3-7b76-48cc-82bb-d00f99f6dc7e&buid=5498199044226996140
70 B
546 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lwadm.com/usermatch/pl?cb=638409382369000173&bid=03485854-5ae2-43d5-8d5d-cfe9b12ac08c&lwuid=5b7c26e3-7b76-48cc-82bb-d00f99f6dc7e&buid=5498199044226996140
Requested by
Host: ezgif.com
URL: https://ezgif.com/resize
Protocol
H2
Server
52.28.33.173 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-33-173.eu-central-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ezgif.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:57:20 GMT
cache-control
no-cache,no-store,max-age=0,must-revalidate,private
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-length
70
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:20 GMT
an-x-request-uuid
a5dce78d-ca11-4d6e-8a6b-e8568e9daf19
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://lwadm.com/usermatch/pl?cb=638409382369000173&bid=03485854-5ae2-43d5-8d5d-cfe9b12ac08c&lwuid=5b7c26e3-7b76-48cc-82bb-d00f99f6dc7e&buid=5498199044226996140
x-proxy-origin
178.255.148.165; 178.255.148.165; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pl
lwadm.com/usermatch/
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3a%2f%2flwadm.com%2fusermatch%2fpl%3fcb%3d638409382369000173%26bid%3dc14360b0-ff2f-489e-b086-be36cd097dab%26lwuid%3d5b7c26e3-7b76-48cc-82bb-d00f99f6d...
  • https://lwadm.com/usermatch/pl?cb=638409382369000173&bid=c14360b0-ff2f-489e-b086-be36cd097dab&lwuid=5b7c26e3-7b76-48cc-82bb-d00f99f6dc7e&buid=1325312571758247641
70 B
482 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lwadm.com/usermatch/pl?cb=638409382369000173&bid=c14360b0-ff2f-489e-b086-be36cd097dab&lwuid=5b7c26e3-7b76-48cc-82bb-d00f99f6dc7e&buid=1325312571758247641
Requested by
Host: ezgif.com
URL: https://ezgif.com/resize
Protocol
H2
Server
52.28.33.173 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-33-173.eu-central-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ezgif.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:57:20 GMT
cache-control
no-cache,no-store,max-age=0,must-revalidate,private
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-length
70
content-type
image/gif

Redirect headers

location
https://lwadm.com/usermatch/pl?cb=638409382369000173&bid=c14360b0-ff2f-489e-b086-be36cd097dab&lwuid=5b7c26e3-7b76-48cc-82bb-d00f99f6dc7e&buid=1325312571758247641
date
Mon, 15 Jan 2024 17:57:20 GMT
server
nginx
content-length
0
content-type
text/plain
p
a.audrte.com/
Redirect Chain
  • https://a.audrte.com/get?p=M501991648&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D141%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ZWRoeWd4dVl0STRTcnFPVXFFMkJ2RzFHZw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZ...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZGVkaHlneHVZdEk0U3JxT1Vx...
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx...
  • https://a.audrte.com/a?adform_uid=1325312571758247641&r=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1M...
  • https://rtb-csync.smartadserver.com/redir/?partnerid=141&partneruserid=edhygxuYtI4SrqOUqE2BvG1Gg&gdpr=0&gdpr_consent=&redirurl=https%3A%2F%2Fa.audrte.com%2Fmatch%3Fuid%3DSMART_USER_ID%26p%3DM501991...
  • https://a.audrte.com/match?uid=1632441555638621583&p=M501991648&r=https%3A%2F%2Fa.audrte.com%2Fp%3F&gdpr=0&gdpr_consent=
  • https://a.audrte.com/p?
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p?
Requested by
Host: ezgif.com
URL: https://ezgif.com/resize
Protocol
HTTP/1.1
Server
52.209.229.149 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-229-149.eu-west-1.compute.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ezgif.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 17:57:21 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Mon, 15 Jan 2024 17:57:21 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com/p?
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
sync.php
pixel.rubiconproject.com/exchange/ 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-lw-rubicon&gdpr=0&gdpr_consent=
Requested by
Host: ezgif.com
URL: https://ezgif.com/resize
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ezgif.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
6f9fd0201ed801884e5299d5aabca094
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pl
lwadm.com/usermatch/
Redirect Chain
  • https://ad.360yield.com/server_match?gdpr=0&gdpr_consent=&r=https%3a%2f%2flwadm.com%2fusermatch%2fpl%3fcb%3d638409382369000173%26bid%3d89db4e8f-e85b-4f4b-b7a2-65554038c76c%26lwuid%3d5b7c26e3-7b76-4...
  • https://lwadm.com/usermatch/pl?cb=638409382369000173&bid=89db4e8f-e85b-4f4b-b7a2-65554038c76c&lwuid=5b7c26e3-7b76-48cc-82bb-d00f99f6dc7e&buid=fc2aff31-9c4a-4e3f-a561-5b4152c50304
70 B
630 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lwadm.com/usermatch/pl?cb=638409382369000173&bid=89db4e8f-e85b-4f4b-b7a2-65554038c76c&lwuid=5b7c26e3-7b76-48cc-82bb-d00f99f6dc7e&buid=fc2aff31-9c4a-4e3f-a561-5b4152c50304
Requested by
Host: ezgif.com
URL: https://ezgif.com/resize
Protocol
H2
Server
52.28.33.173 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-33-173.eu-central-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ezgif.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:57:20 GMT
cache-control
no-cache,no-store,max-age=0,must-revalidate,private
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-length
70
content-type
image/gif

Redirect headers

location
https://lwadm.com/usermatch/pl?cb=638409382369000173&bid=89db4e8f-e85b-4f4b-b7a2-65554038c76c&lwuid=5b7c26e3-7b76-48cc-82bb-d00f99f6dc7e&buid=fc2aff31-9c4a-4e3f-a561-5b4152c50304
access-control-allow-origin
*
date
Mon, 15 Jan 2024 17:57:20 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
smart
sync.adotmob.com/cookie/ 		0
0
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 4F1D 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-935e2f1-22fd8186.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

accept-ranges
bytes
age
236790
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 13 Jan 2024 00:10:50 GMT
expires
Sun, 12 Jan 2025 00:10:50 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame FA9F 		0
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEBRF1Xm0yv0Stn8yzZ5K_a0&google_cver=1&google_push=AXcoOmQXLBsxMANfY-mxnUdyknRHfhkzZxnsnrLg-xeCUv94VIKwFuCgNFaOVXMu9hEY3jxtEDy2kBrdAJ6lrXVBI7I7enp77rGWBg
Requested by
Host: 0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com
URL: https://0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:57:20 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
/
b1sync.zemanta.com/usersync/googleadx/ Frame FA9F 		0
0
pixel
cm.g.doubleclick.net/ Frame FA9F
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEEMxFKNVqU3YiJC2v1rjgbA&google_cver=1&google_push=AXcoOmSMMx294EtMdMgAZFnSRGHCyfk18-rAIrzQgxjaz4fDxhpwrCBqOCwD7LOnNYS-0mlcn5Ye0II4G8eAKUsVw...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmSMMx294EtMdMgAZFnSRGHCyfk18-rAIrzQgxjaz4fDxhpwrCBqOCwD7LOnNYS-0mlcn5Ye0II4G8eAKUsVwcoMlCWaWVWSCg&google_hm=H_yVpBZHWQWJzeE7RW-d...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmSMMx294EtMdMgAZFnSRGHCyfk18-rAIrzQgxjaz4fDxhpwrCBqOCwD7LOnNYS-0mlcn5Ye0II4G8eAKUsVwcoMlCWaWVWSCg&google_hm=H_yVpBZHWQWJzeE7RW-dyeUS
Requested by
Host: 0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com
URL: https://0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 15 Jan 2024 17:57:20 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmSMMx294EtMdMgAZFnSRGHCyfk18-rAIrzQgxjaz4fDxhpwrCBqOCwD7LOnNYS-0mlcn5Ye0II4G8eAKUsVwcoMlCWaWVWSCg&google_hm=H_yVpBZHWQWJzeE7RW-dyeUS
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame FA9F
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEGH8PTXev53_UfbDHqhrSfk&google_cver=1&google_push=AXcoOmTBtTZG4qRqCahaC5I4znGtrdW9XbAHvbeh3y4N7o_ksxSqhRegvgQt5u_tFRRhrWFkSgKxwmyH2yEPwxwk8qBFnpL0Pj...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTg0ODEwNjMyMzc4OTcwMzcxMjk1MQ%3D%3D&google_push=AXcoOmTBtTZG4qRqCahaC5I4znGtrdW9XbAHvbeh3y4N7o_ksxSqhReg...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTg0ODEwNjMyMzc4OTcwMzcxMjk1MQ%3D%3D&google_push=AXcoOmTBtTZG4qRqCahaC5I4znGtrdW9XbAHvbeh3y4N7o_ksxSqhRegvgQt5u_tFRRhrWFkSgKxwmyH2yEPwxwk8qBFnpL0Pje2aA
Requested by
Host: 0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com
URL: https://0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTg0ODEwNjMyMzc4OTcwMzcxMjk1MQ%3D%3D&google_push=AXcoOmTBtTZG4qRqCahaC5I4znGtrdW9XbAHvbeh3y4N7o_ksxSqhRegvgQt5u_tFRRhrWFkSgKxwmyH2yEPwxwk8qBFnpL0Pje2aA
date
Mon, 15 Jan 2024 17:57:20 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame FA9F
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEN7m5dKwxqTpu1NpDUXJYBg&google_cver=1&google_push=AXcoOmQwhvfWiCMrmkzbWqcMQBXPMsz2V5YgLJyxfqVT7cG-v3o-7XI5jqwLhXSJ_3j-rJ_kTzYzXW...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmQwhvfWiCMrmkzbWqcMQBXPMsz2V5YgLJyxfqVT7cG-v3o-7XI5jqwLhXSJ_3j-rJ_kTzYzXWRHUWN5pc_PBbIRcsMFeZ4IQw&google_hm=MTYzMjQ0...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmQwhvfWiCMrmkzbWqcMQBXPMsz2V5YgLJyxfqVT7cG-v3o-7XI5jqwLhXSJ_3j-rJ_kTzYzXWRHUWN5pc_PBbIRcsMFeZ4IQw&google_hm=MTYzMjQ0MTU1NTYzODYyMTU4Mw%3D%3D
Requested by
Host: 0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com
URL: https://0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmQwhvfWiCMrmkzbWqcMQBXPMsz2V5YgLJyxfqVT7cG-v3o-7XI5jqwLhXSJ_3j-rJ_kTzYzXWRHUWN5pc_PBbIRcsMFeZ4IQw&google_hm=MTYzMjQ0MTU1NTYzODYyMTU4Mw%3D%3D
date
Mon, 15 Jan 2024 17:57:20 GMT
content-length
0
v1
match.sharethrough.com/E4rooAtA/ Frame FA9F 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEMb7gQmmydQAWYMqGY8Gcio&google_cver=1&google_push=AXcoOmRzk2roumQcHEjKpMCbsLYzPu29LygXaptCp5Tg03gnGDOwurjzTJ1y7cOnSbnw7e64vRDMt4W5V6kABk5LdcGaaLt2iwdrdcY
Requested by
Host: 0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com
URL: https://0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.87.169 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-87-169.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:57:20 GMT
google
sync-dmp.aura-dsp.com/match/ Frame FA9F 		0
0
attr
cm.g.doubleclick.net/pixel/ Frame FA9F 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KtwKbAgAsLa3zUD-KwKy5dSlptqcJvgGjORc9lLZS0GCjah_SdY7bs0-tCTOa3ANpFFt1Pv8U
Requested by
Host: 0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com
URL: https://0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:57:20 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
usync.js
eus.rubiconproject.com/ Frame C5C9 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
4c8a159651778f0ae37bbaf10b6d87d1451ead7f3abe06a5436c4935290d285e

