www.urbandictionary.com Open in urlscan Pro
2a04:4e42:200::425 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://urbandictionary.com/
Effective URL:
https://www.urbandictionary.com/
Submission: On December 27 via api (December 27th 2021, 1:26:41 am UTC) from SG — Scanned from DE

Summary HTTP 535 Redirects Links 42 Behaviour Indicators

Summary

This website contacted 106 IPs in 12 countries across 89 domains to perform 535 HTTP transactions. The main IP is 2a04:4e42:200::425, located in United States and belongs to FASTLY, US. The main domain is www.urbandictionary.com.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2020 on March 22nd 2021. Valid for: a year.

This is the only time www.urbandictionary.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a04:4e42:a00... 2a04:4e42:a00::207	54113 (FASTLY) (FASTLY)
1	2a04:4e42:200... 2a04:4e42:200::425	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
4	34.107.179.104 34.107.179.104	15169 (GOOGLE) (GOOGLE)
6	2606:4700::68... 2606:4700::6812:678	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:9540	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2.18.235.93 2.18.235.93	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2606:4700::68... 2606:4700::6810:5714	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.111.9.57 23.111.9.57	33438 (HIGHWINDS2) (HIGHWINDS2)
2	2606:4700:10:... 2606:4700:10::6814:b944	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
2 4	2620:116:800d... 2620:116:800d:21:36a9:ecb:e518:b308	16509 (AMAZON-02) (AMAZON-02)
5	151.101.129.194 151.101.129.194	54113 (FASTLY) (FASTLY)
6	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	2606:4700:303... 2606:4700:3039::6815:c076	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::681a:68b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	35.190.23.99 35.190.23.99	15169 (GOOGLE) (GOOGLE)
1	2600:9000:211... 2600:9000:211e:d400:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1 3	13.35.253.75 13.35.253.75	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:401... 2a00:1450:4019:80c::2013	15169 (GOOGLE) (GOOGLE)
2	199.232.198.2 199.232.198.2	54113 (FASTLY) (FASTLY)
1 2	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	2600:1f18:730... 2600:1f18:730:b110:c4cb:f288:bc78:c53b	14618 (AMAZON-AES) (AMAZON-AES)
1	34.238.14.155 34.238.14.155	14618 (AMAZON-AES) (AMAZON-AES)
6	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1 1	54.81.54.221 54.81.54.221	14618 (AMAZON-AES) (AMAZON-AES)
1	23.20.7.162 23.20.7.162	14618 (AMAZON-AES) (AMAZON-AES)
1	142.250.184.230 142.250.184.230	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::ac43:4513	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	130.211.23.194 130.211.23.194	15169 (GOOGLE) (GOOGLE)
15	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
6	34.107.148.139 34.107.148.139	15169 (GOOGLE) (GOOGLE)
5	35.157.51.51 35.157.51.51	16509 (AMAZON-02) (AMAZON-02)
17	165.227.252.242 165.227.252.242	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
5	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
5	18.156.195.47 18.156.195.47	16509 (AMAZON-02) (AMAZON-02)
5	2602:803:c001... 2602:803:c001::200:194	26667 (RUBICONPR...) (RUBICONPROJECT)
5	213.19.147.42 213.19.147.42	26120 (RHYTHMONE) (RHYTHMONE)
8 27	185.33.221.15 185.33.221.15	29990 (ASN-APPNEX) (ASN-APPNEX)
2 10	216.52.2.19 216.52.2.19	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
9	18.184.69.62 18.184.69.62	16509 (AMAZON-02) (AMAZON-02)
5	184.31.84.150 184.31.84.150	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2.16.186.89 2.16.186.89	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
13 40	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
5	2.18.232.130 2.18.232.130	16625 (AKAMAI-AS) (AKAMAI-AS)
4 4	134.209.131.220 134.209.131.220	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
4	205.185.216.10 205.185.216.10	20446 (HIGHWINDS3) (HIGHWINDS3)
9 60	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
10	104.109.78.125 104.109.78.125	16625 (AKAMAI-AS) (AKAMAI-AS)
1	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 12	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
4 4	34.102.163.6 34.102.163.6	15169 (GOOGLE) (GOOGLE)
29 43	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
4	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5 6	2a05:d018:d29... 2a05:d018:d29:3605:15eb:8f8e:fe0:229e	16509 (AMAZON-02) (AMAZON-02)
5	18.197.42.49 18.197.42.49	16509 (AMAZON-02) (AMAZON-02)
4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
8 16	52.46.130.91 52.46.130.91	16509 (AMAZON-02) (AMAZON-02)
4 4	64.202.112.63 64.202.112.63	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
6	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
3 6	37.157.4.24 37.157.4.24	198622 (ADFORM) (ADFORM)
2 2	213.155.156.184 213.155.156.184	1299 (TWELVE99 ...) (TWELVE99 Twelve99)
5	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4 16	185.29.134.244 185.29.134.244	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1	185.64.190.81 185.64.190.81	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3 3	51.210.112.236 51.210.112.236	16276 (OVH) (OVH)
2 4	52.19.22.209 52.19.22.209	16509 (AMAZON-02) (AMAZON-02)
1 2	2606:4700:10:... 2606:4700:10::ac43:db6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 7	159.122.14.34 159.122.14.34	36351 (SOFTLAYER) (SOFTLAYER)
12	13.32.27.72 13.32.27.72	16509 (AMAZON-02) (AMAZON-02)
9	185.64.189.226 185.64.189.226	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4	18.159.117.129 18.159.117.129	16509 (AMAZON-02) (AMAZON-02)
18	37.157.6.253 37.157.6.253	198622 (ADFORM) (ADFORM)
1	185.170.61.202 185.170.61.202	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1	52.16.124.238 52.16.124.238	16509 (AMAZON-02) (AMAZON-02)
6	192.132.33.46 192.132.33.46	18568 (BIDTELLECT) (BIDTELLECT)
1 1	54.175.36.162 54.175.36.162	14618 (AMAZON-AES) (AMAZON-AES)
2 2	44.193.191.16 44.193.191.16	14618 (AMAZON-AES) (AMAZON-AES)
6 7	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
1	2606:4700:303... 2606:4700:3039::6815:c079	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2.18.234.233 2.18.234.233	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	34.197.43.243 34.197.43.243	14618 (AMAZON-AES) (AMAZON-AES)
1 1	154.59.122.79 154.59.122.79	174 (COGENT-174) (COGENT-174)
3 3	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
4	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
39	37.157.2.248 37.157.2.248	198622 (ADFORM) (ADFORM)
4	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
4 4	2.19.35.65 2.19.35.65	16625 (AKAMAI-AS) (AKAMAI-AS)
9 9	18.192.154.98 18.192.154.98	16509 (AMAZON-02) (AMAZON-02)
5 5	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
1	34.120.133.55 34.120.133.55	15169 (GOOGLE) (GOOGLE)
1	52.86.156.15 52.86.156.15	14618 (AMAZON-AES) (AMAZON-AES)
4	185.29.134.249 185.29.134.249	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
6	138.201.63.116 138.201.63.116	24940 (HETZNER-AS) (HETZNER-AS)
2	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2 2	54.77.6.213 54.77.6.213	16509 (AMAZON-02) (AMAZON-02)
1	2a02:fa8:8806... 2a02:fa8:8806:13::1370	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	66.155.71.25 66.155.71.25	13768 (COGECO-PEER1) (COGECO-PEER1)
2 2	35.156.3.27 35.156.3.27	16509 (AMAZON-02) (AMAZON-02)
1 1	34.199.172.6 34.199.172.6	14618 (AMAZON-AES) (AMAZON-AES)
3 3	18.196.197.61 18.196.197.61	16509 (AMAZON-02) (AMAZON-02)
1 2	52.95.119.178 52.95.119.178	16509 (AMAZON-02) (AMAZON-02)
1	54.172.254.117 54.172.254.117	14618 (AMAZON-AES) (AMAZON-AES)
1 2	13.55.197.144 13.55.197.144	16509 (AMAZON-02) (AMAZON-02)
2 2	185.184.10.30 185.184.10.30	203690 (RTB-HOUSE...) (RTB-HOUSE-ASH)
1	8.43.72.98 8.43.72.98	26667 (RUBICONPR...) (RUBICONPROJECT)
1 5	144.76.238.55 144.76.238.55	24940 (HETZNER-AS) (HETZNER-AS)
1 5	78.46.111.106 78.46.111.106	24940 (HETZNER-AS) (HETZNER-AS)
3	217.79.188.60 217.79.188.60	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2	217.79.188.54 217.79.188.54	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
4	159.69.70.9 159.69.70.9	24940 (HETZNER-AS) (HETZNER-AS)
1	88.99.69.161 88.99.69.161	24940 (HETZNER-AS) (HETZNER-AS)
2 2	145.239.193.130 145.239.193.130	16276 (OVH) (OVH)
1	88.198.250.30 88.198.250.30	24940 (HETZNER-AS) (HETZNER-AS)
2	46.236.13.147 46.236.13.147	12703 (PULSANT-AS) (PULSANT-AS)
1 1	94.23.99.218 94.23.99.218	16276 (OVH) (OVH)
1	54.76.176.197 54.76.176.197	16509 (AMAZON-02) (AMAZON-02)
1	104.111.239.217 104.111.239.217	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
6	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	143.204.209.94 143.204.209.94	16509 (AMAZON-02) (AMAZON-02)
1	198.47.127.20 198.47.127.20	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	3.248.87.88 3.248.87.88	16509 (AMAZON-02) (AMAZON-02)
535	106

1 2a04:4e42:a00::207 (United States) 1 redirects

ASN54113 (FASTLY, US)

urbandictionary.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::425 (United States)

ASN54113 (FASTLY, US)

www.urbandictionary.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.107.179.104 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 104.179.107.34.bc.googleusercontent.com

g.udimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6812:678 (United States)

ASN13335 (CLOUDFLARENET, US)

cookie-cdn.cookiepro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:9540 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lg3.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.111.9.57 (United States)

ASN33438 (HIGHWINDS2, US)

twemoji.maxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6814:b944 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:116:800d:21:36a9:ecb:e518:b308 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.129.194 (United States)

ASN54113 (FASTLY, US)

clarium.global.ssl.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3039::6815:c076 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

urbandictionary-com.videoplayerhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:68b (United States)

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.23.99 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 99.23.190.35.bc.googleusercontent.com

click.udimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:d400:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.35.253.75 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-75.fra6.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4019:80c::2013 (Ireland)

ASN15169 (GOOGLE, US)

api.urbandictionary.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.232.198.2 (United States)

ASN54113 (FASTLY, US)

media.giphy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:730:b110:c4cb:f288:bc78:c53b (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.238.14.155 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-238-14-155.compute-1.amazonaws.com

rp4.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.81.54.221 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-81-54-221.compute-1.amazonaws.com

px.britepool.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.20.7.162 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-20-7-162.compute-1.amazonaws.com

thrtle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4513 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.157.51.51 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-51-51.eu-central-1.compute.amazonaws.com

btlr.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 165.227.252.242 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

e.serverbid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.156.195.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com

c2shb.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2602:803:c001::200:194 (San Jose, United States)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 213.19.147.42 (United Kingdom)

ASN26120 (RHYTHMONE, US)

tag.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 185.33.221.15 (Amsterdam, Netherlands) 8 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 216.52.2.19 (United States) 2 redirects

ASN30282 (AS-INAPCDN-OCY, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 18.184.69.62 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-69-62.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 184.31.84.150 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-84-150.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.186.89 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-89.deploy.static.akamaitechnologies.com

res-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cf946a16b6dc5b3b3a7f8207ac7c9a78.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 2.18.234.21 (Frankfurt am Main, Germany) 13 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.18.232.130 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 134.209.131.220 (North Bergen, United States) 4 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

sync.serverbid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 205.185.216.10 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net

serverbid-sync.nyc3.cdn.digitaloceanspaces.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

60 76.223.111.18 (United States) 9 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 35.71.131.137 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.102.163.6 (Kansas City, United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: 6.163.102.34.bc.googleusercontent.com

ad.mrtnsvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

43 142.250.186.130 (United States) 29 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a05:d018:d29:3605:15eb:8f8e:fe0:229e (Dublin, Ireland) 5 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.197.42.49 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-42-49.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 52.46.130.91 (Ashburn, United States) 8 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 64.202.112.63 (United States) 4 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.157.4.24 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.184 (Uppsala, Sweden) 2 redirects

ASN1299 (TWELVE99 Twelve99, Telia Carrier, SE)
PTR: 213-155-156-184.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 185.29.134.244 (United Kingdom) 4 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.210.112.236 (France) 3 redirects

ASN16276 (OVH, FR)
PTR: pikafka-1.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.19.22.209 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-22-209.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
id.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::ac43:db6 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 159.122.14.34 (United States) 4 redirects

ASN36351 (SOFTLAYER, US)
PTR: 22.0e.7a9f.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 13.32.27.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-72.fra56.r.cloudfront.net

ib.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 185.64.189.226 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

t.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.159.117.129 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-117-129.eu-central-1.compute.amazonaws.com

protected-by.clarium.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 37.157.6.253 (Denmark)

ASN198622 (ADFORM, DK)
PTR: s1.adform.net

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.170.61.202 (Canada)

ASN27381 (CASALE-MEDIA, CA)

a5261.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.16.124.238 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-124-238.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com

bttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.175.36.162 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-36-162.compute-1.amazonaws.com

beacon.lynx.cognitivlabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.193.191.16 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-193-191-16.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 151.101.2.49 (United States) 6 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3039::6815:c079 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-233.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.197.43.243 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-43-243.compute-1.amazonaws.com

nep.advangelists.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 154.59.122.79 (United States) 1 redirects

ASN174 (COGENT-174, US)

ums.acuityplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.165 (Frankfurt am Main, Germany) 3 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 37.157.2.248 (Denmark)

ASN198622 (ADFORM, DK)

s1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

gift-connect-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.19.35.65 (Frankfurt am Main, Germany) 4 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 18.192.154.98 (Frankfurt am Main, Germany) 9 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-154-98.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.156.0.31 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.86.156.15 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-156-15.compute-1.amazonaws.com

idx.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.29.134.249 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)

tags.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 138.201.63.116 (Hockenheim, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.116.63.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.77.6.213 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-6-213.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:13::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)

triplelift-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.25 (Portsmouth, United Kingdom) 1 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.156.3.27 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-3-27.eu-central-1.compute.amazonaws.com

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.199.172.6 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-172-6.compute-1.amazonaws.com

sync.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.196.197.61 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-197-61.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.95.119.178 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.172.254.117 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-172-254-117.compute-1.amazonaws.com

rtb.adentifi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.55.197.144 (Sydney, Australia) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-55-197-144.ap-southeast-2.compute.amazonaws.com

sasinator.realestate.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.10.30 (Poland) 2 redirects

ASN203690 (RTB-HOUSE-ASH, PL)
PTR: ip-185-184-10-30.rtbhouse.net

us.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)

pixel-us-east.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 144.76.238.55 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.55.238.76.144.clients.your-server.de

hal900021.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 78.46.111.106 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.106.111.46.78.clients.your-server.de

hal900027.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 217.79.188.60 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: imagesrv.adition.com

imagesrv.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 217.79.188.54 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: aa.adfarm1.adition.com

ad13.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 159.69.70.9 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.9.70.69.159.clients.your-server.de

hal900017.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.99.69.161 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.161.69.99.88.clients.your-server.de

cdn.contentspread.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 145.239.193.130 (France) 2 redirects

ASN16276 (OVH, FR)

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.198.250.30 (Mannheim, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-250-30.clients.your-server.de

pb.media01.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.236.13.147 (United Kingdom)

ASN12703 (PULSANT-AS, GB)
PTR: 46-236-13-147.servers.dedipower.net

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.23.99.218 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip218.ip-94-23-99.eu

medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.76.176.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com

ad-server.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.239.217 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.209.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-209-94.fra53.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.20 (United States)

ASN62713 (AS-PUBMATIC, US)

simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.248.87.88 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-87-88.eu-west-1.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
81	3lift.com 9 redirects tlx.3lift.com eb2.3lift.com ib.3lift.com	296 KB
63	adform.net 3 redirects c1.adform.net track.adform.net s1.adform.net	505 KB
61	doubleclick.net 29 redirects ad.doubleclick.net securepubads.g.doubleclick.net cm.g.doubleclick.net googleads.g.doubleclick.net	183 KB
38	casalemedia.com 13 redirects htlb.casalemedia.com ssum-sec.casalemedia.com a5261.casalemedia.com dsum-sec.casalemedia.com	41 KB
32	adnxs.com 8 redirects ib.adnxs.com acdn.adnxs.com	104 KB
28	pubmatic.com ads.pubmatic.com hbopenbid.pubmatic.com image6.pubmatic.com image2.pubmatic.com image4.pubmatic.com simage2.pubmatic.com t.pubmatic.com simage4.pubmatic.com	181 KB
27	rubiconproject.com 7 redirects fastlane.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com pixel.rubiconproject.com secure-assets.rubiconproject.com pixel-us-east.rubiconproject.com	62 KB
22	mathtag.com 4 redirects sync.mathtag.com tags.mathtag.com pixel.mathtag.com	14 KB
21	googlesyndication.com pagead2.googlesyndication.com cf946a16b6dc5b3b3a7f8207ac7c9a78.safeframe.googlesyndication.com tpc.googlesyndication.com	95 KB
21	serverbid.com 4 redirects e.serverbid.com sync.serverbid.com	6 KB
20	redintelligence.net 2 redirects hal9000.redintelligence.net hal900021.redintelligence.net hal900027.redintelligence.net hal900017.redintelligence.net	276 KB
18	amazon-adsystem.com 9 redirects s.amazon-adsystem.com aax-eu.amazon-adsystem.com	9 KB
16	yahoo.com 10 redirects c2shb.ssp.yahoo.com pr-bh.ybp.yahoo.com ups.analytics.yahoo.com	7 KB
16	media.net contextual.media.net lg3.media.net prebid.media.net	207 KB
12	adsrvr.org 2 redirects match.adsrvr.org	4 KB
10	lijit.com 2 redirects ap.lijit.com	4 KB
9	advertising.com 9 redirects pixel.advertising.com	3 KB
8	indexww.com js-sec.indexww.com	8 KB
7	everesttech.net 6 redirects sync-tm.everesttech.net	2 KB
7	simpli.fi 4 redirects um.simpli.fi	3 KB
7	gstatic.com fonts.gstatic.com	95 KB
6	cloudflare.com cdnjs.cloudflare.com	50 KB
6	bttrack.com bttrack.com	2 KB
6	googletagservices.com www.googletagservices.com	209 KB
6	cookiepro.com cookie-cdn.cookiepro.com	101 KB
6	urbandictionary.com 1 redirects urbandictionary.com www.urbandictionary.com api.urbandictionary.com	30 KB
5	adition.com imagesrv.adition.com ad13.adfarm1.adition.com	37 KB
5	bidswitch.net x.bidswitch.net	1 KB
5	1rx.io tag.1rx.io	895 B
5	sharethrough.com btlr.sharethrough.com	5 KB
5	fastly.net clarium.global.ssl.fastly.net	179 KB
5	udimg.com g.udimg.com click.udimg.com	201 KB
4	openx.net gift-connect-d.openx.net	417 B
4	clarium.io protected-by.clarium.io	1 KB
4	crwdcntrl.net 2 redirects sync.crwdcntrl.net bcp.crwdcntrl.net id.crwdcntrl.net	2 KB
4	zemanta.com 4 redirects b1sync.zemanta.com	1 KB
4	bing.com c.bing.com	1 KB
4	linkedin.com px.ads.linkedin.com	2 KB
4	mrtnsvr.com 4 redirects ad.mrtnsvr.com	715 B
4	digitaloceanspaces.com serverbid-sync.nyc3.cdn.digitaloceanspaces.com	17 KB
4	criteo.com 1 redirects gum.criteo.com mug.criteo.com	1 KB
4	quantserve.com 2 redirects secure.quantserve.com pixel.quantserve.com cms.quantserve.com	11 KB
3	webgains.io analytics.webgains.io api.webgains.io	51 KB
3	medialead.de 3 redirects pv.medialead.de medialead.de	2 KB
3	w55c.net 3 redirects pm.w55c.net	2 KB
3	onaudience.com 3 redirects pixel.onaudience.com	1 KB
3	google.com adservice.google.com www.google.com	2 KB
3	liadm.com 1 redirects rp.liadm.com rp4.liadm.com idx.liadm.com	2 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
2	webgains.com track.webgains.com	2 KB
2	creativecdn.com 2 redirects us.creativecdn.com	761 B
2	realestate.com.au 1 redirects sasinator.realestate.com.au	1 KB
2	mfadsrvr.com 2 redirects rtb.mfadsrvr.com	1 KB
2	bidr.io 2 redirects match.prod.bidr.io	1004 B
2	rlcdn.com id.rlcdn.com api.rlcdn.com	334 B
2	stackadapt.com 2 redirects sync.srv.stackadapt.com	880 B
2	zeotap.com 1 redirects spl.zeotap.com mwzeom.zeotap.com	899 B
2	de17a.com 2 redirects d5p.de17a.com	637 B
2	giphy.com media.giphy.com	27 KB
2	btloader.com btloader.com api.btloader.com	5 KB
2	onetrust.com geolocation.onetrust.com	622 B
2	jsdelivr.net cdn.jsdelivr.net	201 KB
2	googleapis.com fonts.googleapis.com	2 KB
1	travelaudience.com 1 redirects ads.travelaudience.com	521 B
1	awin1.com www.awin1.com	702 B
1	ad-server.eu ad-server.eu	312 B
1	media01.eu pb.media01.eu	630 B
1	contentspread.net cdn.contentspread.net	1 KB
1	adentifi.com rtb.adentifi.com	88 B
1	ipredictive.com 1 redirects sync.ipredictive.com	462 B
1	sitescout.com 1 redirects pixel-sync.sitescout.com	284 B
1	dotomi.com triplelift-match.dotomi.com	104 B
1	turn.com 1 redirects ad.turn.com	412 B
1	acuityplatform.com 1 redirects ums.acuityplatform.com	637 B
1	advangelists.com 1 redirects nep.advangelists.com	232 B
1	stickyadstv.com ads.stickyadstv.com	727 B
1	ad4m.at ad4m.at
1	cognitivlabs.com 1 redirects beacon.lynx.cognitivlabs.com	378 B
1	demdex.net dpm.demdex.net
1	akamaihd.net res-a.akamaihd.net	17 KB
1	ad-delivery.net ad-delivery.net	936 B
1	thrtle.com thrtle.com
1	britepool.com 1 redirects px.britepool.com api.britepool.com Failed	650 B
1	quantcount.com rules.quantcount.com	565 B
1	videoplayerhub.com 1 redirects urbandictionary-com.videoplayerhub.com	551 B
1	google-analytics.com www.google-analytics.com	20 KB
1	maxcdn.com twemoji.maxcdn.com	5 KB
1	cookielaw.org cdn.cookielaw.org	6 KB
0	hgrtb.com Failed sync.hgrtb.com Failed
535	89