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?gdpr=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 17:57:20 GMT
Content-Encoding
gzip
Last-Modified
Mon, 15 Jan 2024 04:50:42 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=39169
Connection
keep-alive
Content-Length
10963
Expires
Tue, 16 Jan 2024 04:50:09 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 99A2 		0
39 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=92156706&p=156191&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:57:19 GMT
content-length
0
sd
us-u.openx.net/w/1.0/ Frame 0F01
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=268&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537082476&val=UMFZEbv5WVt4CAUhpzfDcLL_lKU
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537082476&val=UMFZEbv5WVt4CAUhpzfDcLL_lKU
Requested by
Host: setupad-d.openx.net
URL: https://setupad-d.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://setupad-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:20 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537082476&val=UMFZEbv5WVt4CAUhpzfDcLL_lKU
Date
Mon, 15 Jan 2024 17:57:20 GMT
Connection
keep-alive
Content-Length
103
Content-Type
text/html; charset=utf-8
dds
rtb.openx.net/sync/ Frame 0F01 		43 B
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds
Requested by
Host: setupad-d.openx.net
URL: https://setupad-d.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://setupad-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:20 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
826150da-900e-eee3-f137-d5a94ea27e5b
pr-bh.ybp.yahoo.com/sync/openx/ Frame 0F01 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/826150da-900e-eee3-f137-d5a94ea27e5b?gdpr=0
Requested by
Host: setupad-d.openx.net
URL: https://setupad-d.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:3295:f713:9e96:927c Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://setupad-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:57:20 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sd
us-u.openx.net/w/1.0/ Frame 0F01
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=openx
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=openx&bsw_custom_parameter=125f1bfd-f835-444f-aebb-fe39c951329f&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=ad043c2e-bb10-4580-ae2f-ff79fc664b34&ssp=openx&expires=30&user_group=5&bsw_param=125f1bfd-f835-444f-aebb-fe39c951329f
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=125f1bfd-f835-444f-aebb-fe39c951329f&gdpr=&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072968&val=125f1bfd-f835-444f-aebb-fe39c951329f&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: setupad-d.openx.net
URL: https://setupad-d.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://setupad-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:21 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
//us-u.openx.net/w/1.0/sd?id=537072968&val=125f1bfd-f835-444f-aebb-fe39c951329f&gdpr=&gdpr_consent=&us_privacy=
date
Mon, 15 Jan 2024 17:57:20 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
sd
us-u.openx.net/w/1.0/ Frame 0F01
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=openx&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073053&val=Hd2gM0OmKNOMuaQbiBEGjJDBp-VOmEcMMfds83BESbI&pi=openx&gdpr=0
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073053&val=Hd2gM0OmKNOMuaQbiBEGjJDBp-VOmEcMMfds83BESbI&pi=openx&gdpr=0
Requested by
Host: setupad-d.openx.net
URL: https://setupad-d.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://setupad-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:20 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073053&val=Hd2gM0OmKNOMuaQbiBEGjJDBp-VOmEcMMfds83BESbI&pi=openx&gdpr=0
pragma
no-cache
date
Mon, 15 Jan 2024 17:57:20 GMT, Mon, 15 Jan 2024 17:57:20 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 0F01
Redirect Chain
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&&val=8_9ArPL7R__o_Uer8f4Mqfb8FKno80P6_f4v8ou3
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&&val=8_9ArPL7R__o_Uer8f4Mqfb8FKno80P6_f4v8ou3
Requested by
Host: setupad-d.openx.net
URL: https://setupad-d.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://setupad-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:20 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:20 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&&val=8_9ArPL7R__o_Uer8f4Mqfb8FKno80P6_f4v8ou3
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
pagead2.googlesyndication.com/bg/ Frame 4F1D 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 15:26:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
9054
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15229
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 14 Jan 2025 15:26:26 GMT
all
csm.eu.criteo.net/ Frame A5F0 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=rilMr95jL9D2RobwVumNUeh4hXJ_YTsmhsfEgUc2dBwFW0uJFn4equV_Y8Zmzn0ql400h0g6CAnPJavYyhuy8BJ2JHoFQPC1bdhJ6GMk_ROUcq9M8lmuO005vpJaNA7s1mH_y9gsM2gPY-8ecd13ZI9bez8xpnFnYbCBjdjwPMMW5CDvslOGsA1lHhMa_KJ9WvlhEtXoPuZ8F8R3w12hJfiA0EIR3XTZ2oXZfcbagNTCavvCwertOy3np_-70RfZVF_eLw&sds=2&rev=90025&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaVx_QAM3gMIu8YTAAK5n1Jn4cTJg96n9YTRYA&u=%7CTquV4ic3XspJRcMBC18oi3VS3vzCcSGKb%2BXvjALF6B0%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oU-fBZNObj24EfUS2J5cBE6K6feSLM5sOg8eYxw9f09-pJvs8iAwk--40Ni-7U0wFOhRRorZm7rwbq-1BhyldvAUaMKmWpeg7BEC81sFoXEDv_CpHgITpGSmVW4wUZ7_d5iM_0_9FG9hEnuzwCNAhcCHViEm1TaE4De32f-czP12HrT1dpvIBqPJ7ogeO8HFuFdRPoL5Dx16DTXTDSlTVfRnXsp7ShiAQHUkK0uXZ_3UNfrfQGf-1-0S5e_Lxtq-OqkY3gfDGji2ur4TDH3WGi42SkSliocRdHnmRLCrtMuL14FrugeRBvmDd512Ekr2A9XL2MDUGDm_YHrrCIs69FyFhbB49C-6ptH5ucz9SIFeWjKTBhr36Sg6XJBOuZq40_DKYN3-r8rc6gZ_jfk5n6lC2Vc-jfa2psHppJvLPZ2f-WUJQu_BFSoOvyEDnIzat4a5b2aO8G90ZeNqXieZV4OSJpkaUPzBA6_ZIQo0PWK6IXIG5Qp-hOSmNWrncr1XYkdhC_g7P51N4q6wdRkmbzr4w8edmA6RMoQg17zPEGUslVXEKMEthvMHU9rzI8TpzLn4UPxMArU2z_S6xI34y-AgDp5kPCQcTtnb-_YftOrq122Whi39l3HSdQT6NQotk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvr_J_XGlZYO8M5OM7_UPn_OK2APJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItNzM4MzE3MTgzMDYxNDIxNsgBCakCrAbXlFhbsj7gAgCoAwHIAwKqBJcCT9B7FJxE68svv4iMEe3JOZjFs57Rid5Nr5TcMI5VlzFYNvKqiH2rp27pPsnEtGIA2M9Ngz2-GuL8H5YJUo_a18bkmXbDvIQHBrlxaysgG8XU3BSZK7ZdwLY66nlG5WhcZtCgRYfGZLgbi3fgP_pLaex0NDPEzRo56wtfowLlvHLUOOvTi81EQqW5a0lgsGc1iZMhBcpUKx1yfE4T7RuEnLWwhpoWhI4U6S3S8nAbKgXnZrX-mJjK0XJe_RT2WJVz2QQnhD1yUeEk6lYsAQqItuqnb33cj0CNQsJK0tIHOOsUYfX_A2_HmVRJVc6zjerZQlSlONYq9OOCMdXEl8Fyuc6OkZDU5taDD9D3VJ4SWzsZVczNQdeu4AQBgAa3zazTroKSq-8BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WPv5-fT734MD8ggbYWR4LXN1YnN5bi0xMzk0NTAxMTA4NzkyOTkz-gsCCAGADAHiDRMIs9369PvfgwMVE8a7CB2fuQI70BUBgBcB%26num%3D1%26sig%3DAOD64_1zx-MDGZs1CVqeNypZzAmcmy3Dmg%26client%3Dca-pub-7383171830614216%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 15 Jan 2024 17:57:20 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
index.html
s0.2mdn.net/sadbundle/16718324088024970577/roller-kwxx-728x90/ Frame 4C0C 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16718324088024970577/roller-kwxx-728x90/index.html?ev=01_250
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-935e2f1-22fd8186.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
17f56eafd0dfef56849ee0d63de990051f9a9092668781b4841b756d778ef6e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
35899
allow-fenced-frame-automatic-beacons
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2407
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Mon, 15 Jan 2024 07:59:02 GMT
expires
Tue, 14 Jan 2025 07:59:02 GMT
last-modified
Mon, 09 Jan 2023 08:12:05 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 22CA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssuUdDtKiw8FDO3cAajJ6kY9zLWO-oEJdnUIBRcgKi4xXbRFKshyizxx9zY2qz1DNrc1g3iUwtGiFBO8HPHtpIsrn3j8J3mMbTPSkogPnsq-ZDBvKeA1MtrHHuG6KaheXreeTpw0UbLop1SHV_et_w69n2s8SP2COWs6uqM1NBwXZyO_hzi8iTWgz9ifXQdtcr3VYzcBEPfzII_Wn3WjQbwdWnRdk9GiQ8qM80xmbsfiyIeiK8O7v_a-5ockkHuLqNr8BRx0Y2YKrTV0zyuf9jY-s0wUdfw0qlwltcg80GQjI65K014xfGsciQAQw9miNBchjPg6Zs2_l1dQdlLcP2s8hUXbdZCFfMlXrAzEEd8yffBwjxHNqv_BCXTTVXpDSpa8sTVjHwX9gQaoXOJfEXuQTx3vZI5i2Xj1QXOXwkiKMlY4BmojiLRsAF5kPNWiT8y0qKaISrHhoYzPxBymV-tT2BP5XRtNWk5PIAh-NRPUw17CLAp7K9AMcqNB3Oa--lR02tv-cp8malMFLiU1lkt69IhhaT3likh-_1dqM_Qvhlqo74z8CK1SaYxQeQ03v70WOrDwzkYkiWTwwzWfRjlBsYf_7ZVGaKHFqLaSt0RwrpxcGJB-ZwIop-g97d_xjBFBx1LcHwiJFYN0R8BvT8rBRK2swfAQccTxtMv7FVSNsDE83CvuxyeE-_tl1hV8upntWbxstHfCv-DOm0FV9K33tQb3RqS-vsB17il0SPIldu5asAbGo7_OA68_CbMlV0EtzoHxsrpQ9CfrYctghxOWXD_1ZDHtB-vGc1K0KW2u2sLjIRmQMJ267GtyvP7iGmAgVe3t5GeG0gKnY5wdm4Z0IERZlgE04BeCzNdm0aBdwpaIzXT1nVIpWSXTN_7gUW8tPiFdiehQekW17xEw2YNaZ_qS7fUyNrjgK8R2QATVVHzdTvN0-gyNHF5BcODmhly433BAdbGvM6-dgCtfwXNqCXcJQ4WNmhUvnXFpfXSCNhlEILdYRhcO-1Ti_gCVF-TB9Eft1CbtnELrzAAxd4tro3ttD2HzEkaJfG3tDo1sM_vlv6D8Ekg9_KXKKDk97Yz95FWtn-lyqgCdB6BNHsSnwcsdzQGam8TupX2lSVQv8DixbBB1lPo1jp8ehQiqhven5iB6ZTJqDN2UJMhcR6UATYu217vXvQYpP9Nqkaf9q5dQ97PXS3Lo8pa5Fad_dxXyyMk5m1KM9EfypiWUsotunvKF9jz0E_HvhSPF7-rJ9iKyCbf8j0CksQUfEQhJRAVO6XKLgMOQjk6IxELjXZNXPnGd-Hg5__jgTr6FEQr18LCVE4uAcb3Vyblr03_KIDWl97MsLRoX-S_iORl75AQrg2e0zHvwOwr5zjPFjPWXMDBF2iO7YITvL6K7JP5-K1l4ovDnYr71P4VplQUahLyAQ&sai=AMfl-YSOICIzxxhHtyzEzWZRnP6Wg2iL0HyvHi54Zrm-jCLu2TsfP7W13mHuXtOCHbZEf-p4HDnTr8tpVNhkFV04h6Ev3YXEYR40sltsJJpN4XHXXPKdEECM3KwIwjD4OlEsA0k3T1hCb83PYaomzojUgVIgSvimxq8F1J3CzXFrMBYCdAcO8FLwMCr9vcYP3T_0ljmZg34I0tXaTy-3z3U4AXdcu9RCl4ZMzQQV7bhteOHe08qD6Vwz1Ui9bfOVm7hIAo9aU9I&sig=Cg0ArKJSzJl7hCPOs3NuEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=338&cbvp=1&cstd=329&cisv=r20240109.70236&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-935e2f1-22fd8186.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 15 Jan 2024 17:57:21 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4F1D 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bz6-ZAHKlZdaGGYWF9u8P-5uasA0AAAAAOAHgBAI&bg=!bm2lbSLNAAaumcC-jpk7ADQBe5WfOBOHus3Neeryc8wsaXeMLkQysVrBB1a0qO5r-eRYBKcxIBPzYn_YG5z9bSqNQyqDAgAAAGFSAAAAA2gBBwoAZfS6WPYu86Fv20DLB13YXzEAn6gd3e2E3E2PchHV11M9pER2wOZXTvbui91dynvErGxwNcF-yC-GNOECN89SY9JXezLYGB2Eh47sk_Z3Y80NOYAd6ka-YI3jYp_HzWpZqkM5AF72mQMF87brlSDxqrYiYum6HrYnROHpIHUYZynLtIYbVz3gSq-qAl4TFkbhn4a1tqaCfcvRI9emuH9vkObpRzHQgS9fOGRScSvs1djDXSBj4Y-dC7XycH6W14BiqvN8lUFdNxyfaoVzkcOCFN03zxExV-wq9-nnxdYhbQg-6MJy2lTit3NKUSOzv92gwgQaZh3FVtjHfWgNSFiN9eiSweoDAp9Zuqz_NrvVXlEhPEVh6fhCGngbqt0MZ-mFWsCYaUx9rW2Sa_70eJYX4SgOYX1XgU-iOlwujNdbKsG729J-lYz2BEsz0Zt9_mXTA8r_EcOVtMeg0-3ypAWxEHTsEZZqFWBzeE70Frl0zLDb0AUm761IRjNcxKuBb6LeAiKrxsYKoSr5vrJfU977q094OZu3VbRGKaYaQN3Inyhm9WJ4_cwYXQSkelBYVbZlHkzzPyl4Gc5xjgtujiKgI6s5mgOSO825R_V5DwWlK0LGsuWzyUad4pWABbdUW0ImcwoS-K52Z-0yDs7tnjCNOXfI0EfQDeaDQSPLscswhvskdw4j6mnfczgM_eWDK4qF-_NEZsrYE0ptcBO7_HzxS2BEdK6PFTf0K_UrflGQqlvTGMbty7-xJ83T_LhcFcp8HrAEx9m30I_a0v3pAImfY1tCk3SARo_Y09jU7Re2v7pW8osvgZ_cIZD-XFINgELyIZdAkutG4djVDEWxxSmtZc0-Wq7fcyVnmCuR7xk3OHJldkjmPF0OY6z9qiIxr5lGVVq4gGlTUJF-8nMCrHEF2_qonXswqmg6Z-xpyltnb4ri-hIot82UyG0PszMxXll4VRmCKWLi7Qd2qwKsoldMwHeVzYA4pBcZyv39eVR6hjC857vcZnSgM1XV1_KqHRJ8VyaNrZs5g3Rpi94nE3AERbFafg4tckJBvrd8ap_FbaDha5gIvZ-guBc7PnFC7f1TLkCx0LFL03E0kcSjEcpOre02uyArDlzSThRnWJ66XMlwR1CDBcDkM8BFc8qKQWJKBFTnOdPgvq5IPrUH66I
Requested by
Host: 0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com
URL: https://0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
createjs_2019.11.15_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 4C0C 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16718324088024970577/roller-kwxx-728x90/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16718324088024970577/roller-kwxx-728x90/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:57:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64275
x-xss-protection
0
last-modified
Fri, 15 Nov 2019 19:16:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 15 Jan 2024 17:57:21 GMT
roller-kwxx-728x90.js
s0.2mdn.net/sadbundle/16718324088024970577/roller-kwxx-728x90/ Frame 4C0C 		20 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16718324088024970577/roller-kwxx-728x90/roller-kwxx-728x90.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16718324088024970577/roller-kwxx-728x90/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
05f4661e88a147faa79c95c32dd24d078dea2759dfe0ddb80810088ec8bf084b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16718324088024970577/roller-kwxx-728x90/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Sat, 11 Jan 2025 14:33:28 GMT
date
Fri, 12 Jan 2024 14:33:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
271433
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4094
x-xss-protection
0
last-modified
Mon, 09 Jan 2023 08:12:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
sync
eb2.3lift.com/ Frame BDDA 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
a7a5caa961515d26e451f40590000f258c465f2b17213a5eda0f627cb28a9df0

Request headers

Referer
https://ezgif.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1343
content-type
text/html; charset=utf-8
date
Mon, 15 Jan 2024 17:57:21 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
generic
match.adsrvr.org/track/cmf/ Frame BDDA 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:57:21 GMT
server
Kestrel
content-length
70
content-type
image/gif
ebda
eb2.3lift.com/ Frame BDDA
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTg0ODEwNjMyMzc4OTcwMzcxMjk1MQ%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:57:21 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:21 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame BDDA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEClbI721E_lyRt0q_VgM9QM&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEClbI721E_lyRt0q_VgM9QM&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 15 Jan 2024 17:57:21 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:21 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEClbI721E_lyRt0q_VgM9QM&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame BDDA
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTg0ODEwNjMyMzc4OTcwMzcxMjk1MQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTg0ODEwNjMyMzc4OTcwMzcxMjk1MQ%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
H3
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTg0ODEwNjMyMzc4OTcwMzcxMjk1MQ%3D%3D
date
Mon, 15 Jan 2024 17:57:21 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame BDDA 		0
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=1848106323789703712951&dbredirect=true&gdpr=0&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:57:21 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 6D2923D4D174426F8024F55F8948BA3D Ref B: STOEDGE1217 Ref C: 2024-01-15T17:57:21Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYO/77VmWqkoVhJIp6Nzw==
xuid
eb2.3lift.com/ Frame BDDA
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/1848106323789703712951?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-yejzvYtE2oQPG44PpdD7y9zgzodZ4RXrPD07TZLkjQ--~A&dongle=0883
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-yejzvYtE2oQPG44PpdD7y9zgzodZ4RXrPD07TZLkjQ--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:57:21 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

date
Mon, 15 Jan 2024 17:57:21 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-yejzvYtE2oQPG44PpdD7y9zgzodZ4RXrPD07TZLkjQ--~A&dongle=0883
content-length
0
sync
x.bidswitch.net/ Frame BDDA
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=1848106323789703712951&gdpr=0&gdpr_consent=${GDPR_CONSENT}
  • https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift&bsw_user_id=${BSW_USER_UD}&bsw_param=125f1bfd-f835-444f-aebb-fe39c951329f&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=&user_group=0&user_id=&ssp=triplelift&bsw_param=125f1bfd-f835-444f-aebb-fe39c951329f
43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=&user_group=0&user_id=&ssp=triplelift&bsw_param=125f1bfd-f835-444f-aebb-fe39c951329f
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
18.159.21.114 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-21-114.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:57:21 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

location
https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=&user_group=0&user_id=&ssp=triplelift&bsw_param=125f1bfd-f835-444f-aebb-fe39c951329f
date
Mon, 15 Jan 2024 17:57:21 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
xuid
eb2.3lift.com/ Frame BDDA
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&gdpr=0&gdpr_consent=&us_privacy=&gpp=${GPP_STRING_28}&gpp_sid=&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3D%40...
  • https://eb2.3lift.com/xuid?mid=2711&xuid=92ece2e7-18e6-408e-a1f0-a80829873903&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=&gpp=${GPP_STRING_28}
0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2711&xuid=92ece2e7-18e6-408e-a1f0-a80829873903&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=&gpp=${GPP_STRING_28}
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:57:21 GMT
content-length
0

Redirect headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:21 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://eb2.3lift.com/xuid?mid=2711&xuid=92ece2e7-18e6-408e-a1f0-a80829873903&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=&gpp=${GPP_STRING_28}
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
676817
content-length
0
expires
Mon, 15 Jan 2024 00:00:00 GMT
xuid
eb2.3lift.com/ Frame BDDA
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=5498199044226996140&dongle=4d58&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=5498199044226996140&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 15 Jan 2024 17:57:21 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:21 GMT
an-x-request-uuid
c17d9a78-a948-4f7a-a262-15701712254b
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://eb2.3lift.com/xuid?mid=3335&xuid=5498199044226996140&dongle=4d58&gdpr=0&gdpr_consent=
x-proxy-origin
178.255.148.165; 178.255.148.165; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ib.adnxs.com/prebid/ Frame BDDA 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=0&gdpr_consent=&uid=1848106323789703712951
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:21 GMT
an-x-request-uuid
61a17205-509b-48ce-9a14-f00cf75b3e16
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
178.255.148.165; 178.255.148.165; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
bg728.png
s0.2mdn.net/sadbundle/16718324088024970577/roller-kwxx-728x90/images/ Frame 4C0C 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16718324088024970577/roller-kwxx-728x90/images/bg728.png
Requested by
Host: 0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com
URL: https://0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e3a8adeb3c8b533fb24417c31a32d1f29258dc428512c0d7c509fe40a085cac2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16718324088024970577/roller-kwxx-728x90/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Sun, 12 Jan 2025 07:17:18 GMT
date
Sat, 13 Jan 2024 07:17:18 GMT
x-content-type-options
nosniff
age
211203
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16596
x-xss-protection
0
last-modified
Mon, 09 Jan 2023 08:12:05 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
view
googleads4.g.doubleclick.net/pcs/ Frame 22CA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssuUdDtKiw8FDO3cAajJ6kY9zLWO-oEJdnUIBRcgKi4xXbRFKshyizxx9zY2qz1DNrc1g3iUwtGiFBO8HPHtpIsrn3j8J3mMbTPSkogPnsq-ZDBvKeA1MtrHHuG6KaheXreeTpw0UbLop1SHV_et_w69n2s8SP2COWs6uqM1NBwXZyO_hzi8iTWgz9ifXQdtcr3VYzcBEPfzII_Wn3WjQbwdWnRdk9GiQ8qM80xmbsfiyIeiK8O7v_a-5ockkHuLqNr8BRx0Y2YKrTV0zyuf9jY-s0wUdfw0qlwltcg80GQjI65K014xfGsciQAQw9miNBchjPg6Zs2_l1dQdlLcP2s8hUXbdZCFfMlXrAzEEd8yffBwjxHNqv_BCXTTVXpDSpa8sTVjHwX9gQaoXOJfEXuQTx3vZI5i2Xj1QXOXwkiKMlY4BmojiLRsAF5kPNWiT8y0qKaISrHhoYzPxBymV-tT2BP5XRtNWk5PIAh-NRPUw17CLAp7K9AMcqNB3Oa--lR02tv-cp8malMFLiU1lkt69IhhaT3likh-_1dqM_Qvhlqo74z8CK1SaYxQeQ03v70WOrDwzkYkiWTwwzWfRjlBsYf_7ZVGaKHFqLaSt0RwrpxcGJB-ZwIop-g97d_xjBFBx1LcHwiJFYN0R8BvT8rBRK2swfAQccTxtMv7FVSNsDE83CvuxyeE-_tl1hV8upntWbxstHfCv-DOm0FV9K33tQb3RqS-vsB17il0SPIldu5asAbGo7_OA68_CbMlV0EtzoHxsrpQ9CfrYctghxOWXD_1ZDHtB-vGc1K0KW2u2sLjIRmQMJ267GtyvP7iGmAgVe3t5GeG0gKnY5wdm4Z0IERZlgE04BeCzNdm0aBdwpaIzXT1nVIpWSXTN_7gUW8tPiFdiehQekW17xEw2YNaZ_qS7fUyNrjgK8R2QATVVHzdTvN0-gyNHF5BcODmhly433BAdbGvM6-dgCtfwXNqCXcJQ4WNmhUvnXFpfXSCNhlEILdYRhcO-1Ti_gCVF-TB9Eft1CbtnELrzAAxd4tro3ttD2HzEkaJfG3tDo1sM_vlv6D8Ekg9_KXKKDk97Yz95FWtn-lyqgCdB6BNHsSnwcsdzQGam8TupX2lSVQv8DixbBB1lPo1jp8ehQiqhven5iB6ZTJqDN2UJMhcR6UATYu217vXvQYpP9Nqkaf9q5dQ97PXS3Lo8pa5Fad_dxXyyMk5m1KM9EfypiWUsotunvKF9jz0E_HvhSPF7-rJ9iKyCbf8j0CksQUfEQhJRAVO6XKLgMOQjk6IxELjXZNXPnGd-Hg5__jgTr6FEQr18LCVE4uAcb3Vyblr03_KIDWl97MsLRoX-S_iORl75AQrg2e0zHvwOwr5zjPFjPWXMDBF2iO7YITvL6K7JP5-K1l4ovDnYr71P4VplQUahLyAQ&sai=AMfl-YSOICIzxxhHtyzEzWZRnP6Wg2iL0HyvHi54Zrm-jCLu2TsfP7W13mHuXtOCHbZEf-p4HDnTr8tpVNhkFV04h6Ev3YXEYR40sltsJJpN4XHXXPKdEECM3KwIwjD4OlEsA0k3T1hCb83PYaomzojUgVIgSvimxq8F1J3CzXFrMBYCdAcO8FLwMCr9vcYP3T_0ljmZg34I0tXaTy-3z3U4AXdcu9RCl4ZMzQQV7bhteOHe08qD6Vwz1Ui9bfOVm7hIAo9aU9I&sig=Cg0ArKJSzJl7hCPOs3NuEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=723&vt=11&dtpt=385&dett=3&cstd=329&cisv=r20240109.70236&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-935e2f1-22fd8186.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:57:21 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
node.php
node.setupad.com/node/ 		0
240 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://node.setupad.com/node/node.php
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ezgif.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:21 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
X-Requested-With
logo2dwhite.png
s0.2mdn.net/sadbundle/16718324088024970577/roller-kwxx-728x90/images/ Frame 4C0C 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16718324088024970577/roller-kwxx-728x90/images/logo2dwhite.png
Requested by
Host: ezgif.com
URL: https://ezgif.com/resize
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
43897b4750dad91cd470f62f0396b7e6513c2ad005f231d0ac756f7483a0438b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16718324088024970577/roller-kwxx-728x90/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Tue, 14 Jan 2025 07:59:02 GMT
date
Mon, 15 Jan 2024 07:59:02 GMT
x-content-type-options
nosniff
age
35899
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5587
x-xss-protection
0
last-modified
Mon, 09 Jan 2023 08:12:05 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
sync.php
pixel.rubiconproject.com/ 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/sync.php?p=prebid
Requested by
Host: ezgif.com
URL: https://ezgif.com/resize
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ezgif.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
6f9fd0201ed801884e5299d5aabca094
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cairo-Bold.woff2
s0.2mdn.net/sadbundle/16718324088024970577/roller-kwxx-728x90/ Frame 4C0C 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16718324088024970577/roller-kwxx-728x90/Cairo-Bold.woff2
Requested by
Host: ezgif.com
URL: https://ezgif.com/resize
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3449973958008fa462efb86ad67ac29a4e2bc5f38ac081947fbe2f627ac42065
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/16718324088024970577/roller-kwxx-728x90/index.html?ev=01_250
Origin
https://s0.2mdn.net
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Sat, 11 Jan 2025 14:44:19 GMT
date
Fri, 12 Jan 2024 14:44:19 GMT
x-content-type-options
nosniff
age
270782
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35836
x-xss-protection
0
last-modified
Mon, 09 Jan 2023 08:12:05 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
setuid
prebid-stag.setupad.net/
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&us_privacy=&cb=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Damx%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D
  • https://prebid-stag.setupad.net/setuid?bidder=amx&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=
86 B
916 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-stag.setupad.net/setuid?bidder=amx&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=
Requested by
Host: ezgif.com
URL: https://ezgif.com/resize
Protocol
H2
Server
172.67.68.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ezgif.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:21 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0AcI4ehYWBxX3L0FCXnL2Y9WBcYZMHFbDSxYIBGJlvbnunCHYf2c3otxnCEPW0ZXze2hZw3NK7d4DyubCElW5jguYwP9ErAPysyC69tcuhuqNeunaRofX4UfytmyiFZ8khFAdgMyaeK7"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
cf-ray
8460002a5a0d56c6-OSL
content-length
86
expires
0

Redirect headers

location
https://prebid-stag.setupad.net/setuid?bidder=amx&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=
date
Mon, 15 Jan 2024 17:57:21 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 22CA 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu3sGj2Ep0rZpAmls5PJBItUBCcoGrsEfjHXcj_fv28P0qFrg-4iD1D6tdDJSX5FHIH2T4pnz0ER9oTkcWMymMA0vEByNLQozJ8tJjgOFByaU0bvw99_Y1BB5tmZ4U-CgTSDiHiXWG_2OhEW0qJekReTO6f&sai=AMfl-YS_xhC0t9mpDbdCBbCvt6LuYDSocSIhQPEiByAp4enldl78ZmA9pUG3j-uAmPxd1fucZKXyYV24z2yRbmNsZfbg7M5QmNSNMTIyMGa4awzxsUEXFrOFfIV_D6-E&sig=Cg0ArKJSzKdlZHzPXm3HEAE&cid=CAQSPAAvHhf_O_MYOh0LBcKuLTTGQ-rTAmAWnO-Q2kzPz3dDK1Df3Y8PBuo6CFFMfpI2HogTRZ76SEor-ueiPxgB&id=lidar2&mcvt=1000&p=882,456,972,1184&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2638066804&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705341439832&rpt=842&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-935e2f1-22fd8186.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
ap.lijit.com/beacon/prebid-server/ Frame 3D75 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon/prebid-server/?gdpr=0&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.91 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
ea9b4c460fe0ca12513bdb6b0e7eff77ea29080385b0f50bb188726a2d612565