	Domain	Requested by
60	eb2.3lift.com	9 redirects ads.pubmatic.com eb2.3lift.com www.urbandictionary.com ib.3lift.com
43	cm.g.doubleclick.net	29 redirects eb2.3lift.com googleads.g.doubleclick.net cf946a16b6dc5b3b3a7f8207ac7c9a78.safeframe.googlesyndication.com
39	s1.adform.net	clarium.global.ssl.fastly.net track.adform.net s1.adform.net www.urbandictionary.com
27	ib.adnxs.com	8 redirects ads.pubmatic.com acdn.adnxs.com ssum-sec.casalemedia.com eb2.3lift.com googleads.g.doubleclick.net
18	track.adform.net	clarium.global.ssl.fastly.net ib.3lift.com s1.adform.net hal900021.redintelligence.net hal900027.redintelligence.net
17	e.serverbid.com	ads.pubmatic.com serverbid-sync.nyc3.cdn.digitaloceanspaces.com
16	dsum-sec.casalemedia.com	5 redirects ssum-sec.casalemedia.com googleads.g.doubleclick.net
16	sync.mathtag.com	4 redirects tags.mathtag.com sync.mathtag.com www.urbandictionary.com
16	ssum-sec.casalemedia.com	8 redirects js-sec.indexww.com ssum-sec.casalemedia.com
16	s.amazon-adsystem.com	8 redirects eb2.3lift.com ssum-sec.casalemedia.com
15	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.urbandictionary.com
13	pagead2.googlesyndication.com	securepubads.g.doubleclick.net cf946a16b6dc5b3b3a7f8207ac7c9a78.safeframe.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
12	ib.3lift.com	clarium.global.ssl.fastly.net ib.3lift.com www.urbandictionary.com
12	match.adsrvr.org	2 redirects eb2.3lift.com ssum-sec.casalemedia.com ads.pubmatic.com
10	eus.rubiconproject.com	ads.pubmatic.com eus.rubiconproject.com serverbid-sync.nyc3.cdn.digitaloceanspaces.com
10	ap.lijit.com	2 redirects ads.pubmatic.com
9	pixel.advertising.com	9 redirects
9	t.pubmatic.com	ads.pubmatic.com
9	tlx.3lift.com	ads.pubmatic.com www.urbandictionary.com
8	js-sec.indexww.com	ads.pubmatic.com ssum-sec.casalemedia.com
8	contextual.media.net	www.urbandictionary.com contextual.media.net ads.pubmatic.com
7	sync-tm.everesttech.net	6 redirects ssum-sec.casalemedia.com
7	um.simpli.fi	4 redirects ads.pubmatic.com ssum-sec.casalemedia.com
7	fonts.gstatic.com	fonts.googleapis.com
6	cdnjs.cloudflare.com	s1.adform.net
6	hal9000.redintelligence.net	www.urbandictionary.com cf946a16b6dc5b3b3a7f8207ac7c9a78.safeframe.googlesyndication.com hal900017.redintelligence.net
6	bttrack.com	ssum-sec.casalemedia.com serverbid-sync.nyc3.cdn.digitaloceanspaces.com eb2.3lift.com
6	c1.adform.net	3 redirects ads.pubmatic.com ssum-sec.casalemedia.com eb2.3lift.com
6	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com cf946a16b6dc5b3b3a7f8207ac7c9a78.safeframe.googlesyndication.com googleads.g.doubleclick.net
6	pr-bh.ybp.yahoo.com	5 redirects ssum-sec.casalemedia.com
6	prebid.media.net	contextual.media.net ads.pubmatic.com
6	www.googletagservices.com	www.urbandictionary.com clarium.global.ssl.fastly.net cf946a16b6dc5b3b3a7f8207ac7c9a78.safeframe.googlesyndication.com
6	ads.pubmatic.com	www.urbandictionary.com ads.pubmatic.com
6	cookie-cdn.cookiepro.com	www.urbandictionary.com cookie-cdn.cookiepro.com
5	hal900027.redintelligence.net	1 redirects www.urbandictionary.com hal900027.redintelligence.net
5	hal900021.redintelligence.net	1 redirects www.urbandictionary.com hal900021.redintelligence.net
5	ups.analytics.yahoo.com	5 redirects
5	x.bidswitch.net	eb2.3lift.com
5	acdn.adnxs.com	ads.pubmatic.com
5	htlb.casalemedia.com	ads.pubmatic.com
5	tag.1rx.io	ads.pubmatic.com
5	fastlane.rubiconproject.com	ads.pubmatic.com
5	c2shb.ssp.yahoo.com	ads.pubmatic.com
5	hbopenbid.pubmatic.com	ads.pubmatic.com
5	btlr.sharethrough.com	ads.pubmatic.com
5	clarium.global.ssl.fastly.net	www.urbandictionary.com
4	hal900017.redintelligence.net	hal9000.redintelligence.net hal900017.redintelligence.net
4	tags.mathtag.com	ib.3lift.com tags.mathtag.com
4	secure-assets.rubiconproject.com	4 redirects
4	gift-connect-d.openx.net	serverbid-sync.nyc3.cdn.digitaloceanspaces.com
4	pixel.rubiconproject.com
4	protected-by.clarium.io	www.urbandictionary.com
4	b1sync.zemanta.com	4 redirects
4	c.bing.com	eb2.3lift.com
4	px.ads.linkedin.com	eb2.3lift.com
4	ad.mrtnsvr.com	4 redirects
4	serverbid-sync.nyc3.cdn.digitaloceanspaces.com	ads.pubmatic.com
4	sync.serverbid.com	4 redirects
4	api.urbandictionary.com	cdn.jsdelivr.net www.urbandictionary.com
4	g.udimg.com	www.urbandictionary.com
3	imagesrv.adition.com	s1.adform.net www.urbandictionary.com
3	pm.w55c.net	3 redirects
3	token.rubiconproject.com	3 redirects
3	pixel.onaudience.com	3 redirects
3	image2.pubmatic.com	ads.pubmatic.com
3	sb.scorecardresearch.com	1 redirects www.urbandictionary.com
2	api.webgains.io	analytics.webgains.io
2	track.webgains.com	www.urbandictionary.com cf946a16b6dc5b3b3a7f8207ac7c9a78.safeframe.googlesyndication.com
2	pv.medialead.de	2 redirects
2	ad13.adfarm1.adition.com	s1.adform.net ad13.adfarm1.adition.com
2	us.creativecdn.com	2 redirects
2	sasinator.realestate.com.au	1 redirects eb2.3lift.com
2	aax-eu.amazon-adsystem.com	1 redirects eb2.3lift.com
2	cms.quantserve.com	2 redirects
2	rtb.mfadsrvr.com	2 redirects
2	match.prod.bidr.io	2 redirects
2	googleads.g.doubleclick.net	cf946a16b6dc5b3b3a7f8207ac7c9a78.safeframe.googlesyndication.com www.urbandictionary.com
2	pixel.mathtag.com	tags.mathtag.com
2	sync.srv.stackadapt.com	2 redirects
2	simage2.pubmatic.com	ads.pubmatic.com
2	sync.crwdcntrl.net	2 redirects
2	d5p.de17a.com	2 redirects
2	cf946a16b6dc5b3b3a7f8207ac7c9a78.safeframe.googlesyndication.com	securepubads.g.doubleclick.net clarium.global.ssl.fastly.net
2	adservice.google.com	securepubads.g.doubleclick.net
2	mug.criteo.com	www.urbandictionary.com
2	gum.criteo.com	1 redirects
2	media.giphy.com	www.urbandictionary.com
2	lg3.media.net	www.urbandictionary.com contextual.media.net
2	geolocation.onetrust.com	cdn.cookielaw.org cookie-cdn.cookiepro.com
2	cdn.jsdelivr.net	www.urbandictionary.com
2	fonts.googleapis.com	www.urbandictionary.com hal900017.redintelligence.net
1	simage4.pubmatic.com	ads.pubmatic.com
1	analytics.webgains.io	track.webgains.com
1	ads.travelaudience.com	1 redirects
1	www.awin1.com	cf946a16b6dc5b3b3a7f8207ac7c9a78.safeframe.googlesyndication.com
1	ad-server.eu	cf946a16b6dc5b3b3a7f8207ac7c9a78.safeframe.googlesyndication.com
1	medialead.de	1 redirects
1	pb.media01.eu	hal900017.redintelligence.net
1	cdn.contentspread.net	hal900021.redintelligence.net
1	pixel-us-east.rubiconproject.com	serverbid-sync.nyc3.cdn.digitaloceanspaces.com
1	rtb.adentifi.com	eb2.3lift.com
1	sync.ipredictive.com	1 redirects
1	pixel-sync.sitescout.com	1 redirects
1	triplelift-match.dotomi.com	eb2.3lift.com
1	ad.turn.com	1 redirects
1	id.crwdcntrl.net	ads.pubmatic.com
1	idx.liadm.com	ads.pubmatic.com
1	api.rlcdn.com	ads.pubmatic.com
1	www.google.com	tpc.googlesyndication.com
1	id.rlcdn.com
1	ums.acuityplatform.com	1 redirects
1	bcp.crwdcntrl.net	ssum-sec.casalemedia.com
1	nep.advangelists.com	1 redirects
1	ads.stickyadstv.com	ssum-sec.casalemedia.com
1	ad4m.at	ssum-sec.casalemedia.com
1	beacon.lynx.cognitivlabs.com	1 redirects
1	dpm.demdex.net	ssum-sec.casalemedia.com
1	a5261.casalemedia.com	clarium.global.ssl.fastly.net
1	mwzeom.zeotap.com	ads.pubmatic.com
1	spl.zeotap.com	1 redirects
1	image4.pubmatic.com	ads.pubmatic.com
1	image6.pubmatic.com	ads.pubmatic.com
1	res-a.akamaihd.net	www.urbandictionary.com
1	api.btloader.com	urbandictionary-com.videoplayerhub.com
1	ad-delivery.net	www.urbandictionary.com
1	ad.doubleclick.net	www.urbandictionary.com
1	thrtle.com	www.urbandictionary.com
1	px.britepool.com	1 redirects
1	rp4.liadm.com	www.urbandictionary.com
1	rp.liadm.com	1 redirects
1	pixel.quantserve.com	www.urbandictionary.com
1	rules.quantcount.com	secure.quantserve.com
1	click.udimg.com	www.urbandictionary.com
1	btloader.com	www.urbandictionary.com
1	urbandictionary-com.videoplayerhub.com	1 redirects
1	secure.quantserve.com	www.urbandictionary.com
1	www.google-analytics.com	www.urbandictionary.com
1	twemoji.maxcdn.com	www.urbandictionary.com
1	cdn.cookielaw.org	www.urbandictionary.com
1	www.urbandictionary.com
1	urbandictionary.com	1 redirects
0	sync.hgrtb.com Failed	eb2.3lift.com
0	api.britepool.com Failed	ads.pubmatic.com
535	143