Request headers

Referer
https://ezgif.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Encoding
gzip
Content-Length
752
Content-Type
text/html
Date
Mon, 15 Jan 2024 17:57:21 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
Vary
Accept-Encoding, User-Agent
X-Sovrn-Pod
ad_ap1ams1
setuid
prebid-stag.setupad.net/ Frame 3D75 		0
899 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-stag.setupad.net/setuid?bidder=sovrn&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&f=b&uid=H_yVpBZHWQWJzeE7RW-dyeUS&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/prebid-server/?gdpr=0&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.68.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:21 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S9zDRpGUNp5Y5ecOV0NOW98KRTJS%2F5%2B8E%2FDRoP%2Bx13NWqeCIpFEyAe8t4Ctb20%2BThES90GZCOtBJQCKYfycyjJlF3kZLn9eEmXLkvif3w2X2iQn%2FkwOfrA0PzXYVzOyMLRi8c88MZip7"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
no-cache, no-store, must-revalidate
cf-ray
8460002c1d6456c6-OSL
expires
0
merge
ce.lijit.com/ Frame 3D75
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D92%263pid%3D%24UID&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=92&3pid=5498199044226996140&gdpr=0&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=92&3pid=5498199044226996140&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/prebid-server/?gdpr=0&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
HTTP/1.1
Server
216.52.2.16 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 Jan 2024 17:57:22 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ams1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:21 GMT
an-x-request-uuid
f782f2cc-29bc-4986-afe1-cc54eab4a3f5
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ce.lijit.com/merge?pid=92&3pid=5498199044226996140&gdpr=0&gdpr_consent=
x-proxy-origin
178.255.148.165; 178.255.148.165; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
merge
ce.lijit.com/ Frame 3D75
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=fmx&us_privacy=&gdpr=0&gdpr_consent=
  • https://sync.srv.stackadapt.com/sync?nid=50&gdpr=0&gdpr_consent=&gdpr_pd=&ssp=fmx
  • https://x.bidswitch.net/sync?dsp_id=188&user_id=UMFZEbv5WVt4CAUhpzfDcLL_lKU&user_group=1&ssp=fmx&gdpr=0
  • https://ce.lijit.com/merge?pid=26&3pid=125f1bfd-f835-444f-aebb-fe39c951329f&gdpr=0&gdpr_consent=&us_privacy=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=26&3pid=125f1bfd-f835-444f-aebb-fe39c951329f&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/prebid-server/?gdpr=0&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
HTTP/1.1
Server
216.52.2.16 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 Jan 2024 17:57:22 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ams1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
//ce.lijit.com/merge?pid=26&3pid=125f1bfd-f835-444f-aebb-fe39c951329f&gdpr=0&gdpr_consent=&us_privacy=
date
Mon, 15 Jan 2024 17:57:22 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
merge
ce.lijit.com/ Frame 3D75
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent=
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=87&3pid=3762e2b2-c8d2-4517-94a5-8269976efe04
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=87&3pid=3762e2b2-c8d2-4517-94a5-8269976efe04
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/prebid-server/?gdpr=0&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
HTTP/1.1
Server
216.52.2.16 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Expires
Fri, 20 Mar 2009 00:00:00 GMT
Pragma
no-cache
Date
Mon, 15 Jan 2024 17:57:22 GMT
X-MERGE
GDPR Optout true
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ams1
P3P
CP="CUR ADM OUR NOR STA NID"

Redirect headers

Location
//ce.lijit.com/merge?pid=87&3pid=3762e2b2-c8d2-4517-94a5-8269976efe04
Date
Mon, 15 Jan 2024 17:57:22 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
dot.gif
s0.2mdn.net/ Frame 3D75
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=SF95VnBCWkhXUVdKemVFN1JXLWR5ZVVT&gdpr=0
  • https://s0.2mdn.net/dot.gif?gdpr=0
43 B
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/prebid-server/?gdpr=0&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
H3
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 20:42:27 GMT
x-content-type-options
nosniff
age
76495
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-xss-protection
0
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 15 Jan 2024 20:42:27 GMT

Redirect headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:22 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://s0.2mdn.net/dot.gif?gdpr=0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
231
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
merge
ce.lijit.com/ Frame 3D75
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=49&3pid=nexbIDoOEifh&ev=1&pid=558511&gdpr_consent=&gdpr=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=49&3pid=nexbIDoOEifh&ev=1&pid=558511&gdpr_consent=&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/prebid-server/?gdpr=0&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
HTTP/1.1
Server
216.52.2.16 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 Jan 2024 17:57:22 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ams1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
no-NO
location
https://ce.lijit.com/merge?pid=49&3pid=nexbIDoOEifh&ev=1&pid=558511&gdpr_consent=&gdpr=0
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-db744d8c7-2fvgp
expires
-1
ae12848777b41970a5f2
aax-eu.amazon-adsystem.com/s/x/ Frame 3D75 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/x/ae12848777b41970a5f2?gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/prebid-server/?gdpr=0&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.226.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame 3D75
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=SF95VnBCWkhXUVdKemVFN1JXLWR5ZVVT&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=SF95VnBCWkhXUVdKemVFN1JXLWR5ZVVT&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/prebid-server/?gdpr=0&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
H3
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 15 Jan 2024 17:57:22 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=SF95VnBCWkhXUVdKemVFN1JXLWR5ZVVT&gdpr=0
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9D69 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/prebid-server/?gdpr=0&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-200.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://ap.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=172219
content-encoding
gzip
content-length
5622
content-type
text/html
date
Mon, 15 Jan 2024 17:57:21 GMT
expires
Wed, 17 Jan 2024 17:47:40 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 553F 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/prebid-server/?gdpr=0&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-200.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://ap.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=172219
content-encoding
gzip
content-length
5622
content-type
text/html
date
Mon, 15 Jan 2024 17:57:21 GMT
expires
Wed, 17 Jan 2024 17:47:40 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
cm
us-u.openx.net/w/1.0/ Frame E18A 		802 B
507 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/prebid-server/?gdpr=0&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
7207dca973a26eccd7e3914c179a691c4eaa02edc57ae2a3ca1518ef4fd3c93b

Request headers

Referer
https://ap.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
488
content-type
text/html
date
Mon, 15 Jan 2024 17:57:21 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
merge
ce.lijit.com/ Frame E18A 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=76&3pid=7a48e85e-ea16-46a7-875c-75fac9448c40&gdpr=0&gdpr_consent=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.16 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 Jan 2024 17:57:22 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ams1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame E18A
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=643f45c5-3ac6-4200-bac6-117cfb4e4b15-65a571ff-4e4f&gdpr=0&gdpr_consent=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072977&val=643f45c5-3ac6-4200-bac6-117cfb4e4b15-65a571ff-4e4f&gdpr=0&gdpr_consent=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:22 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:21 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://us-u.openx.net/w/1.0/sd?id=537072977&val=643f45c5-3ac6-4200-bac6-117cfb4e4b15-65a571ff-4e4f&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
sd
us-u.openx.net/w/1.0/ Frame E18A
Redirect Chain
  • https://p.rfihub.com/cm?pub=25&in=1
  • https://us-u.openx.net/w/1.0/sd?id=537073062&val=5133329529895531335
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073062&val=5133329529895531335
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:22 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537073062&val=5133329529895531335
Date
Mon, 15 Jan 2024 17:57:22 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sd
us-u.openx.net/w/1.0/ Frame E18A
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0&gdpr=0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0&gdpr=0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=ZaVyAgAOulAd4wBU
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZaVyAgAOulAd4wBU&_test=ZaVyAgAOulAd4wBU
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZaVyAgAOulAd4wBU&_test=ZaVyAgAOulAd4wBU
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:22 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by
cache-bma1656-BMA
pragma
no-cache
date
Mon, 15 Jan 2024 17:57:22 GMT
via
1.1 varnish
server
Varnish
x-timer
S1705341442.323586,VS0,VE0
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZaVyAgAOulAd4wBU&_test=ZaVyAgAOulAd4wBU
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
sd
eu-u.openx.net/w/1.0/ Frame E18A
Redirect Chain
  • https://tr.blismedia.com/v1/api/sync/openx
  • https://eu-u.openx.net/w/1.0/sd?id=539732443&gdpr=&gdpr_consent=&val=65A572004CAA5CE22765E121BLIS&r=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2Fopenx%3Fpartner_device_id%3D65A572004CAA5CE22765...
0
13 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=539732443&gdpr=&gdpr_consent=&val=65A572004CAA5CE22765E121BLIS&r=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2Fopenx%3Fpartner_device_id%3D65A572004CAA5CE22765E121BLIS
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:57:22 GMT
via
1.1 google
server
OXGW/0.0.0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
vary
Accept
content-type
image/gif

Redirect headers

location
https://eu-u.openx.net/w/1.0/sd?id=539732443&gdpr=&gdpr_consent=&val=65A572004CAA5CE22765E121BLIS&r=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2Fopenx%3Fpartner_device_id%3D65A572004CAA5CE22765E121BLIS
date
Mon, 15 Jan 2024 17:57:22 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame E18A
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ox
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFHaGMwN0xTdVFBQUJRWnBaMlhhUQ&bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&b...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAGhc07LSuQAABQZpZ2XaQ&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3...
0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAGhc07LSuQAABQZpZ2XaQ&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Csas%252Cox%26bee_sync_current_partner%3Dpm%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Mon, 15 Jan 2024 17:57:21 GMT
cache-control
no-store, no-cache, private
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAGhc07LSuQAABQZpZ2XaQ&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Csas%252Cox%26bee_sync_current_partner%3Dpm%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2
Date
Mon, 15 Jan 2024 17:57:22 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
current
openx2-match.dotomi.com/match/bounce/ Frame E18A 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://openx2-match.dotomi.com/match/bounce/current?networkId=15900&version=1&nuid={OX_USER_ID}
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:21::1690 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:22 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 22CA 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6951301137441&version=m202309260101&ct=119&x=1&cor=11887821453636248000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
cookies.nextmillmedia.com/ Frame A26B 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cookies.nextmillmedia.com/sync?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dnextmillennium%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%5BNMUID%5D
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.177.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-177-11.compute-1.amazonaws.com
Software
fasthttp /
Resource Hash
dcd992032d4fa261e69df1f527f37032277d07e8f2078b4abe374ac44879f791

Request headers

Referer
https://ezgif.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

content-length
3148
content-type
text/html
date
Mon, 15 Jan 2024 17:57:22 GMT
server
fasthttp
setuid
prebid-stag.setupad.net/ Frame 9865 		0
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid-stag.setupad.net/setuid?bidder=nextmillennium&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&f=b&uid=
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dnextmillennium%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%5BNMUID%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.68.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
84600032a9de56c6-OSL
content-encoding
br
content-type
text/html
date
Mon, 15 Jan 2024 17:57:23 GMT
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RqABppBLjJhQp67HMZzLftzxQoQWVK%2FAbgEGxCxMUpbFfDAcn9TK6apxrmXKv%2FLfnKEeQ%2BiC7%2F3BMfPpHkate1K%2BAaLiKrPNGLJTS6VJfaTRuQr6WYG9m%2Bf9M7SXmc7U51QIxa9zT8FA"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
/
ssc-cms.33across.com/ps/ Frame F319 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26nmuid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uid%3D33XUSERID33X&id=zzz000000000002zzz
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dnextmillennium%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%5BNMUID%5D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.21 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip21.67-202-105.static.steadfastdns.net
Software
33XP003 /
Resource Hash

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

date
Mon, 15 Jan 2024 17:57:23 GMT
server
33XP003
x-33x-status
2000208
setuid
cookies.nextmillmedia.com/ Frame 1C04
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&gpp={{.GPP}}&gpp_sid={{.GPPSID}}&s=pbs&cb=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Damx%26nmuid%3D%26gdpr%3D0%26g...
  • https://cookies.nextmillmedia.com/setuid?bidder=amx&nmuid=&gdpr=0&gdpr_consent=&us_privacy=&uid=&gpp_sid=%7B%7B.GPPSID%7D%7D&gpp=%7B%7B.GPP%7D%7D
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cookies.nextmillmedia.com/setuid?bidder=amx&nmuid=&gdpr=0&gdpr_consent=&us_privacy=&uid=&gpp_sid=%7B%7B.GPPSID%7D%7D&gpp=%7B%7B.GPP%7D%7D
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dnextmillennium%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%5BNMUID%5D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.177.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-177-11.compute-1.amazonaws.com
Software
fasthttp /
Resource Hash

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

date
Mon, 15 Jan 2024 17:57:23 GMT
server
fasthttp

Redirect headers

cache-control
max-age=0, private, must-revalidate
content-length
0
date
Mon, 15 Jan 2024 17:57:22 GMT
location
https://cookies.nextmillmedia.com/setuid?bidder=amx&nmuid=&gdpr=0&gdpr_consent=&us_privacy=&uid=&gpp_sid=%7B%7B.GPPSID%7D%7D&gpp=%7B%7B.GPP%7D%7D
server
envoy
x-envoy-upstream-service-time
1
setuid
pbs.nextmillmedia.com/ Frame 3E71
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dappnexus%26nmuid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID
  • https://cookies.nextmillmedia.com/setuid?bidder=appnexus&nmuid=&gdpr=0&gdpr_consent=&us_privacy=&uid=5498199044226996140
  • https://pbs.nextmillmedia.com/setuid?bidder=appnexus&uid=5498199044226996140
86 B
396 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pbs.nextmillmedia.com/setuid?bidder=appnexus&uid=5498199044226996140
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dnextmillennium%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%5BNMUID%5D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.228.139.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-228-139-29.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
86
content-type
image/png
date
Mon, 15 Jan 2024 17:57:23 GMT
expires
0
pragma
no-cache
vary
Origin

Redirect headers

content-length
0
date
Mon, 15 Jan 2024 17:57:23 GMT
location
https://pbs.nextmillmedia.com/setuid?bidder=appnexus&uid=5498199044226996140
server
fasthttp
setuid
pbs.nextmillmedia.com/ Frame 1AFF
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dgrid%26nmuid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_con...
  • https://cookies.nextmillmedia.com/setuid?bidder=grid&nmuid=&gdpr=0&gdpr_consent=&us_privacy=&uid=125f1bfd-f835-444f-aebb-fe39c951329f
  • https://pbs.nextmillmedia.com/setuid?bidder=grid&uid=125f1bfd-f835-444f-aebb-fe39c951329f
86 B
413 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pbs.nextmillmedia.com/setuid?bidder=grid&uid=125f1bfd-f835-444f-aebb-fe39c951329f
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dnextmillennium%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%5BNMUID%5D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.228.139.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-228-139-29.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
86
content-type
image/png
date
Mon, 15 Jan 2024 17:57:23 GMT
expires
0
pragma
no-cache
vary
Origin

Redirect headers

content-length
0
date
Mon, 15 Jan 2024 17:57:23 GMT
location
https://pbs.nextmillmedia.com/setuid?bidder=grid&uid=125f1bfd-f835-444f-aebb-fe39c951329f
server
fasthttp
setuid
pbs.nextmillmedia.com/ Frame 8007
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=194962&gdpr=0&gdpr_consent=&us_privacy=&gpp={{.GPP}}&gppsid={{.GPPSID}}&cb=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dix%26nmuid%3D%26...
  • https://cookies.nextmillmedia.com/setuid?gpp=%7B%7B.GPP%7D%7D&bidder=ix&nmuid=&gdpr=0&gdpr_consent=&us_privacy=&uid=ZaVx-rC1Re9XqL1WAOmzmwAA%264418
  • https://pbs.nextmillmedia.com/setuid?bidder=ix&uid=ZaVx-rC1Re9XqL1WAOmzmwAA&4418
0
288 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pbs.nextmillmedia.com/setuid?bidder=ix&uid=ZaVx-rC1Re9XqL1WAOmzmwAA&4418
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dnextmillennium%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%5BNMUID%5D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.228.139.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-228-139-29.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html
date
Mon, 15 Jan 2024 17:57:23 GMT
expires
0
pragma
no-cache
vary
Origin