This site contains links to these domains. Also see Links.

Domain
urbandictionary.store
urbandictionary.blog
www.addthis.com
ads.urbandictionary.com
about.urbandictionary.com
urbandictionary.wufoo.com
help.urbandictionary.com
www.twitter.com
www.facebook.com
eepurl.com
cookiepedia.co.uk
onetrust.com

Subject Issuer	Validity	Valid
*.urbandictionary.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
g.udimg.com GTS CA 1D4	`2021-12-22` - `2022-03-22`	3 months	crt.sh
cookiepro.com Cloudflare Inc ECC CA-3	`2021-05-20` - `2022-05-19`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2021-06-01` - `2022-05-31`	a year	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2021-04-12` - `2022-04-20`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-03` - `2022-07-02`	a year	crt.sh
twemoji.maxcdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-10-13` - `2022-11-09`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2021-02-12` - `2022-02-11`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.freetls.fastly.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-27` - `2022-05-29`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
click.udimg.com GTS CA 1D4	`2021-12-20` - `2022-03-20`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
api.urbandictionary.com GTS CA 1D4	`2021-12-12` - `2022-03-12`	3 months	crt.sh
*.giphy.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-05-03` - `2022-06-04`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-12-01` - `2022-02-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
api.btloader.com GTS CA 1D4	`2021-12-25` - `2022-03-25`	3 months	crt.sh
*.sharethrough.com Amazon	`2021-08-13` - `2022-09-11`	a year	crt.sh
e.serverbid.com R3	`2021-10-22` - `2022-01-20`	3 months	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-10-14` - `2022-04-06`	6 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.1rx.io Sectigo RSA Domain Validation Secure Server CA	`2021-06-01` - `2022-07-02`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2021-03-11` - `2022-04-12`	a year	crt.sh
*.3lift.com Amazon	`2021-06-12` - `2022-07-11`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-12-12` - `2022-12-13`	a year	crt.sh
a248.e.akamai.net DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2021-03-11` - `2022-02-07`	a year	crt.sh
*.nyc3.cdn.digitaloceanspaces.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-30`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2021-12-06` - `2022-06-06`	6 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2021-12-22` - `2022-06-22`	6 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2021-10-27` - `2022-11-27`	a year	crt.sh
protected-by.clarium.io Gandi Standard SSL CA 2	`2020-04-03` - `2022-04-26`	2 years	crt.sh
casalemedia.com Go Daddy Secure Certificate Authority - G2	`2021-01-13` - `2022-02-14`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-19` - `2022-11-19`	a year	crt.sh
*.bttrack.com Sectigo RSA Domain Validation Secure Server CA	`2021-03-29` - `2022-03-29`	a year	crt.sh
ads.stickyadstv.com DigiCert SHA2 Secure Server CA	`2021-09-19` - `2022-09-20`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2021-04-29` - `2022-05-31`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-08-24` - `2022-02-16`	6 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.liadm.com Amazon	`2021-10-31` - `2022-11-28`	a year	crt.sh
*.mathtag.com DigiCert SHA2 Secure Server CA	`2020-04-15` - `2022-04-22`	2 years	crt.sh
redintelligence.net R3	`2021-12-21` - `2022-03-21`	3 months	crt.sh
pixel.mathtag.com DigiCert SHA2 Secure Server CA	`2021-06-29` - `2022-07-07`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2021-08-10` - `2022-09-11`	a year	crt.sh
adentifi.com Amazon	`2021-09-04` - `2022-10-03`	a year	crt.sh
*.adition.com AlphaSSL CA - SHA256 - G2	`2021-04-15` - `2022-05-17`	a year	crt.sh
*.adfarm1.adition.com AlphaSSL CA - SHA256 - G2	`2021-05-21` - `2022-06-22`	a year	crt.sh
contentspread.net R3	`2021-12-03` - `2022-03-03`	3 months	crt.sh
*.media01.eu RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-05-27` - `2022-05-27`	a year	crt.sh
*.webgains.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-20` - `2022-06-20`	a year	crt.sh
www.awin1.com DigiCert SHA2 Secure Server CA	`2021-06-11` - `2022-06-16`	a year	crt.sh
*.webgains.io Amazon	`2021-03-12` - `2022-04-10`	a year	crt.sh

This page contains 75 frames:

Primary Page: https://www.urbandictionary.com/
Frame ID: 41FB623A0218CE9CF7EC2176BB9FFCC2
Requests: 143 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8HBY45V83&prvid=2033%2C3020%2C2030%2C3018%2C3017%2C3016%2C3015%2C3014%2C238%2C117%2C54%2C99%2C77%2C3012%2C3010%2C184%2C141%2C241%2C188%2C3007%2C102%2C4%2C246%2C203%2C226%2C10000%2C9%2C108%2C208&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&uspstring=1---&itype=HB-CM
Frame ID: B0321154A09487AF59D89ED91EC5CA4F
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/4a/nrrV25277.js
Frame ID: 99B55AA688C66CD8F392FE66BFE52757
Requests: 7 HTTP requests in this frame

Frame: https://cf946a16b6dc5b3b3a7f8207ac7c9a78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0DA5B792E1AA4E087D37804D22F0E241
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 3547E94172283656CA5EE270FFD9E3FB
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 75BA74167DC75017D9826A138874DF8E
Requests: 3 HTTP requests in this frame

Frame: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/1032790.html
Frame ID: 64CB70FF045419A83B264030AFCA4C5B
Requests: 5 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156796
Frame ID: D678032946875D6D8E0854D9FC79277F
Requests: 11 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156796
Frame ID: 8FBB3F8D28EB2635D82B16DBC38444C6
Requests: 1 HTTP requests in this frame

Frame: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/1032790.html
Frame ID: 24E524C092A81899960E1601A9CE23AC
Requests: 5 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU4TR801&prvid=2034%2C2033%2C193%2C2030%2C273%2C157%2C2027%2C2026%2C159%2C238%2C117%2C97%2C99%2C55%2C56%2C59%2C3012%2C122%2C3008%2C3007%2C3%2C201%2C4%2C246%2C203%2C126%2C9%2C208%2C171%2C251%2C175%2C132%2C255%2C178%2C3018%2C3017%2C3016%2C214%2C3015%2C3014%2C76%2C77%2C38%2C182%2C261%2C184%2C262%2C141%2C186%2C188%2C222%2C102%2C301%2C225%2C226%2C106%2C80%2C10000%2C229%2C108%2C109&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=PREBID
Frame ID: AE3CB9C24544A76468D6DD0BBF787502
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: BC4E64048536060CE2709B038B450BFD
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU4TR801&prvid=2034%2C2033%2C193%2C2030%2C273%2C157%2C2027%2C2026%2C159%2C238%2C117%2C97%2C99%2C55%2C56%2C59%2C3012%2C122%2C3008%2C3007%2C3%2C201%2C4%2C246%2C203%2C126%2C9%2C208%2C171%2C251%2C175%2C132%2C255%2C178%2C3018%2C3017%2C3016%2C214%2C3015%2C3014%2C76%2C77%2C38%2C182%2C261%2C184%2C262%2C141%2C186%2C188%2C222%2C102%2C301%2C225%2C226%2C106%2C80%2C10000%2C229%2C108%2C109&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=PREBID
Frame ID: 8D7F9D86AE021F0975A63B1E8EC3928C
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156796
Frame ID: 67A3049AFAE9B620E20F8EF2E6E1B3B6
Requests: 1 HTTP requests in this frame