Redirect headers

content-length
0
date
Mon, 15 Jan 2024 17:57:23 GMT
location
https://pbs.nextmillmedia.com/setuid?bidder=ix&uid=ZaVx-rC1Re9XqL1WAOmzmwAA&4418
server
fasthttp
setuid
pbs.nextmillmedia.com/ Frame 5A1D
Redirect Chain
  • https://csync.loopme.me/?pubid=11364&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dloopme%26nmuid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uid%3...
  • https://cookies.nextmillmedia.com/setuid?bidder=loopme&nmuid=&gdpr=0&gdpr_consent=&us_privacy=&uid=2d50a1a0-9f9e-4e06-810d-450430d1ce7c&gdpr_consent=null&gdpr=0
  • https://pbs.nextmillmedia.com/setuid?bidder=loopme&uid=2d50a1a0-9f9e-4e06-810d-450430d1ce7c
86 B
414 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pbs.nextmillmedia.com/setuid?bidder=loopme&uid=2d50a1a0-9f9e-4e06-810d-450430d1ce7c
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dnextmillennium%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%5BNMUID%5D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.228.139.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-228-139-29.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
86
content-type
image/png
date
Mon, 15 Jan 2024 17:57:23 GMT
expires
0
pragma
no-cache
vary
Origin

Redirect headers

content-length
0
date
Mon, 15 Jan 2024 17:57:23 GMT
location
https://pbs.nextmillmedia.com/setuid?bidder=loopme&uid=2d50a1a0-9f9e-4e06-810d-450430d1ce7c
server
fasthttp
setuid
pbs.nextmillmedia.com/ Frame 438F
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dopenx%26nmuid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24%7BUID%7D
  • https://cookies.nextmillmedia.com/setuid?bidder=openx&nmuid=&gdpr=0&gdpr_consent=&us_privacy=&uid=2f78b951-b93d-4f43-ab6c-034930ae719f
  • https://pbs.nextmillmedia.com/setuid?bidder=openx&uid=2f78b951-b93d-4f43-ab6c-034930ae719f
0
308 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pbs.nextmillmedia.com/setuid?bidder=openx&uid=2f78b951-b93d-4f43-ab6c-034930ae719f
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dnextmillennium%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%5BNMUID%5D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.228.139.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-228-139-29.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html
date
Mon, 15 Jan 2024 17:57:23 GMT
expires
0
pragma
no-cache
vary
Origin

Redirect headers

content-length
0
date
Mon, 15 Jan 2024 17:57:23 GMT
location
https://pbs.nextmillmedia.com/setuid?bidder=openx&uid=2f78b951-b93d-4f43-ab6c-034930ae719f
server
fasthttp
ImgSync
image8.pubmatic.com/AdServer/ Frame A795 		0
39 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=157577&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dpubmatic%26nmuid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%23PMUID
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dnextmillennium%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%5BNMUID%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

content-length
0
date
Mon, 15 Jan 2024 17:57:23 GMT
usync.html
eus.rubiconproject.com/ Frame 590B
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17888&endpoint=us-east&nmuid=
  • https://eus.rubiconproject.com/usync.html?p=17888&endpoint=us-east&nmuid=
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=17888&endpoint=us-east&nmuid=
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dnextmillennium%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%5BNMUID%5D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 15 Jan 2024 17:57:23 GMT
ETag
"280524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 15 Jan 2024 17:57:23 GMT
location
https://eus.rubiconproject.com/usync.html?p=17888&endpoint=us-east&nmuid=
server
AkamaiGHost
pixel
ap.lijit.com/ Frame BFE8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dsovrn%26nmuid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dnextmillennium%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%5BNMUID%5D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.91 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Mon, 15 Jan 2024 17:57:23 GMT
X-Sovrn-Pod
ad_ap1ams1
getuid
eb2.3lift.com/ Frame 0CC8 		0
37 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=&gpp={{.GPP}}&gpp_sid={{.GPPSID}}&redir=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dtriplelift%26nmuid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dnextmillennium%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%5BNMUID%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

content-length
0
date
Mon, 15 Jan 2024 17:57:23 GMT
setuid
pbs.nextmillmedia.com/ Frame F3E3
Redirect Chain
  • https://ads.yieldmo.com/pbsync?gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dyieldmo%26nmuid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%...
  • https://cookies.nextmillmedia.com/setuid?bidder=yieldmo&nmuid=&uid=VEpIiaa11SaoKNVWkSDn&gdpr=0&gdpr_consent=&us_privacy=
  • https://pbs.nextmillmedia.com/setuid?bidder=yieldmo&uid=VEpIiaa11SaoKNVWkSDn
86 B
398 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pbs.nextmillmedia.com/setuid?bidder=yieldmo&uid=VEpIiaa11SaoKNVWkSDn
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dnextmillennium%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%5BNMUID%5D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.228.139.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-228-139-29.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
86
content-type
image/png
date
Mon, 15 Jan 2024 17:57:23 GMT
expires
0
pragma
no-cache
vary
Origin

Redirect headers

content-length
0
date
Mon, 15 Jan 2024 17:57:23 GMT
location
https://pbs.nextmillmedia.com/setuid?bidder=yieldmo&uid=VEpIiaa11SaoKNVWkSDn
server
fasthttp
usync.js
eus.rubiconproject.com/ Frame 590B 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17888&endpoint=us-east&nmuid=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
4c8a159651778f0ae37bbaf10b6d87d1451ead7f3abe06a5436c4935290d285e

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=17888&endpoint=us-east&nmuid=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 17:57:23 GMT
Content-Encoding
gzip
Last-Modified
Mon, 15 Jan 2024 04:50:42 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=39166
Connection
keep-alive
Content-Length
10963
Expires
Tue, 16 Jan 2024 04:50:09 GMT
khaos.json
token.rubiconproject.com/ Frame 590B 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
611afce88997db6fdd35eb213e662871
Expires
0
cm
u.openx.net/w/1.0/ Frame 7AD6 		1 KB
653 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
531542666aaa15f2b346f00a3ef5146390517298ab0959b496ef12b15dc0e101

Request headers

Referer
https://ezgif.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
634
content-type
text/html
date
Mon, 15 Jan 2024 17:57:23 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
setuid
prebid-stag.setupad.net/ Frame 7AD6 		0
1012 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-stag.setupad.net/setuid?bidder=openx&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&f=b&uid=2f78b951-b93d-4f43-ab6c-034930ae719f
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.68.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:23 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lZBBNfRMYvcDQTOrkNH9ttCHr%2B0qqw2oyAJBuQSgtzhDifzkDrrOdIwpz7ikbp0aX5jVdGdmhahLcGre3%2BAf7kI8OdNZR4z8eo8XdfzkiaJQeXib%2F3KjvI2dRzeTtTZxBhnZyknPaHfx"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
no-cache, no-store, must-revalidate
cf-ray
84600036dbd656c6-OSL
expires
0
sd
us-u.openx.net/w/1.0/ Frame 7AD6
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=3897694967927432154&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3897694967927432154&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:23 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3897694967927432154&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Mon, 15 Jan 2024 17:57:23 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sd
eu-u.openx.net/w/1.0/ Frame 7AD6
Redirect Chain
  • https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID
  • https://eu-u.openx.net/w/1.0/sd?id=537072399&val=5498199044226996140
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=5498199044226996140
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:23 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:23 GMT
an-x-request-uuid
c8dc9345-aad9-4765-8c9b-110ab34c48ed
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=5498199044226996140
x-proxy-origin
178.255.148.165; 178.255.148.165; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame 7AD6 		43 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=b9f5c7de-85f6-48cc-ba86-351b90373b6b&r=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db12%26redirect%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537141727%2526val%253D%2524TF_USER_ID_ENC%2524%26u%3D%7BOPENX_ID%7D
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:23 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 7AD6
Redirect Chain
  • https://dsp-ap.eskimi.com/pixelGet?ex=14&gdpr=0&dest=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D539901412%26val%3D%7Bdmp_id%7D%26gdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D
  • https://eu-u.openx.net/w/1.0/sd?id=539901412&val=58b904e2-0d8c-43c9-8dfb-e1db69915f8b&gdpr=0&gdpr_consent=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=539901412&val=58b904e2-0d8c-43c9-8dfb-e1db69915f8b&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:23 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://eu-u.openx.net/w/1.0/sd?id=539901412&val=58b904e2-0d8c-43c9-8dfb-e1db69915f8b&gdpr=0&gdpr_consent=
date
Mon, 15 Jan 2024 17:57:22 GMT
cache-control
no-cache
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
179
content-type
text/html; charset=UTF-8
sd
us-u.openx.net/w/1.0/ Frame 7AD6
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://us-u.openx.net/w/1.0/sd?id=537073028&val=${ADELPHIC_CUID}
  • https://us-u.openx.net/w/1.0/sd?id=537073028&val=a49e1b87-15a1-4300-80a6-42101368b95b
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073028&val=a49e1b87-15a1-4300-80a6-42101368b95b
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:24 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537073028&val=a49e1b87-15a1-4300-80a6-42101368b95b
Date
Mon, 15 Jan 2024 17:57:23 GMT
Connection
keep-alive
X-CI-RTID
34f2d51c-bb56-43fd-8b12-25a2e2e89a1a
Content-Length
112
Content-Type
text/html; charset=utf-8
sd
us-u.openx.net/w/1.0/ Frame 7AD6
Redirect Chain
  • https://um.simpli.fi/ox_match/gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=24F7B71C835A4B7AB277CE997168A0F7
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072966&val=24F7B71C835A4B7AB277CE997168A0F7
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:57:23 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Mon, 15 Jan 2024 17:57:23 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://us-u.openx.net/w/1.0/sd?id=537072966&val=24F7B71C835A4B7AB277CE997168A0F7
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 14 Jan 2024 17:57:23 GMT
Cairo-Black.woff2
s0.2mdn.net/sadbundle/16718324088024970577/roller-kwxx-728x90/ Frame 4C0C 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16718324088024970577/roller-kwxx-728x90/Cairo-Black.woff2
Requested by
Host: ezgif.com
URL: https://ezgif.com/resize
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5b9b6400102f47473a74ad2024b0ce14b70f3ff887f5bca6cc234e14366ab2be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/16718324088024970577/roller-kwxx-728x90/index.html?ev=01_250
Origin
https://s0.2mdn.net
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Mon, 13 Jan 2025 19:56:18 GMT
date
Sun, 14 Jan 2024 19:56:18 GMT
x-content-type-options
nosniff
age
79266
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35908
x-xss-protection
0
last-modified
Mon, 09 Jan 2023 08:12:05 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
prebid-stag.setupad.net
URL
https://prebid-stag.setupad.net/openrtb2/auction
Domain
b1sync.zemanta.com
URL
https://b1sync.zemanta.com/usersync/gumgum/?puid=e_2e6b5195-7336-4572-839a-b7fc5c71c798&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
Domain
b1sync.zemanta.com
URL
https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__&gdpr=0
Domain
b1sync.zemanta.com
URL
https://b1sync.zemanta.com/usersync/gumgum/?puid=e_2e6b5195-7336-4572-839a-b7fc5c71c798&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
Domain
sync.adotmob.com
URL
https://sync.adotmob.com/cookie/smart?r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D66%26partneruserid%3D%7Bamob_user_id%7D&gdpr=0&gdpr_consent=
Domain
b1sync.zemanta.com
URL
https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESECQlNODwKpjLawLYdf_qSgc&google_cver=1&google_push=AXcoOmQ-xi6KaMfDjjgKkGsMRdD1hAqVCrWiSvKH0-7A1on2JZr9zSkllANPCpclPvDdJTm1SOT_F4KtDdVUhR2rGGVrUYx6aWnZIw
Domain
sync-dmp.aura-dsp.com
URL
https://sync-dmp.aura-dsp.com/match/google?google_gid=CAESECiNuryfQ4DiA-ayy148vps&google_cver=1&google_push=AXcoOmSgMgh3qUnSnDbrTSs7bOUXIz42I0iL46bxTw-ifASVRuxdc6kc6z-FLsstuoDpx4JY27o4w8rrBgF7QDhzSDkZ6LzBGA43xlQ