Frame: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/1032790.html
Frame ID: 5ED1CD75167A4DF12CA85AA90A4B59A8
Requests: 5 HTTP requests in this frame

Frame: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/1032790.html
Frame ID: 14D5D16ACF4C19C74A680A3A51E6E3B7
Requests: 5 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 5F4AABE38FD61A31F20EF2AC19DF23DF
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: 0A731679D20D58983F85E1965AAFADB0
Requests: 11 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13414399
Frame ID: 7AFFEA03C7B584F9351CC9594B97CF74
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 43E63085F53B0F7BD2E8B612181CFCDB
Requests: 3 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13414399
Frame ID: 331FD5D12D4515C2BE9CD90537D7E659
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU4TR801&prvid=2034%2C2033%2C193%2C2030%2C273%2C157%2C2027%2C2026%2C159%2C238%2C117%2C97%2C99%2C55%2C56%2C59%2C3012%2C122%2C3008%2C3007%2C3%2C201%2C4%2C246%2C203%2C126%2C9%2C208%2C171%2C251%2C175%2C132%2C255%2C178%2C3018%2C3017%2C3016%2C214%2C3015%2C3014%2C76%2C77%2C38%2C182%2C261%2C184%2C262%2C141%2C186%2C188%2C222%2C102%2C301%2C225%2C226%2C106%2C80%2C10000%2C229%2C108%2C109&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=PREBID
Frame ID: 824CEBE53B99A19FCFC1D2EE025A1652
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: BDAB292C7942951F69B31A7ED2FD14C4
Requests: 11 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13414399
Frame ID: 91D90646CBB5AAB0400043554C1FBF75
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 68FA16C32EDCCE3AA16AC86CA52762E6
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 0F68AEF182904603ED41A5E03836F3AB
Requests: 10 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU4TR801&prvid=2034%2C2033%2C193%2C2030%2C273%2C157%2C2027%2C2026%2C159%2C238%2C117%2C97%2C99%2C55%2C56%2C59%2C3012%2C122%2C3008%2C3007%2C3%2C201%2C4%2C246%2C203%2C126%2C9%2C208%2C171%2C251%2C175%2C132%2C255%2C178%2C3018%2C3017%2C3016%2C214%2C3015%2C3014%2C76%2C77%2C38%2C182%2C261%2C184%2C262%2C141%2C186%2C188%2C222%2C102%2C301%2C225%2C226%2C106%2C80%2C10000%2C229%2C108%2C109&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=PREBID
Frame ID: BB7AD62F5B8E247B99B8ED4D33CEAF5C
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: B1D05950D35845126CB0D841A38579D5
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 312A54A0E0A53178A0667F935BF00CC2
Requests: 3 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13414399
Frame ID: 00D47F99AC753A87E8D9EFC59FF32C36
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: A6A073FFA0A5FFC0D3A41CFA6EC616CA
Requests: 3 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: 629F828806D7C05E49A467642967E59C
Requests: 11 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: E05A6D3A44CE4360341E344092959E65
Requests: 11 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156796
Frame ID: D0E4EE957613696954616D1EA52D50FD
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.urbandictionary.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 15E8C2E16478ACCF416CCD712DE8935B
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.urbandictionary.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: B55E7075FCE1F306DCFC12B37E4D9DC9
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.urbandictionary.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 772C7F440E7883137380CCDD8FD0A167
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.urbandictionary.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 3EBEC841B91A4351152A80CD3A2D9903
Requests: 10 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=350B745B-C7AE-4497-937B-9CBD22D89551
Frame ID: 66AC73CC0317AD5BB79F25022B796AB0
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3341311249734111238
Frame ID: 52B9F0ACD983838866001F222CAA560A
Requests: 1 HTTP requests in this frame

Frame: https://clarium.global.ssl.fastly.net/?wrapper=dpDNFqkb5Lc3xut9hGBf3bUycI8&tpid=ZHBETkZxa2I1TGMzeHV0OWhHQmYzYlV5Y0k4LzI2ODYwMzM2MzE6MzAweDI1MA%3D%3D&v=v2lgcycid&d=eyJ3aCI6IlpIQkVUa1p4YTJJMVRHTXplSFYwT1doSFFtWXpZbFY1WTBrNEx6STJPRFl3TXpNMk16RTZNekF3ZURJMU1BPT0iLCJ3ZCI6eyJvIjoyNjg2MDMzNjMxLCJ3IjoiMzAwIiwiaCI6IjI1MCJ9LCJ3ciI6Mn0=
Frame ID: 16E974726CA9781C58BBD2A0CBBE6DAC
Requests: 12 HTTP requests in this frame

Frame: https://clarium.global.ssl.fastly.net/?wrapper=dpDNFqkb5Lc3xut9hGBf3bUycI8&tpid=ZHBETkZxa2I1TGMzeHV0OWhHQmYzYlV5Y0k4LzIzNTA1NDUwMjM6MXgx&v=v2lgcycid&d=eyJ3aCI6IlpIQkVUa1p4YTJJMVRHTXplSFYwT1doSFFtWXpZbFY1WTBrNEx6SXpOVEExTkRVd01qTTZNWGd4Iiwid2QiOnsibyI6MjM1MDU0NTAyMywidyI6IjEiLCJoIjoiMSJ9LCJ3ciI6Mn0=
Frame ID: E02B114634F065CC97FF56CB021DA305
Requests: 14 HTTP requests in this frame

Frame: https://clarium.global.ssl.fastly.net/?wrapper=dpDNFqkb5Lc3xut9hGBf3bUycI8&tpid=ZHBETkZxa2I1TGMzeHV0OWhHQmYzYlV5Y0k4LzI2ODYwMzM2MzE6OTcweDkw&v=v2lgcycid&d=eyJ3aCI6IlpIQkVUa1p4YTJJMVRHTXplSFYwT1doSFFtWXpZbFY1WTBrNEx6STJPRFl3TXpNMk16RTZPVGN3ZURrdyIsIndkIjp7Im8iOjI2ODYwMzM2MzEsInciOiI5NzAiLCJoIjoiOTAifSwid3IiOjJ9
Frame ID: BFB216639B3AE4A5515066BF5DA0FB54
Requests: 13 HTTP requests in this frame

Frame: https://clarium.global.ssl.fastly.net/?wrapper=dpDNFqkb5Lc3xut9hGBf3bUycI8&tpid=ZHBETkZxa2I1TGMzeHV0OWhHQmYzYlV5Y0k4LzI2ODYwMzM2MzE6MjU2eDE0NA%3D%3D&v=v2lgcycid&d=eyJ3aCI6IlpIQkVUa1p4YTJJMVRHTXplSFYwT1doSFFtWXpZbFY1WTBrNEx6STJPRFl3TXpNMk16RTZNalUyZURFME5BPT0iLCJ3ZCI6eyJvIjoyNjg2MDMzNjMxLCJ3IjoiMjU2IiwiaCI6IjE0NCJ9LCJ3ciI6Mn0=
Frame ID: D5BFD57359494D833FD1D3F453AE0986
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E7EA78D7AF3568A48FA4476478944FF5
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 694BAD92233B877734257AA44849585F
Requests: 2 HTTP requests in this frame

Frame: https://gift-connect-d.openx.net/w/1.0/cm?id=fd531c74-f5ed-4e60-8874-939fb2acafa1&r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D
Frame ID: 1517E2783B6D51FD0F6554B2C4BFDA57
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Frame ID: 130336F2274B107A3F4BE4EEF06421CA
Requests: 3 HTTP requests in this frame

Frame: https://gift-connect-d.openx.net/w/1.0/cm?id=fd531c74-f5ed-4e60-8874-939fb2acafa1&r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D
Frame ID: 5DB70E5D992E142A8436AD9358A13D94
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Frame ID: C19CD09EAE577444F4D0829A9DCA5E6B
Requests: 2 HTTP requests in this frame

Frame: https://gift-connect-d.openx.net/w/1.0/cm?id=fd531c74-f5ed-4e60-8874-939fb2acafa1&r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D
Frame ID: E8F2F2B197ABB6A7297AA49736C8E824
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Frame ID: AC80D8B633D3D53070BEB692716276FB
Requests: 2 HTTP requests in this frame

Frame: https://gift-connect-d.openx.net/w/1.0/cm?id=fd531c74-f5ed-4e60-8874-939fb2acafa1&r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D
Frame ID: 1851B8DE627979F108BA6BB01137A834
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Frame ID: 10439B3D1E9487146C96A51F891D4758
Requests: 2 HTTP requests in this frame

Frame: https://cf946a16b6dc5b3b3a7f8207ac7c9a78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C3414C3CC7622EAFF781486CD69E29DC
Requests: 18 HTTP requests in this frame

Frame: data://truncated
Frame ID: 006D78D7A6E2DBC4D4451CBBA792C5E1
Requests: 1 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=52094793;rtbwp=0.694;rtbdata=e-4gecWcpwZeEPrn_KTIxrG_5RRah7r5QiS3GKqXqmOC37wfCqGTQAVnUETmH6vVs33byewNVQxLETnJI_K-VNBXbqaWS4fSlfClTA81HMfi5fQe8Hd-3RmcmBPgNF2B-uwhqLb0_kbcrbiWeWGdweq2-AYdKcXDzAC0EYCAYcDFdOM0WuYcCDxdwmKqJ21BkT2YWOlhVtw4tePuzGrQNO52e1q5vkZJhS5EBIRnDWewtRT-rd04K9HepMWUDT0uZPSVCRcBPzE1
Frame ID: 9BD18877E117BCFCA3FC543A06ED440B
Requests: 11 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?max=10&cb=55043
Frame ID: D3C0523D111B62E7F90FF9CC955C4EAD
Requests: 7 HTTP requests in this frame

Frame: data://truncated
Frame ID: E1DF411BE5C1C0CBF08567D91812C6BF
Requests: 1 HTTP requests in this frame

Frame: https://tags.mathtag.com/notify/js?exch=gor&s_exch=ss6&id=5aW95q2jLzIzLyAvTkRsa05HUTRNRGt0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzE2MjQ2MzMxNzczMzUwMTQ4OTIvOTY5MDAzNS85OTU1OTkzLzYyL2JRcmVaV2xuS2YwaTV3dUhxeU40VE1FeU9GZTVUV1RiVkhyV05FalViNFkvMS82Mi8wLzAvMTczNDk0NS8zMTE3NzgzOTc0LzIxNTU0My8xMDQwODc5LzEvMC8wL01EQXdNREF3TURBdE1EQXdNQzB3TURBd0xUQXdNREF0TURBd01EQXdNREF3TURBdy8wLzAvMC8wLzAvMTYyNDYzMzE3NzMzNTAxNDg5Mi96cmgvMC8xMDAxMC80NC85OTkvMjU4LzE4NS4yMTMuMTU1LjAvMC4wMDAvMTY0MDU2ODM4OC8xNjQwNTgwOTg4LzYyLzMwMzAv/004Hrfog4dH1MhjVeIvIXUvZM60&nodeid=2801&group=zrh&auctionid=1624633177335014892&shardkey=1624633177335014892&sid=9955993&cid=9690035&price=0.259&bp=a_cfjjig&nfy_act=LD5wfnw&type=adm&client=c2s&bfip=185.29.133.161
Frame ID: 192135399420ED3F145534751738D9C0
Requests: 8 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?max=10&cb=60499
Frame ID: 44E15104CB8DF54BF3F3DBC4960C56B9
Requests: 10 HTTP requests in this frame

Frame: data://truncated
Frame ID: 15E8D7116585C4DF23A6227996A7E418
Requests: 1 HTTP requests in this frame

Frame: https://tags.mathtag.com/notify/js?exch=gor&s_exch=ss6&id=5aW95q2jLzIzLyAvTkRsa05HUTRNRGt0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzQ3MTcxMTY3MjcyODE2NzkzNS85NjkwMDMzLzk5NTU5OTMvNjIvYlFyZVpXbG5LZjBpNXd1SHF5TjRUTFBBcUlOZzZvdXR0MzZReHBjcEVENC8xLzYyLzAvMC8xNzM0OTQ1LzMxMTc3ODM5NzQvMjE1NTQzLzEwNDA4NzkvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC80NzE3MTE2NzI3MjgxNjc5MzUvenJoLzAvMTAwMTAvNDQvOTk5LzI1OC8xODUuMjEzLjE1NS4wLzAuMDAwLzE2NDA1NjgzODgvMTY0MDU4MDk4OC82Mi8zMDMwLw/PHvuCZ7DJktQDzS9Y2ZVB2UIeJM&nodeid=2801&group=zrh&auctionid=471711672728167935&shardkey=471711672728167935&sid=9955993&cid=9690033&price=0.259&bp=a_cfjjig&nfy_act=LD5wfnw&type=adm&client=c2s&bfip=185.29.135.136
Frame ID: F67A229E3B3FDCB61DC9A38F73195740
Requests: 8 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?max=10&cb=59735
Frame ID: 270821D099F565DA2B4174D97D0D0214
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYiKbFlQEwAQ&v=APEucNXqUVt1RY39mE5Nj1HQAo7OMWJepP0hx5i90DbqM8B_FRvN5V70ONzJNtnnGZKhMs-RluAdm1YU7KiZbGRb3oFRADVOPSDRsqz5G_doLgtSA_msVDK970VwrwRyFnxfj8OHzeZs0-6qpl5KAAnn5S9ShNe8QzCB9SL3mL7E8mZFF-xpDmA
Frame ID: F4A0BA4CEF6EA265E4CAC4D9CFBB01D4
Requests: 5 HTTP requests in this frame

Frame: https://hal900021.redintelligence.net/request_content.php?s=15062700016109403891606011821021&a=3294d48a
Frame ID: 886D04F96720C85AB5C085A7EFA2D590
Requests: 12 HTTP requests in this frame

Frame: https://sync.mathtag.com/sync/iframe?mt_uuid=d07061c9-1645-4a00-b232-e2ae32532fe8&no_iframe=1&mt_lim=2&type=1,2&source=bidder
Frame ID: F4D492F8EB7CD67EA49ABE19D574811F
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 208E954B207B0D9C1A4CF4F9F8EF21A9
Requests: 3 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=47735300012161100710592011821017&actionid=879111&produktid=ratenkredit&dt_url=
Frame ID: 9EC7A69353B14F0E824CF22BF230DE12
Requests: 1 HTTP requests in this frame

Frame: https://hal900017.redintelligence.net/request_content.php?s=47735300012161100710592011821017&a=c6f725af
Frame ID: 501F3F141515B724D2429AA05ED6B2F8
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 02C1DD0CE2993572565D738592818480
Requests: 9 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/160090/10664486/10664486.js?ADFassetID=10664486&bv=258
Frame ID: B91D2F9A4BBA916F30CCB6F29C193372
Requests: 18 HTTP requests in this frame

Frame: https://hal900027.redintelligence.net/request_content.php?s=25895100015161403891620011821027&a=54fbe38f
Frame ID: E41CE210C08DE75093BA6E5E8DB867DB
Requests: 11 HTTP requests in this frame

Frame: https://sync.mathtag.com/sync/iframe?mt_uuid=d07061c9-1645-4a00-b232-e2ae32532fe8&no_iframe=1&mt_lim=2&type=1,2&source=bidder
Frame ID: 0D4C30C05045D693A2589E5784813540
Requests: 3 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/160090/10664485/10664485.js?ADFassetID=10664485&bv=258
Frame ID: FF48AF265922E217BF425D1DA172CC2A
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Urban Dictionary, December 27: Green FlagBack ButtonSearch IconFilter IconArrow

Page URL History Show full URLs

http://urbandictionary.com/ HTTP 301
https://www.urbandictionary.com/ Page URL

Detected technologies

D3 (JavaScript Graphics) Expand

Overall confidence: 100%
Detected patterns

/d3(?:\. v\d+)?(?:\.min)?\.js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Twitter Emoji (Twemoji) (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

twemoji(?:\.min)?\.js

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

535
Requests

80 %
HTTPS

25 %
IPv6

89
Domains

143
Subdomains

106
IPs

12
Countries

3246 kB
Transfer

8113 kB
Size

119
Cookies

42 Outgoing links

These are links going to different origins than the main page.

URL: https://urbandictionary.store/
Title: Store

Search URL Search Domain Scan URL

URL: https://urbandictionary.blog/
Title: Blog

Search URL Search Domain Scan URL

URL: https://www.addthis.com/bookmark.php?lng=en-US&pub=ra-50dc926d011f6845&source=tbx-300&title=Urban+Dictionary%3A+Green+Flag&url=http%3A%2F%2Fgreen-flag.urbanup.com%2F15760185&v=300&winname=addthis&s=twitter

Search URL Search Domain Scan URL

URL: https://urbandictionary.store/products/mug?defid=15760185&utm_campaign=onpage&utm_medium=web&utm_source=home
Title: Get a Green Flag mug for your daughter Sarah.

Search URL Search Domain Scan URL

URL: https://www.addthis.com/bookmark.php?lng=en-US&pub=ra-50dc926d011f6845&source=tbx-300&title=Urban+Dictionary%3A+j-line&url=http%3A%2F%2Fj-line.urbanup.com%2F2090762&v=300&winname=addthis&s=twitter

Search URL Search Domain Scan URL

URL: https://www.addthis.com/bookmark.php?lng=en-US&pub=ra-50dc926d011f6845&source=tbx-300&title=Urban+Dictionary%3A+j-line&url=http%3A%2F%2Fj-line.urbanup.com%2F2090762&v=300&winname=addthis

Search URL Search Domain Scan URL

URL: https://urbandictionary.store/products/mug?defid=2090762&utm_campaign=onpage&utm_medium=web&utm_source=home
Title: Get a j-line mug for your brother-in-law Bob.

Search URL Search Domain Scan URL

URL: https://www.addthis.com/bookmark.php?lng=en-US&pub=ra-50dc926d011f6845&source=tbx-300&title=Urban+Dictionary%3A+Elf-Esteem&url=http%3A%2F%2Felf-esteem.urbanup.com%2F4429605&v=300&winname=addthis&s=twitter

Search URL Search Domain Scan URL

URL: https://urbandictionary.store/products/mug?defid=4429605&utm_campaign=onpage&utm_medium=web&utm_source=home
Title: Get a Elf-Esteem mug for your cat James.

Search URL Search Domain Scan URL

URL: https://www.addthis.com/bookmark.php?lng=en-US&pub=ra-50dc926d011f6845&source=tbx-300&title=Urban+Dictionary%3A+holiday+pants&url=http%3A%2F%2Fholiday-pants.urbanup.com%2F3513929&v=300&winname=addthis&s=twitter

Search URL Search Domain Scan URL

URL: https://urbandictionary.store/products/mug?defid=3513929&utm_campaign=onpage&utm_medium=web&utm_source=home
Title: Get a holiday pants mug for your father-in-law Georges.

Search URL Search Domain Scan URL

URL: https://www.addthis.com/bookmark.php?lng=en-US&pub=ra-50dc926d011f6845&source=tbx-300&title=Urban+Dictionary%3A+ta+ta+for+now&url=http%3A%2F%2Fta-ta-for-now.urbanup.com%2F2162685&v=300&winname=addthis&s=twitter

Search URL Search Domain Scan URL

URL: https://urbandictionary.store/products/mug?defid=2162685&utm_campaign=onpage&utm_medium=web&utm_source=home
Title: Get a ta ta for now mug for your grandma Rihanna.