Verdicts & Comments Add Verdict or Comment

329 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 string| cmpid object| s object| s2 function| inView object| googletag number| dr function| sdr function| msb function| checkFS object| __bt object| __bt_intrnl object| __bt_tag_d object| __bt_tag_am function| __tcfapi function| findCMP function| _defineProperty object| stpdChunk object| stpd object| _pbjsGlobals function| stpdPassback object| stpdSource object| ADAGIO object| mnet string| clientContinent object| __stpdTags object| ggeac object| google_tag_data object| google_js_reporting_queue object| stpdCmpGlobals function| manualCmpPreview function| manualCmpResurface boolean| __bt_already_invoked undefined| google_measure_js_timing object| apstag object| aax function| stpdLog object| Criteo object| pbjs object| regeneratorRuntime object| ox_esp object| PGc7aE function| PGc7aI object| xop object| -1ckogwf91am8 object| -13orc76no5j4 object| __uid2SecureSignalProvider object| __uid2 function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_oa object| sync16589_xa object| sync16589_ya function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_J function| sync16589_K function| sync16589_L function| sync16589_la function| sync16589_ma function| sync16589_na function| sync16589_M function| sync16589_N function| sync16589_pa function| sync16589_O function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_P function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_wa function| sync16589_Q function| sync16589_R function| sync16589_za function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_Aa function| sync16589_W function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Ea function| sync16589_Ba function| sync16589_1 function| sync16589_Da function| sync16589_Ca function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Ga function| sync16589_Ha function| sync16589_Ja function| sync16589_Fa function| sync16589_7 function| sync16589_Ia function| sync16589_La function| sync16589_Ka function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_Pa function| sync16589_$ function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa function| sync16589_Ta object| lotame_sync_16589 object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_148 object| Criteo_identitytag_148 object| t75kOQ2 function| t75kOQ3 function| xblocker object| _aps boolean| apstagLOADED object| apscustom object| appH7j function| appH7H object| xblacklist object| lotame_sync_16576 boolean| creativeVendorLibraryLoaded function| ha object| cnvr_launcher_options object| ID5 object| __id5_instances function| sync16576_aa function| sync16576_c undefined| sync16576_d undefined| sync16576_ba undefined| sync16576_e function| sync16576_f object| sync16576_h function| sync16576_ca function| sync16576_j function| sync16576_da object| sync16576_ object| sync16576_ga object| sync16576_v object| sync16576_oa object| sync16576_xa object| sync16576_ya function| sync16576_a function| sync16576_b function| sync16576_g function| sync16576_i function| sync16576_k function| sync16576_l function| sync16576_m function| sync16576_n function| sync16576_o function| sync16576_p function| sync16576_q function| sync16576_r function| sync16576_fa function| sync16576_ea function| sync16576_s function| sync16576_t function| sync16576_u function| sync16576_w function| sync16576_ha function| sync16576_ia function| sync16576_y function| sync16576_ja function| sync16576_z function| sync16576_A function| sync16576_x function| sync16576_B function| sync16576_ka function| sync16576_C function| sync16576_D function| sync16576_E function| sync16576_F function| sync16576_G function| sync16576_H function| sync16576_I function| sync16576_J function| sync16576_K function| sync16576_L function| sync16576_la function| sync16576_ma function| sync16576_na function| sync16576_M function| sync16576_N function| sync16576_pa function| sync16576_O function| sync16576_qa function| sync16576_ra function| sync16576_sa function| sync16576_P function| sync16576_ta function| sync16576_ua function| sync16576_va function| sync16576_wa function| sync16576_Q function| sync16576_R function| sync16576_za function| sync16576_S function| sync16576_T function| sync16576_U function| sync16576_V function| sync16576_Aa function| sync16576_W function| sync16576_X function| sync16576_Y function| sync16576_Z function| sync16576__ function| sync16576_0 function| sync16576_Ea function| sync16576_Ba function| sync16576_1 function| sync16576_Da function| sync16576_Ca function| sync16576_2 function| sync16576_3 function| sync16576_4 function| sync16576_5 function| sync16576_Ga function| sync16576_Ha function| sync16576_Ja function| sync16576_Fa function| sync16576_7 function| sync16576_Ia function| sync16576_La function| sync16576_Ka function| sync16576_8 function| sync16576_6 function| sync16576_9 function| sync16576_Ma function| sync16576_Na function| sync16576_Oa function| sync16576_Pa function| sync16576_$ function| sync16576_Qa function| sync16576_Ra function| sync16576_Sa function| sync16576_Ta object| hadron boolean| __halo_loaded__ object| PublisherCommonId object| conversant object| sas object| apntag object| _ADAGIO number| google_unique_id object| gaGlobal object| au object| criteo_pubtag_prebid_136 object| Criteo_prebid_136 object| publink_options object| coreid boolean| DFPMessageEnabled object| ONFOCUS

141 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIoQEQ1amV8tAxCgoIkQIQ1amV8tAxCgoItAIQ1amV8tAxCgoI5gEQ1amV8tAxCgoIhwIQ1amV8tAxCgoItwIQ1amV8tAxCgkIOhDVqZXy0DEKCgiMAhDVqZXy0DEKCQhfENWplfLQMQoJCB8Q1amV8tAx
i.liadm.com/s Name: _li_ss
Value: ChMKBgjdARD9FgoJCP____8HEIcX
i6.liadm.com/s Name: _li_ss
Value: CgA
ezgif.com/ Name: stpdOrigin
Value: {"origin":"direct"}
ezgif.com/ Name: _pbjs_userid_consent_data
Value: 6683316680106290
.lijit.com/ Name: ljt_reader
Value: H_yVpBZHWQWJzeE7RW-dyeUS
prebid.a-mo.net/ Name: _Amc_b
Value: 0
lwadm.com/ Name: uid
Value: 5b7c26e3-7b76-48cc-82bb-d00f99f6dc7e
.criteo.com/ Name: uid
Value: 92ece2e7-18e6-408e-a1f0-a80829873903
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.openx.net/ Name: i
Value: c50a09c7-a925-435d-9a36-0bb4d5d280ef|1705341436
ads.us.e-planning.net/ Name: CT
Value: 1
.smartadserver.com/ Name: pbw
Value: %24b%3d16999%3b%24o%3d11100
.smartadserver.com/ Name: vs
Value: 322909=5805717
.smartadserver.com/ Name: TestIfCookie
Value: ok
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: sasd
Value: %24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D0484%3B%24qt%3D216_1430_41056t%3B%24dma%3D0%3B%24qo%3D5
.ezgif.com/ Name: connectId
Value: {"ttl":86400000,"lastUsed":1705341437187,"lastSynced":1705341437187}
.e-planning.net/ Name: E
Value: AGBpJE/UlC/uyZTt
.smartadserver.com/ Name: pid
Value: 1632441555638621583
.smartadserver.com/ Name: sasd2
Value: q=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D0484%3B%24qt%3D216_1430_41056t%3B%24dma%3D0%3B%24qo%3D5&c=1&l=819242284&lo=988266927&lt=638409382370774986&o=1
.rubiconproject.com/ Name: khaos
Value: LRF89E6I-1X-3IKJ
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qpIh+z43hpCnwH/zg6eyGA5WYtpZlqiAnzt6JhfSCgmATUigUaWjebU4c7Ced9uzU9IHHY/eKfzM4XkPdjTHC1fIo8tEQuGXfEijy0RC4Zd8aZr5ZVxLWDe
.ezgif.com/ Name: cto_bidid
Value: CF3hjl9GRzRRN0xSTyUyRlk5aVYlMkJoWUFuYXlWbjhMSFklMkJFVGxvSE5EV1lJY2tpNXpIdTlJNlZQY1JxQjZibDNicGhMWmJRNTNHSHFTb0dOZlc1WGo4NzJaanhOQSUzRCUzRA
.ezgif.com/ Name: cto_bundle
Value: Jdzacl9zOTk0Sjl5S1JvR2UxOUt3Q3pkamVlalFVNElSenI0cTk1bUpnNHVYNHA0bWIlMkJiVVpHZnQ3cXJRZTF1UjdodXJGMmttdEVLNlRWUTNOTkFUcUtONTYxa0Z3VTFHWjViUXRsbmQyN0FCMnNBZnJIZnpVOURGdUZBdlk4TEdqMWJKbXJUMEtya2FUZXZXUGtlRnBzVE00ZyUzRCUzRA
.adnxs.com/ Name: uuid2
Value: 5498199044226996140
.gumgum.com/ Name: vst
Value: e_2e6b5195-7336-4572-839a-b7fc5c71c798
.bidswitch.net/ Name: c
Value: 1705341437
.bidswitch.net/ Name: tuuid_lu
Value: 1705341437
.bidswitch.net/ Name: tuuid
Value: 125f1bfd-f835-444f-aebb-fe39c951329f
.adform.net/ Name: C
Value: 1
.go.sonobi.com/ Name: __uis
Value: 4cc43bb9-d7a1-4440-ab6b-aa41b31e8b82
.go.sonobi.com/ Name: HAPLB8G
Value: s85104|ZaVyA
.turn.com/ Name: uid
Value: 3897694967927432154
.adform.net/ Name: uid
Value: 1325312571758247641
.creativecdn.com/ Name: u
Value: fNXD3pLgkjFq4W2jAMpJ
.creativecdn.com/ Name: g
Value: fNXD3pLgkjFq4W2jAMpJ_1705341437628
.contextweb.com/ Name: V
Value: nexbIDoOEifh
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 86db9b5b918923d3
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-6e6f60e8-35a0-40b1-a582-c5da107844cb-003%22%7D
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-50c15911-bbf9-595b-7808-0521a737c370.SR71NWyMPMJY5xqL0HAh99YERBclm4Qh50uaLTRUyeE
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-50c15911-bbf9-595b-7808-0521a737c370.SR71NWyMPMJY5xqL0HAh99YERBclm4Qh50uaLTRUyeE
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AUMFZEbv5WVt4CAUhpzfDcLL_lKU.XSRtuE2b7fvCxkk51H4sBx1epkaovSPFUJCQeyUauuI
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AUMFZEbv5WVt4CAUhpzfDcLL_lKU.XSRtuE2b7fvCxkk51H4sBx1epkaovSPFUJCQeyUauuI
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIEAyPyANCj63MSdBFD5dWOk2qrSTA8uUOBFED3aJBWKnEHwYBCD945WtBjABOgRvD7diQgQ9DETn.N3K3N%2FfufjyZgwmY3J58R%2FdDc1nbkGbeAG3pfoQnGdg
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIEAyPyANCj63MSdBFD5dWOk2qrSTA8uUOBFED3aJBWKnEHwYBCD945WtBjABOgRvD7diQgQ9DETn.N3K3N%2FfufjyZgwmY3J58R%2FdDc1nbkGbeAG3pfoQnGdg
.ipredictive.com/ Name: cu
Value: a49e1b87-15a1-4300-80a6-42101368b95b|1705341437968
.doubleclick.net/ Name: IDE
Value: AHWqTUnAjryUfXzWfnptupxY5ODMEQpntRin-ue0gKO75exW6Y85mAKJjt5JDznQlKg
.ezgif.com/ Name: __gads
Value: ID=a02bb1ffa8c4684c:T=1705341437:RT=1705341437:S=ALNI_MbWZMqFAhyQtkO2MZk3Xzuq4xBuRw
.ezgif.com/ Name: __gpi
Value: UID=00000d41d1eae43c:T=1705341437:RT=1705341437:S=ALNI_MYlB0tfLtc7Yg3RXPV5tQ4bZTJ2AQ
.amazon-adsystem.com/ Name: ad-id
Value: AzXlL352xUD8uJFbHWeUKhM
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.prebid.a-mo.net/ Name: __amc
Value: 2_1705341436_1705341438
.adnxs.com/ Name: icu
Value: ChgIuJJ8EAoYAiACKAIw_uOVrQY4AkACSAIQ_uOVrQYYAQ..
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-6e6f60e8-35a0-40b1-a582-c5da107844cb-003%22%2C%22nxtrdr%22%3A%22https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D%22%2C%22zdxidn%22%3A%222069.5%22%7D
.casalemedia.com/ Name: CMID
Value: ZaVx-rC1Re9XqL1WAOmzmwAA
.casalemedia.com/ Name: CMPS
Value: 4418
.casalemedia.com/ Name: CMPRO
Value: 4418
.smaato.net/ Name: SCM
Value: 9c2c41f135
.smaato.net/ Name: SCMaps
Value: 9c2c41f135
.mediago.io/ Name: __mguid_
Value: acc8ce73d6e9cdf52605c500lrf89fsl
.media.net/ Name: visitor-id
Value: 3483430399418141000V10
.3lift.com/ Name: tluid
Value: 1848106323789703712951
.yieldmo.com/ Name: yieldmo_id
Value: VEpIiaa11SaoKNVWkSDn%7C1705276800000%7C0
.ads.yieldmo.com/ Name: re_sync
Value: rc%3D1185104%7Ct%3D1185104%7Cpub%3D1185104%7Cdv360%3D1185104%7Can%3D1185104
.360yield.com/ Name: tuuid
Value: fc2aff31-9c4a-4e3f-a561-5b4152c50304
.360yield.com/ Name: tuuid_lu
Value: 1705341439
.bidr.io/ Name: bitoIsSecure
Value: ok
.bidr.io/ Name: bito
Value: AAGhc07LSuQAABQZpZ2XaQ
.sitescout.com/ Name: ssi
Value: 643f45c5-3ac6-4200-bac6-117cfb4e4b15#1705341439399
.acuityplatform.com/ Name: auid
Value: 877233762466
.acuityplatform.com/ Name: aum
Value: OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqBMjf6jXVzZXJNYXRjaGluZ0lkJLaRbGFzdERyb3BUaW1lTWlsbGlzJQFGQ0hUcJCYbGFzdFN1Y2Nlc3NmdWxNYXRjaE1pbGxpcyUBRkNIVHCQj3RoaXJkUGFydHlVc2VySWRXSF95VnBCWkhXUVdKemVFN1JXLWR5ZVVT+/uGdmVyc2lvbsL7
.quantserve.com/ Name: mc
Value: 65a571ff-7f244-03650-9bc84
.csync.loopme.me/ Name: viewer_token
Value: 2d50a1a0-9f9e-4e06-810d-450430d1ce7c
.company-target.com/ Name: tuuid
Value: 70e56c33-9a17-47db-8b6d-6ec4ee1cf463
.company-target.com/ Name: tuuid_lu
Value: 1705341439|ix:0
.adx.opera.com/ Name: UID
Value: OPU808a358805d44a548b9bb717fd8a65a8
.ads.stickyadstv.com/ Name: UID
Value: 217c45e5efde5db4a7fc43cb461111f
.ads.stickyadstv.com/ Name: uid-bp-34673
Value: ZaVx_rC1Re9XqL1WAOmzmwAAEUIAAAIB
.lijit.com/ Name: _ljtrtb_85
Value: AAGhc07LSuQAABQZpZ2XaQ
.lijit.com/ Name: _ljtrtb_103
Value: OPU808a358805d44a548b9bb717fd8a65a8
.tapad.com/ Name: TapAd_TS
Value: 1705341439807
.tapad.com/ Name: TapAd_DID
Value: 1ddb845b-965d-4bdc-8fa7-874217dffc16
.ads.yieldmo.com/ Name: ptran
Value: 5498199044226996140
.de17a.com/ Name: guid
Value: 1.2562805747711983224
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.imrworldwide.com/ Name: IMRID
Value: 86f61361-b3cf-11ee-a44f-7391253cd60a
.liadm.com/ Name: lidid
Value: af42ba11-7979-4935-a568-a69523cf6237
pixel.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.yandex.ru/ Name: yuidss
Value: 9612746511705341439
.yandex.ru/ Name: yandexuid
Value: 9612746511705341439
.linkedin.com/ Name: bcookie
Value: "v=2&5c81a86e-25ca-4692-881c-64f24a85facd"
.linkedin.com/ Name: li_gc
Value: MTswOzE3MDUzNDE0Mzk7MjswMjFCsachjtL1V2Xz2fwsezB3AwyjhOQcReEOfiiqcZhVqA==
.linkedin.com/ Name: lidc
Value: "b=OGST05:s=O:r=O:a=O:p=O:g=2940:u=1:x=1:i=1705341439:t=1705427839:v=2:sig=AQFE1XJPxja1SbUU0cE-407j2Y_3rTFB"
.creative-serving.com/ Name: tuuid
Value: ad043c2e-bb10-4580-ae2f-ff79fc664b34
.creative-serving.com/ Name: c
Value: 1705341440
.creative-serving.com/ Name: tuuid_lu
Value: 1705341440
.doubleclick.net/ Name: APC
Value: AfxxVi6Xifv0KG9Juph9UVVfzVqfNb6AB4TyI0N7qqySbBUXI7SFLA
m.exactag.com/ Name: exactag_new_gk
Value: c903d45f22d44fdea7c7ecfddd62430c%7C15.03.2024%2017%3A57%3A20
m.exactag.com/ Name: exactag_new_uk
Value: f0bedf85b6f34964952759aeaefa6ab3%7c
m.exactag.com/ Name: session_session
Value: 461c15eb2b684c7991a21ff8
.yahoo.com/ Name: A3
Value: d=AQABBABypWUCEGQGVfMC6he_YAB8vJq_DkUFEgEBAQHDpmWvZQAAAAAA_eMAAA&S=AQAAAi1Q1hclaZyc-Tyik_HfIZQ
lwadm.com/ Name: uidum
Value: 5b7c26e3-7b76-48cc-82bb-d00f99f6dc7e
lwadm.com/ Name: um
Value: EjgKEgmwYEPBL%2F%2BeSBGwhr42zQl9qxIiChMxMzI1MzEyNTcxNzU4MjQ3NjQxEgsIyqD1v67%2FyjwQBRI4ChIJVFhIA%2BJa1UMRjV3P6bEqwIwSIgoTNTQ5ODE5OTA0NDIyNjk5NjE0MBILCIKxhMCu%2F8o8EAUSSQoSCY9O24lb6EtPEbeiZVVAOMdsEjMKJGZjMmFmZjMxLTljNGEtNGUzZi1hNTYxLTViNDE1MmM1MDMwNBILCKb8ncCu%2F8o8EAU%3D
.quantserve.com/ Name: d
Value: ECUBGQH0KoqsMM2MgQqPoQA
.creativecdn.com/ Name: ts
Value: 1705341440
.blismedia.com/ Name: b
Value: 65A572004CAA5CE22765E121BLIS
.audrte.com/ Name: arcki2
Value: edhygxuYtI4SrqOUqE2BvG1Gg!20220908!1705341440984!ip#178.255.148.165
.audrte.com/ Name: arcki2_ddp2
Value: edhygxuYtI4SrqOUqE2BvG1Gg!20220908!1705341441137
.admanmedia.com/ Name: admtr
Value: 9739865c-41f0-4758-8d7a-571ced2f6a59
.admanmedia.com/ Name: ac_r
Value: CS159
.adnxs.com/ Name: anj
Value: dTM7k!M4/YDunaTF']wIg2HaPDjH?t!@wnf-Te9(SNOfY2^u31Es^YcD?)'aGm1D#D?3YjGn6txFpk)Guln^s5D8-cP)j.gAQ8>x
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJ0cmlwbGVsaWZ0X25hdGl2ZSI6eyJ1aWQiOiIxODQ4MTA2MzIzNzg5NzAzNzEyOTUxIiwiZXhwaXJlcyI6IjIwMjQtMDQtMTRUMTc6NTc6MjFaIn19LCJiaXJ0aGRheSI6IjIwMjQtMDEtMTVUMTc6NTc6MjFaIn0=
.audrte.com/ Name: arcki2_adform
Value: 1325312571758247641!20220908!1705341441298
.smartadserver.com/ Name: csync
Value: 80:eGESv3llFexjYxW4emBeun1iRrpjbRHpdmCA8jFq|141:edhygxuYtI4SrqOUqE2BvG1Gg
.audrte.com/ Name: arcki2_smart
Value: 1632441555638621583!20220908!1705341441499
.lijit.com/ Name: ljtrtbexp
Value: eJxdjLkRgDAMBHtR7MCS9dIaQ%2B8GzAwc4d6zO7nTxtHdjPvIRsEvKzc6Uxzoj2MJrNTlOlRVrEQl8kkSpVrIaejMwF4Gsi2fjVS%2Fe0cu%2Be6PCVoBLSg%3D
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1p50|3oy.0.643f45c5-3ac6-4200-bac6-117cfb4e4b15-65a571ff-4e4f|4is.0.CAESENi3ZF0H_kRYrFL2Zvy_hkA|7bq.0.1|7dW.0.1
.lijit.com/ Name: _ljtrtb_92
Value: 5498199044226996140
.lijit.com/ Name: _ljtrtb_49
Value: nexbIDoOEifh
.sitescout.com/ Name: _ssuma
Value: eyIyNCI6MTcwNTM0MTQ0MDQ4OCwiMjciOjE3MDUzNDE0Mzk0NzAsIjM5IjoxNzA1MzQxNDM5NDcwLCIxNyI6MTcwNTM0MTQ0MjAzNiwiNyI6MTcwNTM0MTQzOTQ3MH0
.lijit.com/ Name: _ljtrtb_76
Value: 7a48e85e-ea16-46a7-875c-75fac9448c40
.lijit.com/ Name: ljtrtb
Value: eJwNzEELwjAMhuH%2F0rOFtiZN4m2iiCDMIYLslnYd86JeBEH87%2Bb6Ph%2Ff18WwdhvXn68cWNfIHHACUAQuUgpFmifWjMpu5UBs%2Bmifctw9%2B%2F19XqxJsoYgHEUCQEpZJEcIRoxGXXdYaqDT5T103XYYX2O66WBK2ZQUuDE23zRmD1nJM2H1hLNWAeBqT78%2FgyIprg%3D%3D
.lijit.com/ Name: _ljtrtb_26
Value: 125f1bfd-f835-444f-aebb-fe39c951329f
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZaVyAgAOulAd4wBU
.mfadsrvr.com/ Name: tuuid
Value: 3762e2b2-c8d2-4517-94a5-8269976efe04
.mfadsrvr.com/ Name: c
Value: 1705341442
.mfadsrvr.com/ Name: tuuid_lu
Value: 1705341442
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_9vFyGtobmBqbGJoYmJkbGEIADWYKU4QAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0NjY2sjQ1srSwNDU1BvJMhfgMdZNT_IxcPTPT3dwyAwAdFL28JQAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0NjY2sjQ1srSwNDU1BvJMhfgMdZNT_IxcPTPT3dwyAwAdFL28JQAAAA
.mfadsrvr.com/ Name: ssh
Value: !sovrn,1705341442
cookies.nextmillmedia.com/ Name: NMUID
Value: csuid_c40685be-4c30-4a4a-b9a6-82aa51e83b8d
cookies.nextmillmedia.com/ Name: syncedBidders
Value: {"loopme":1}
pbs.nextmillmedia.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJsb29wbWUiOnsidWlkIjoiMmQ1MGExYTAtOWY5ZS00ZTA2LTgxMGQtNDUwNDMwZDFjZTdjIiwiZXhwaXJlcyI6IjIwMjQtMDEtMjlUMTc6NTc6MjMuNTI3OTQ2NjA5WiJ9fX0=
.openx.net/ Name: pd
Value: v2|1705341438.2.1.2|iyvQvNgun0.gqwksLmOgewL.j8fcvSiSsfns.mWgmmuwEgiw9
.adnxs.com/ Name: XANDR_PANID
Value: pRyZVpKOM-VkQ_G20YSyIPylsB4bpP_shrm3h5Af0G0qtHP1N_4fn7nsr90TY-0jv9L_DcVHvxV2WgPFg7GOa_zavht5KwcM2NNJPMqDjuU.
prebid-stag.setupad.net/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJhZGZvcm0iOnsidWlkIjoiMTMyNTMxMjU3MTc1ODI0NzY0MSIsImV4cGlyZXMiOiIyMDI0LTAxLTI5VDE3OjU3OjE5LjkyNTI1ODA2WiJ9LCJlcGxhbm5pbmciOnsidWlkIjoiQUdCcEpFL1VsQy91eVpUdCIsImV4cGlyZXMiOiIyMDI0LTAxLTI5VDE3OjU3OjE3LjI1MDA1NDE1MloifSwiaXgiOnsidWlkIjoiWmFWeC1yQzFSZTlYcUwxV0FPbXptd0FBXHUwMDI2NDQxOCIsImV4cGlyZXMiOiIyMDI0LTAxLTI5VDE3OjU3OjIwLjUxNjg5NzMyOVoifSwibWVkaWFuZXQiOnsidWlkIjoiMDAwMEVFQSIsImV4cGlyZXMiOiIyMDI0LTAxLTI5VDE3OjU3OjE4LjkxMjgyOTI0M1oifSwib3BlbngiOnsidWlkIjoiMmY3OGI5NTEtYjkzZC00ZjQzLWFiNmMtMDM0OTMwYWU3MTlmIiwiZXhwaXJlcyI6IjIwMjQtMDEtMjlUMTc6NTc6MjMuNzU1NjM5NDM4WiJ9LCJzbWFydGFkc2VydmVyIjp7InVpZCI6IjE2MzI0NDE1NTU2Mzg2MjE1ODMiLCJleHBpcmVzIjoiMjAyNC0wMS0yOVQxNzo1NzoxOC40NjMyNzI2MzFaIn0sInNvdnJuIjp7InVpZCI6IkhfeVZwQlpIV1FXSnplRTdSVy1keWVVUyIsImV4cGlyZXMiOiIyMDI0LTAxLTI5VDE3OjU3OjIxLjk3NDIzMDY2MloifX19
.eskimi.com/ Name: __eConsent
Value: 1
.eskimi.com/ Name: __eDId
Value: 58b904e2-0d8c-43c9-8dfb-e1db69915f8b
.simpli.fi/ Name: suid
Value: 24F7B71C835A4B7AB277CE997168A0F7