Search URL Search Domain Scan URL

URL: https://www.addthis.com/bookmark.php?lng=en-US&pub=ra-50dc926d011f6845&source=tbx-300&title=Urban+Dictionary%3A+cad&url=http%3A%2F%2Fcad.urbanup.com%2F3379384&v=300&winname=addthis&s=twitter

Search URL Search Domain Scan URL

URL: https://www.addthis.com/bookmark.php?lng=en-US&pub=ra-50dc926d011f6845&source=tbx-300&title=Urban+Dictionary%3A+cad&url=http%3A%2F%2Fcad.urbanup.com%2F3379384&v=300&winname=addthis&s=facebook

Search URL Search Domain Scan URL

URL: https://www.addthis.com/bookmark.php?lng=en-US&pub=ra-50dc926d011f6845&source=tbx-300&title=Urban+Dictionary%3A+cad&url=http%3A%2F%2Fcad.urbanup.com%2F3379384&v=300&winname=addthis

Search URL Search Domain Scan URL

URL: https://urbandictionary.store/products/mug?defid=3379384&utm_campaign=onpage&utm_medium=web&utm_source=home
Title: Get a cad mug for your mate Günter.

Search URL Search Domain Scan URL

URL: https://www.addthis.com/bookmark.php?lng=en-US&pub=ra-50dc926d011f6845&source=tbx-300&title=Urban+Dictionary%3A+Dallas+threesome&url=http%3A%2F%2Fdallas-threesome.urbanup.com%2F15845993&v=300&winname=addthis&s=twitter

Search URL Search Domain Scan URL

URL: https://urbandictionary.store/products/mug?defid=15845993&utm_campaign=onpage&utm_medium=web&utm_source=home
Title: Get a Dallas threesome mug for your buddy Georges.

Search URL Search Domain Scan URL

URL: http://ads.urbandictionary.com/
Title: advertise

Search URL Search Domain Scan URL

URL: http://about.urbandictionary.com/tos
Title: terms of service

Search URL Search Domain Scan URL

URL: http://about.urbandictionary.com/privacy
Title: privacy

Search URL Search Domain Scan URL

URL: http://about.urbandictionary.com/dmca
Title: dmca

Search URL Search Domain Scan URL

URL: https://urbandictionary.wufoo.com/forms/bug-report-form/
Title: bug report

Search URL Search Domain Scan URL

URL: http://help.urbandictionary.com/
Title: help

Search URL Search Domain Scan URL

URL: https://urbandictionary.wufoo.com/forms/data-subject-request-form/
Title: data subject request

Search URL Search Domain Scan URL

URL: http://www.twitter.com/urbandictionary
Title: Twitter

Search URL Search Domain Scan URL

URL: http://www.facebook.com/urbandictionary
Title: Facebook

Search URL Search Domain Scan URL

URL: https://eepurl.com/UXBEb
Title: Subscribe

Search URL Search Domain Scan URL

URL: https://cookiepedia.co.uk/giving-consent-to-cookies
Title: More information

Search URL Search Domain Scan URL

URL: https://onetrust.com/poweredbyonetrust

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://urbandictionary.com/ HTTP 301
https://www.urbandictionary.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16

https://urbandictionary-com.videoplayerhub.com/gallery.js HTTP 301
https://btloader.com/tag?h=urbandictionary-com&upapi=true

Request Chain 35

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.urbandictionary.com%2F&domain=www.urbandictionary.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=K0ZJZXxJTDNRWUpJeXN2K2VmWGlsd2RvODZCM3QvVitJUGJaZERNek9aVWRKZ0pwYUcyNlBxWWpSWUY2ZXlxNXZhZ3VsWnM4NUVnMnJjbXRadkZ3NHhHRVZZUk95WmhHZktVUVRKWVNrdHhxN1E4MW8vaElTSUdMNjFtbWpzemtaSDhCVGZKaHBDOWxxbnVLb1EyR1FZdmVsRGdZTVlDdHk0Zm9zNFhkSC9xSk9OYzQ2QkdWMHBQdkwwekFiT1dmcVpmVmlyUmlxbFRkaXBLTG5EdTBNeTM3L0ptT2FKVVF1SncxQVRaQ1BqRjFOcENNcnluOVRaUDA4UFp5NlByY3o0c3lnfA&cppv=2

Request Chain 36

https://rp.liadm.com/j?wpn=prebid&pu=https%3A%2F%2Fwww.urbandictionary.com%2F&duid=7b1bfe6a19f7--01fqwqxy2w38z9mjq37dmtjmcx&se=e30&dtstmp=1640568387678 HTTP 302
https://rp4.liadm.com/j?wpn=prebid&pu=https%3A%2F%2Fwww.urbandictionary.com%2F&duid=7b1bfe6a19f7--01fqwqxy2w38z9mjq37dmtjmcx&se=e30&dtstmp=1640568387678&i6=MmEwMzoxYjIwOjY6ZjAxMTo6NmU%3D&n3pc=true

Request Chain 38

https://px.britepool.com/new?partner_id=t HTTP 302
https://thrtle.com/insync?vxii_pid=10054&vxii_pdid=bbb932dd-b0ad-4c3c-8c11-07739ec9e8e0

Request Chain 41

https://sb.scorecardresearch.com/b?c1=2&c2=31506057&ns__t=1640568387699&ns_c=UTF-8&cv=3.5&c8=Urban%20Dictionary%2C%20December%2027%3A%20Green%20Flag&c7=https%3A%2F%2Fwww.urbandictionary.com%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=31506057&ns__t=1640568387699&ns_c=UTF-8&cv=3.5&c8=Urban%20Dictionary%2C%20December%2027%3A%20Green%20Flag&c7=https%3A%2F%2Fwww.urbandictionary.com%2F&c9=

Request Chain 122

https://sync.serverbid.com/ss/1032790.html HTTP 302
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/1032790.html

Request Chain 125

https://sync.serverbid.com/ss/1032790.html HTTP 302
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/1032790.html

Request Chain 130

https://sync.serverbid.com/ss/1032790.html HTTP 302
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/1032790.html

Request Chain 131

https://sync.serverbid.com/ss/1032790.html HTTP 302
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/1032790.html

Request Chain 133

https://eb2.3lift.com/sync HTTP 302
https://eb2.3lift.com/sync?&ld=1

Request Chain 138

https://eb2.3lift.com/sync HTTP 302
https://eb2.3lift.com/sync?&ld=1

Request Chain 147

https://eb2.3lift.com/sync HTTP 302
https://eb2.3lift.com/sync?&ld=1

Request Chain 148

https://eb2.3lift.com/sync HTTP 302
https://eb2.3lift.com/sync?&ld=1

Request Chain 153

https://ad.mrtnsvr.com/sync/triplelift HTTP 302
https://eb2.3lift.com/xuidmid=7976&xuid=r79tbCOfp&dongle=u6nf

Request Chain 154

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm=&google_sc=&gdpr=1&gdpr_consent=&google_tc= HTTP 302
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEGUp9gpONcDiDgwlWDyCZy8&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1

Request Chain 155

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTYzNDA1NDE2MDk1MzM2OTU3OQ%3D%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTYzNDA1NDE2MDk1MzM2OTU3OQ%3D%3D&google_tc=

Request Chain 157

https://pr-bh.ybp.yahoo.com/sync/triplelift/9634054160953369579?gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2662&xuid=y-ZvDTrW5E2oQvN7rIKkfzoi0mkZWtYTFrkczKMuba5Q--~A&dongle=0883

Request Chain 160

https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=9634054160953369579 HTTP 302
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=9634054160953369579&dcc=t

Request Chain 161

https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1

Request Chain 163

https://ad.mrtnsvr.com/sync/triplelift HTTP 302
https://eb2.3lift.com/xuidmid=7976&xuid=n79tskhfp&dongle=u6nf

Request Chain 164

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm=&google_sc=&gdpr=1&gdpr_consent=&google_tc= HTTP 302
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEGUp9gpONcDiDgwlWDyCZy8&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1

Request Chain 165

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTYzNDA1NDE2MDk1MzM2OTU3OQ%3D%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTYzNDA1NDE2MDk1MzM2OTU3OQ%3D%3D&google_tc=

Request Chain 167

https://pr-bh.ybp.yahoo.com/sync/triplelift/9634054160953369579?gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2662&xuid=y-GkSpDqFE2oTa_I7Cnw1TsTcQIfzARCYvYTu93G7p4w--~A&dongle=0883

Request Chain 170

https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=9634054160953369579 HTTP 302
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=9634054160953369579&dcc=t

Request Chain 171

https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1

Request Chain 173

https://ad.mrtnsvr.com/sync/triplelift HTTP 302
https://eb2.3lift.com/xuidmid=7976&xuid=c79tbChfp&dongle=u6nf

Request Chain 174

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm=&google_sc=&gdpr=1&gdpr_consent=&google_tc= HTTP 302
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEGUp9gpONcDiDgwlWDyCZy8&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1

Request Chain 175

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTYzNDA1NDE2MDk1MzM2OTU3OQ%3D%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTYzNDA1NDE2MDk1MzM2OTU3OQ%3D%3D&google_tc=

Request Chain 177

https://pr-bh.ybp.yahoo.com/sync/triplelift/9634054160953369579?gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2662&xuid=y-qSfg3xVE2oT8.82Ju0sNm8CxGwa55TIPTJPC9OBzDQ--~A&dongle=0883

Request Chain 180

https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=9634054160953369579 HTTP 302
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=9634054160953369579&dcc=t

Request Chain 181

https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1

Request Chain 183

https://ad.mrtnsvr.com/sync/triplelift HTTP 302
https://eb2.3lift.com/xuidmid=7976&xuid=nNrabkOfM&dongle=u6nf

Request Chain 184

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm=&google_sc=&gdpr=1&gdpr_consent=&google_tc= HTTP 302
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEGUp9gpONcDiDgwlWDyCZy8&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1

Request Chain 185

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTYzNDA1NDE2MDk1MzM2OTU3OQ%3D%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTYzNDA1NDE2MDk1MzM2OTU3OQ%3D%3D&google_tc=

Request Chain 187

https://pr-bh.ybp.yahoo.com/sync/triplelift/9634054160953369579?gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2662&xuid=y-QgTDjGpE2oRG1krIPA10ruws3c6d4v7H9kLIVHIJgQ--~A&dongle=0883