6 Console Messages

Source Level URL
Text
security warning URL: https://tagan.adlightning.com/setupad/op.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: https://tagan.adlightning.com/setupad/op.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
other warning URL: https://0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 16)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://sync-dmp.aura-dsp.com/match/google?google_gid=CAESECiNuryfQ4DiA-ayy148vps&google_cver=1&google_push=AXcoOmSgMgh3qUnSnDbrTSs7bOUXIz42I0iL46bxTw-ifASVRuxdc6kc6z-FLsstuoDpx4JY27o4w8rrBgF7QDhzSDkZ6LzBGA43xlQ
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://eb2.3lift.com/xuid?mid=2711&xuid=92ece2e7-18e6-408e-a1f0-a80829873903&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=&gpp=${GPP_STRING_28}
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=&gpp={{.GPP}}&gpp_sid={{.GPPSID}}&redir=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dtriplelift%26nmuid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID
Message:
Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0beebb6da25970e5639bdce780c621ba.safeframe.googlesyndication.com
1x1.a-mo.net
a.ad.gt
a.audrte.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
ad-delivery.net
ad.360yield.com
ad.doubleclick.net
ad.turn.com
ads.creative-serving.com
ads.eu.criteo.com
ads.pubmatic.com
ads.stickyadstv.com
ads.us.e-planning.net
ads.yieldmo.com
adx.adform.net
amazon-tam-match.dotomi.com
an.yandex.ru
ap.lijit.com
api.btloader.com
b1sync.zemanta.com
bcp.crwdcntrl.net
bh.contextweb.com
bidder.criteo.com
btloader.com
btlr.sharethrough.com
c.amazon-adsystem.com
c1.adform.net
cat.nl3.eu.criteo.com
cdn.hadronid.net
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdnjs.cloudflare.com
ce.lijit.com
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
cmp.setupcmp.com
cms.quantserve.com
config.aps.amazon-adsystem.com
connectid.analytics.yahoo.com
cookies.nextmillmedia.com
creativecdn.com
cs-server-s2s.yellowblue.io
cs.admanmedia.com
cs.media.net
csm.eu.criteo.net
csync.loopme.me
d5p.de17a.com
dis.criteo.com
dmp.adform.net
dsp-ap.eskimi.com
dsum-sec.casalemedia.com
eb2.3lift.com
eu-u.openx.net
eus.rubiconproject.com
ezgif.com
fastlane.rubiconproject.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hb.yellowblue.io
hbopenbid.pubmatic.com
hbx.media.net
htlb.casalemedia.com
i.liadm.com
i6.liadm.com
ib.adnxs.com
id.hadron.ad.gt
id5-sync.com
image2.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
imageproxy.eu.criteo.net
invstatic101.creativecdn.com
js-sec.indexww.com
lb.eu-1-id5-sync.com
lwadm.com
m.exactag.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
mp.4dex.io
mug.criteo.com
node.setupad.com
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
openx2-match.dotomi.com
p.rfihub.com
pagead2.googlesyndication.com
pbs-cs.yellowblue.io
pbs.nextmillmedia.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel.rubiconproject.com
pixel.tapad.com
pr-bh.ybp.yahoo.com
prebid-stag.setupad.net
prebid.a-mo.net
prg.smartadserver.com
proc.ad.cpe.dotomi.com
pulsepoint-match.dotomi.com
px.ads.linkedin.com
r.casalemedia.com
r.turn.com
rt.marphezis.com
rtb-csync.smartadserver.com
rtb.gumgum.com
rtb.mfadsrvr.com
rtb.nl3.eu.criteo.com
rtb.openx.net
s.ad.smaato.net
s.amazon-adsystem.com
s.company-target.com
s0.2mdn.net
script.4dex.io
secure-assets.rubiconproject.com
secure-gl.imrworldwide.com
secure.adnxs.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
setupad-d.openx.net
ssbsync-global.smartadserver.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssp-sync.criteo.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.criteo.net
stpd.cloud
sync-amz.ads.yieldmo.com
sync-dmp.aura-dsp.com
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.crwdcntrl.net
sync.e-planning.net
sync.go.sonobi.com
sync.ipredictive.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
t.adx.opera.com
tagan.adlightning.com
tags.crwdcntrl.net
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
trace-eu.mediago.io
trace.mediago.io
u-ams03.e-planning.net
u.ipw.metadsp.co.uk
u.openx.net
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
www.google.com
www.googletagservices.com
x.bidswitch.net
b1sync.zemanta.com
prebid-stag.setupad.net
sync-dmp.aura-dsp.com
sync.adotmob.com
104.18.36.155
104.18.38.76
124.146.153.161
13.32.119.77
130.211.23.194
142.250.184.198
142.250.185.66
145.40.97.67
151.101.66.49
154.59.122.79
159.89.25.223
162.19.138.119
162.19.138.120
164.132.25.180
169.197.150.8
172.67.68.162
173.231.180.197
178.128.135.204
178.250.1.6
178.250.1.9
18.158.135.126
18.159.21.114
18.193.197.239
18.66.147.119
184.30.22.30
184.30.24.22
185.184.8.90
185.64.189.112
185.64.190.79
185.86.138.32
193.0.160.130
193.3.178.3
193.3.178.4
198.47.127.19
198.47.127.205
2001:678:cb4:bbbb::11
208.93.169.131
213.155.156.166
213.202.235.10
216.52.2.16
216.52.2.91
216.58.212.162
23.205.176.78
23.212.211.47
23.212.88.20
23.218.208.200
2600:1f18:ed:550a:ac77:9c63:d66e:ebeb
2600:9000:211e:7200:1b:5138:8a40:93a1
2600:9000:223c:2800:1e:a43d:b640:93a1
2600:9000:223c:4400:10:dd8:5e40:93a1
2600:9000:2250:7200:a:e047:753:a221
2602:803:c003:200::91
2606:4700:10::6816:3456
2606:4700:10::6816:35ad
2606:4700:10::6816:4bd8
2606:4700:10::6816:545
2606:4700:10::ac43:17ea
2606:4700:20::681a:346
2606:4700:20::681a:406
2606:4700:20::ac43:4bf1
2606:4700:4400::6812:22b2
2606:4700::6810:5614
2606:4700::6811:190e
2606:4700::6812:1f31
2607:ae80:192:1::173
2607:f350:3:2569:0:10:0:c
2620:116:800d:21:7eb1:3826:be7e:d981
2620:1ec:21::14
2a00:1450:4001:809::2001
2a00:1450:4001:811::2004
2a00:1450:4001:813::2002
2a00:1450:4001:827::2006
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2002
2a01:4f8:251:590b::2
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:3::6
2a02:2638:3::7
2a02:2638:3::9
2a02:2638:3::c
2a02:6b8::90
2a02:fa8:8806:21::1690
2a02:fa8:8806:21::1780
2a05:d018:d29:3601:3295:f713:9e96:927c
3.160.179.133
3.217.158.231
3.228.139.29
3.71.149.231
34.102.146.192
34.111.113.62
34.120.107.143
34.203.113.223
34.252.224.169
34.96.105.8
34.96.70.87
34.96.71.22
34.98.64.218
35.158.151.55
35.158.87.169
35.186.201.99
35.186.253.211
35.204.74.118
35.208.249.213
35.210.239.72
35.214.147.28
35.214.168.80
35.244.159.8
37.157.2.229
37.157.4.29
37.157.5.84
37.252.171.149
46.228.174.117
5.135.209.105
51.38.120.206
52.19.9.47
52.209.229.149
52.210.15.1
52.211.238.11
52.213.174.136
52.223.40.198
52.28.33.173
52.46.155.104
52.59.109.187
52.72.177.11
54.145.121.220
54.154.148.20
54.167.245.43
54.170.29.7
54.210.237.164
54.72.115.20
65.9.66.104
67.202.105.21
67.220.226.238
69.173.144.138
69.173.144.165
76.223.111.18
80.77.87.161
82.145.213.8
98.98.134.243
99.80.15.151
99.86.4.71
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
05f4661e88a147faa79c95c32dd24d078dea2759dfe0ddb80810088ec8bf084b
062ae97c3beccec19d98bd998586b18af77b7f2868d3c1d1b18a01290dc6e75a
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0878caf45ab3e9900e069b7be7d430ca6a3ccd3f8ce3fe3a08632c5a6f3a3ce7
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0a301f1f7c6a44809d4c4d29d527211afca4d3cd5aafa9035e859c1fb126d6fc
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c1ce1aa8e07e9cd49cd881147c0495b5c636dab10ab1c30ceb935b74a8c0ecd
0c94f7120af1dd1e52881cfb218fb4fda3f26d6971c0ebd317ba23b459dcaa1e
0d557f93bcc7decdbdd71a4dc3dc5bb920fce903721f4e9a5897aadaea67e0f9
0d9fda10530e0acec820b91e741136ff6ba5d24dc74a37220a8236a254a04fb2
13f520c00ebaaf005abbdeb0ea193e920c8bfef59aeb7bebd34442061473d018
14c0549120ebd90e7f7db3f13cb47dacb1c741c196885c31a0812f42cf41339f
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
17f56eafd0dfef56849ee0d63de990051f9a9092668781b4841b756d778ef6e7
1b287c2726d63d59e8c112eb40dd6839ca6fda17dbdddb656215b20564cbc02e
1b3ec5fbc3c013156f1fc01e274f6952afdfbb21f7dfc1843736f9a17555d503
1d4ddf14d9c8ebe35fd992eb7e975d0e4928c67704fddbaf38a2da265533f0c5
2105351e834119dcaa072974baaae3975f636cbb2619c466fb612af01c96c279
2231903638371ed6f332ab6c4482f1b0716e4aabf55b98b3efef17e07e0fa22e
2365cc11ef3d43f265b848c7164e5487c7a49d6af06c2938ac9272c8d91fc1a2
243ed9d04bf5e8260623fe86d0f1ee1c2e9636c94092fc60af190273f54cd8f8
26305a08644b4f51b55812cf0ecf879c22da303a365b3d2769baa1b54c028c4d
29f9f0905cba1e46be98c773f3b3034fe61eb50c352945a8297d227314c64743
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
30bf16a1d7080c3ed5683222d602081fe7332dc955ff31ab9b321e05276711b1
30ecc4cd36aa5d13b26bfdf89c9b0c41af9a3311985c0c878bcc687b9f55986a
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
332233ce0886ab37a701247c9121ae1f9fd0f3436dca93a93ecdc6259bd7adf8
3449973958008fa462efb86ad67ac29a4e2bc5f38ac081947fbe2f627ac42065
360cd718009b9e356e27bb0c26e48943a808a57df9f9d1672650a2dcd0867c26
361c3fe3c11a0fa81580e46d1b6928419bc5871c9416167baab060c0d341934d
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3d49ae8fb5513116d0f019c5e73e2326eac2d5e3792978cff0ff2f53ec2fe793
3dd103ba888c627706f31656287652d5fceb9ef7a7099eec5a07aac2f7d397dd
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
433cf2eee345703953bc345e124303126e22c0d491dee78d088df92d24532861
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43897b4750dad91cd470f62f0396b7e6513c2ad005f231d0ac756f7483a0438b
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4461d390ea72aac9e612f5190279550e883baf8f310b8ee9b9d0c8c1f5b319a6
44774be891c56e74c47471b718cc0846c3549496c82a9cda4ec4b47ccc325e35
44c62872d67e91415d562db69e868bb87f622a773f457f41f802b35b24c7d354
4686a917704d0e517dfe1c74138f2ebf2359b04d65570d55f566ca441a0c5590
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
490370127d101b2460b3deeafd009fcd3242559e64046ecdf90b9c12be8599c8
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c8a159651778f0ae37bbaf10b6d87d1451ead7f3abe06a5436c4935290d285e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
531542666aaa15f2b346f00a3ef5146390517298ab0959b496ef12b15dc0e101
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5b9b6400102f47473a74ad2024b0ce14b70f3ff887f5bca6cc234e14366ab2be
5beff48c3e7ba95facb73df023f25aa3ae9ac86b7d1ec3ae1cffce9c38f19a6e
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5ee2a16d4f8f9629ae75e0f94473f8601a4e0bf9527ba4467a094926e0947505
5f27f2d6fd0d7a35050e1868e67548df87f1c88964ee798f826cca6ea1cd747b
6004f629a46b665beb343646c65879a5a9f8c05d9db3b94664c04b35a2a0a677
60a7c0a991f3e79413e8a915f5803562fc0490e6cac0d1af75f1815e625242ac
61e5e897a116b6d8c2416a4f1d8b3df0242f19247fa52a1f0fbc27bd31d5d8fd
664b303922196881921c64236f7f42d005d0aa206f35e2499b4864f0dbab80a2
67d7cb7afb56ee620a4d283d05f216bb372a23a664fa226619bedf684614ea22
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6dd750a21e87d257c684b6dc6efe45d7171386fc4e61bcd7816ae2fb12b6558d
707009ebd075843a10654a31e762b04823c8a284b4db20c3136fdacad35b4546
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36
7207dca973a26eccd7e3914c179a691c4eaa02edc57ae2a3ca1518ef4fd3c93b
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
747411abbe7d509e2efa5eaf329ca51af21c78d55bf56c92e3676726fe7f68c2
75a57f1b22c392dfe14def03fab16a60f71bce4890f7e8aead7a1a8998d6aca6
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59
7c2589f966c01479236dda131a4942c70ba281e3be202cc12d56680f86977a54
8091f1ff2ac817adced3c0a3f7dc8da9b593d08756e3f5ab911d2fc8cfb0f7d1
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
86aa467317b27a01b7aaece3f8bf59634ded800a9a6bcfbfcf28e6079e03a437
87e16d2d6e3c836493cc8aca5fbb2f55c140a07bfb0ff2a9bc7425d42cd3e197
87ffd0c70b8d940c922a0106649b0327bb601eaa353b44e53d29069a9377659f
89f04c750cd4ab9fbf62bdbda5bb0a13491ed743708400e5db579a78f85d0d6e
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8b3383aa4c71f1d816bfaf33e3ef2e8ded067698a7798b9f306204d5777b140d
8cb7d14099073c15f077595ce8e7305944aadb3f96fe6bddb253e93159b3ba02
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
8eaade8a743abfb485ffe5f9b8a1b0399614fb92284eb5439e42886e0761cdb1
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
92da394ece2be5a561fb5ae2d3d175269c29ebb089fce1c88dfbcfc4030e7b20
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb
940237e5b80c927a656ad2ac73211077ac8fa628d5d07583ed42e911c2c140a8
97b4d981be00086d5db9b0ca2a64dc60c3ee5e96e9235d2d6136968579b19cd4
97ce414bf04f8d3b1cbc25b7643625c954e7403f2d923a8fd7c2991a9552bae3
989dea90c47659a4256d2bb0a90697f1fa986287ffd6b763cf69a2d3c81d75aa
99c6eb6c3f17d69837d604201ac0453a5677eef91484aee37e72dff818ddadbc
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b67c725ada249dd6e34571e4feb9b914d39a28356c376107b6ec07bc835c27b
9de63788976a6a3b3b75906d3cec42bcb25260d71199ab4826562c95e6db369f
9dfbb8e1be036059aea6dd87bdbefa7ecada3617fb3f404ba4647ebbbf8160b1
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a28eb32e6fa8bdd93165a7248a090b2cd79f68df7f96c7b86ccf002da23ea92c
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a7a5caa961515d26e451f40590000f258c465f2b17213a5eda0f627cb28a9df0
a7fa873458137fd66a27732ec9e5c389951578cc6a7ede6a0248431e1ebfb43c
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b49491dbfb4389e83afc2993ae4e7768a78dc4cd54feef10b885d2378d5db142
b49e35933fc7f3d13f0588ff34693b776544803689019e72d5b996bf711f9aeb
b5b2714d1c077d91ddd332573d305b21bd86a519ba0f3177b93f894e4c103cbe
b7bf4f406f5a9bf165c21dfebea2257eab80882e23e887a24756956daac44373
ba92f31903d0ed43a15811c0506b1c357fa04ff643140a3c0e162dfc66cd37eb
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
c1afda4e5ec51de511946228d2ff2f6ed95fd06cf8111b6025ab545bd7837c2e
c211e8775861eb70a495edc9b39d509002676809a57ed8090817e78f764b57fe
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c27414876349712983df81fb135ebf1c414976dde4a0e75d658e69f9dde06728
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c341e3b617ce3817b7fd4594439fe79c3670a664ef6593eb45ac89f8ea8ab160
c7f6468c8ac1542980b2d5f637fa933d7d00d2c6ff6690e34505d2aed0c0e23a
c853c08095e97fe82b720c113f308201e0071c3ab557f67746f3dbc305a02b2e
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cc3b04e00cede182123138355e4659b44ea24ad4a89243615203533591cedc61
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf66b1a88c1b59fe8d1068ff7ec392816c6a8a43a1d0647bd940591f09974446
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d112de6466ef345fbad5d15bd8cc6c5504261a96e8784a3543d108090ee8af44
d351ad9e0491a3bb72ba3995d0dfe67f6af54bbf7d97e18f43ff203ffc5efe1f
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f
d518ca0f9654ae293dea7463ea9eff24ec9fc04f66d0d9af59bd497920235617
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
d59823011623cf1f81ad963e70a691069c3ffc58c0ed9d31fedbf6f79605e48d
d66009f5a56d394f018691959e8ff472b757957713d287c56e29e643410edabf
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
d98d8b4a70e98068a431ae38d8d5c371518ac3591026f3339b3ba43af286c20d
dba94ce0bf3ae84f4ffd077c9b2837406696029c4eb4cf2f96b167457046047f
dcd992032d4fa261e69df1f527f37032277d07e8f2078b4abe374ac44879f791
de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
df8b0d1037f7c4e6ded5a2a96fd4bce4a82d5515d4113692314c4cd6da2bb068
e03da011f39a1f7bb67b68ef630b7b7c0cc35cf127b9988b7844a4da1dacd6ba
e0e5d050b5eb93e68bab974acc92f66a81c6f9b029aa39841711ee81c34fb62d
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3a8adeb3c8b533fb24417c31a32d1f29258dc428512c0d7c509fe40a085cac2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4752360b99e45da59742aea69b7a6999f4878e460df21f0c4182d2c6bfe62e0
e4830db81d44f21f3fd7589c56fff1dcc4fb917affb4a8aa0a71f4d0b8f6c1df
e543eefd74772c24cb757bfecd6dc37f4d5c5dcb24858d91d72fbc891cf5d11d
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
ea72d881287433899ca7ef3154c0acf7786c7d7b8de521679ce4414b9a0b47aa
ea9b4c460fe0ca12513bdb6b0e7eff77ea29080385b0f50bb188726a2d612565
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
eb737625065c520f706e862a8c734b60b35fdd73eb0ddb909fc9b8fca074e391
eb87c0447bd19366919bdb8913f775caca732ac31cbc5e5d42e4db5df39437ce
ec33b27f521aa469b8648d182fff1ca281b398927ea04f64fba6937044d9ed21
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f42bb60626379f6947b62f9bd73ee1cb85c753c2e7d6c3fcb436a4e0dd77ed39
f4fc394c8bd8b1b275243e4f2a83ed011200e02e0c35ec1942f540f82d7dc4c7
fba971016483d2b3a3a0fa8ce940ccb0257bb2521abb9301633289d454479969
fc56acc9f58e078d6b386029ebb12a9555e83e5a8d4c16976a28e145eb33291c
fef21a7ecb523072d65d5d653f70a31a17f779403d863ca6f317cb15a7b06490