Request Chain 190

https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=9634054160953369579 HTTP 302
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=9634054160953369579&dcc=t

Request Chain 191

https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1

Request Chain 192

https://ssum-sec.casalemedia.com/usermatch?d=https://www.urbandictionary.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?d=https://www.urbandictionary.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 193

https://ssum-sec.casalemedia.com/usermatch?d=https://www.urbandictionary.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?d=https://www.urbandictionary.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 194

https://ssum-sec.casalemedia.com/usermatch?d=https://www.urbandictionary.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?d=https://www.urbandictionary.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 195

https://ssum-sec.casalemedia.com/usermatch?d=https://www.urbandictionary.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?d=https://www.urbandictionary.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 197

https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Request Chain 198

https://c1.adform.net/serving/cookie/match?party=14&cid=350B745B-C7AE-4497-937B-9CBD22D89551 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=350B745B-C7AE-4497-937B-9CBD22D89551

Request Chain 199

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3341311249734111238

Request Chain 200

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=NQt0W8euRJeTe5y9ItiVUQ%3D%3D HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 201

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=386961c9-1645-4600-ab5d-b8456addc617

Request Chain 202

https://pixel.onaudience.com/?partner=214&mapped=350B745B-C7AE-4497-937B-9CBD22D89551 HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=61a777059d243ce2766c4babc72e3e5a HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
https://pixel.onaudience.com/?partner=147&mapped=456b261a-6772-44d4-bdfe-6385b9439d94&icm HTTP 302
https://spl.zeotap.com/?zdid=1332&zcluid=2e600e5c7dd14c06 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=7a2d47b5-2c92-406f-5426-4a80e51ab110&reqId=212b8ec5-6f13-49db-5322-fbd2cfabf9b2&zcluid=2e600e5c7dd14c06&zdid=1332 HTTP 302
https://mwzeom.zeotap.com/mw?google_gid=CAESEATY3WWfujy4hurJAb_egF8&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=7a2d47b5-2c92-406f-5426-4a80e51ab110&reqId=212b8ec5-6f13-49db-5322-fbd2cfabf9b2&zcluid=2e600e5c7dd14c06&zdid=1332

Request Chain 203

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MzUwQjc0NUItQzdBRS00NDk3LTkzN0ItOUNCRDIyRDg5NTUx&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 204

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEA3iksR9QnR7BWWBqUCQTeY&google_cver=1

Request Chain 206

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:d07061c9-1645-4a00-b232-e2ae32532fe8&gdpr=0&gdpr_consent=

Request Chain 207

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5955457939755122757

Request Chain 235

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YckWRZwlS-tA-TVA2RnE_gAABLQAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YckWRZwlS-tA-TVA2RnE_gAABLQAAAAB&dcc=t

Request Chain 236

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YckWRZwlS.tA.TVA2RnE-gAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGlXq2n2yFpRj0Ljf-58hT4&google_cver=1&gdpr=1&google_hm=2

Request Chain 237

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YckWRZwlS-tA-TVA2RnE_gAABLQAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESELR8rl8MXnkj5-zaQ29jfLo&google_cver=1

Request Chain 240

https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=2446002a-8032-4cdb-9d07-bed53b35ef2b&expiration=1672104389

Request Chain 241

https://sync.srv.stackadapt.com/sync?nid=68&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=0gKDTYIsQiN1-P65igAj_rnVm6Y

Request Chain 244

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YckWRZwlS.tA.TVA2RnE-gAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGlXq2n2yFpRj0Ljf-58hT4&google_cver=1&gdpr=1&google_hm=2

Request Chain 245

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YckWRZwlS-tA-TVA2RnE_gAABLQAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESELR8rl8MXnkj5-zaQ29jfLo&google_cver=1

Request Chain 246

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YckWRZwlS-tA-TVA2RnE_gAABLQAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YckWRZwlS-tA-TVA2RnE_gAABLQAAAAB&dcc=t

Request Chain 247

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1 HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YckWRQAAAaVcOQAF

Request Chain 248

https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1 HTTP 302
https://um.simpli.fi/no_match_opted_out

Request Chain 253

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YckWRZwlS-tA-TVA2RnE_gAABLQAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YckWRZwlS-tA-TVA2RnE_gAABLQAAAAB&dcc=t

Request Chain 254

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YckWRZwlS.tA.TVA2RnE-gAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGlXq2n2yFpRj0Ljf-58hT4&google_cver=1&gdpr=1&google_hm=2

Request Chain 255

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YckWRZwlS-tA-TVA2RnE_gAABLQAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESELR8rl8MXnkj5-zaQ29jfLo&google_cver=1

Request Chain 257

https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-53467a0e-216e-4b45-b675-5039ca23607d

Request Chain 258

https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1 HTTP 302
https://um.simpli.fi/no_match_opted_out

Request Chain 262

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YckWRZwlS.tA.TVA2RnE-gAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGlXq2n2yFpRj0Ljf-58hT4&google_cver=1&gdpr=1&google_hm=2

Request Chain 263

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YckWRZwlS-tA-TVA2RnE_gAABLQAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESELR8rl8MXnkj5-zaQ29jfLo&google_cver=1

Request Chain 264

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YckWRZwlS-tA-TVA2RnE_gAABLQAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YckWRZwlS-tA-TVA2RnE_gAABLQAAAAB&dcc=t

Request Chain 265

https://ums.acuityplatform.com/tum?umid=8 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=634835032505

Request Chain 267

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1 HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YckWRQAA749dnQAF HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YckWRQAA749dnQAF&gdpr=1&_test=YckWRQAA749dnQAF

Request Chain 284

https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1--- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDZiZjhmNGIzOTFhNDJhZmM5MjNiODlhZWM2ZjRjODlkMTYyMjM0ZA&us_privacy=1---

Request Chain 285

https://token.rubiconproject.com/token?pid=25470&us_privacy=1--- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1hPMDI2RDItMTUtM0FVWQ==&us_privacy=1---

Request Chain 286

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&us_privacy=1--- HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&us_privacy=1---&_test=YckWRQAA63nFtQBK HTTP 302
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YckWRQAA63nFtQBK&us_privacy=1---&_test=YckWRQAA63nFtQBK

Request Chain 288

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=d07061c9-1645-4a00-b232-e2ae32532fe8&expires=28

Request Chain 290

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBpCFpYDp6qXuwnnb8igAt0&google_cver=1

Request Chain 291

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1--- HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/sOwAma3S4mQ372q2Ib0MbMn5EUdSAgOZEtemQ7w0kco?csrc=&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=817498629427485841

Request Chain 299

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17632&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east

Request Chain 300

https://ib.adnxs.com/getuid?https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D28%26userId%3D%24UID HTTP 302
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=7851095513005621819

Request Chain 301

https://pixel.advertising.com/ups/56621/occ HTTP 302
https://pixel.advertising.com/ups/56621/occ?verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/56621/occ?apid=UP0471dc94-66b4-11ec-a82d-0203314ef094 HTTP 302
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP0471dc94-66b4-11ec-a82d-0203314ef094

Request Chain 302

https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D HTTP 302
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YckWRZwlS.tA.TVA2RnE-gAA%261204

Request Chain 304

https://ib.adnxs.com/getuid?https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D28%26userId%3D%24UID HTTP 302
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=7851095513005621819

Request Chain 305

https://pixel.advertising.com/ups/56621/occ HTTP 302
https://pixel.advertising.com/ups/56621/occ?verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/56621/occ?apid=UP0471dc94-66b4-11ec-a82d-0203314ef094 HTTP 302
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP0471dc94-66b4-11ec-a82d-0203314ef094

Request Chain 306

https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D HTTP 302
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YckWRZwlS.tA.TVA2RnE-gAA%261204

Request Chain 309

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17632&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east

Request Chain 311

https://ib.adnxs.com/getuid?https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D28%26userId%3D%24UID HTTP 302
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=7851095513005621819

Request Chain 312

https://pixel.advertising.com/ups/56621/occ HTTP 302
https://pixel.advertising.com/ups/56621/occ?verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/56621/occ?apid=UP0471dc94-66b4-11ec-a82d-0203314ef094 HTTP 302
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP0471dc94-66b4-11ec-a82d-0203314ef094

Request Chain 313

https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D HTTP 302
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YckWRZwlS.tA.TVA2RnE-gAA%261204

Request Chain 316

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17632&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east

Request Chain 317

https://ib.adnxs.com/getuid?https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D28%26userId%3D%24UID HTTP 302
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=7851095513005621819

Request Chain 318

https://pixel.advertising.com/ups/56621/occ HTTP 302
https://pixel.advertising.com/ups/56621/occ?verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/56621/occ?apid=UP0471dc94-66b4-11ec-a82d-0203314ef094 HTTP 302
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP0471dc94-66b4-11ec-a82d-0203314ef094

Request Chain 319

https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D HTTP 302
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YckWRZwlS.tA.TVA2RnE-gAA%261204

Request Chain 322

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17632&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east

Request Chain 363

https://ad.turn.com/r/cs?pid=49&gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=4771&xuid=7962868175624140480&dongle=d407

Request Chain 366

https://sync.mathtag.com/sync/img?mt_exid=62&redir=%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3690%26xuid%3D%5BMM_UUID%5D%26dongle%3D3995%26gdpr=1%26gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=3690&xuid=d07061c9-1645-4a00-b232-e2ae32532fe8&dongle=3995&gdpr=1&gdpr_consent=

Request Chain 367

https://sync-tm.everesttech.net/upi/pid/RVF22VSl?redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3657%26xuid%3D%24%7BTM_USER_ID%7D%26dongle%3D3c0a%26gdpr=1%26gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=3657&xuid=YckWRQAA749dnQAF&dongle=3c0a&gdpr=1&gdpr_consent=

Request Chain 368

https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=3335&xuid=7851095513005621819&dongle=4d58&gdpr=1&gdpr_consent=

Request Chain 385

https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=3335&xuid=7851095513005621819&dongle=4d58&gdpr=1&gdpr_consent=

Request Chain 386

https://eb2.3lift.com/ebda?sync=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTYzNDA1NDE2MDk1MzM2OTU3OQ%3D%3D HTTP 302
https://eb2.3lift.com/ebda?gdpr=1&gdpr_consent=

Request Chain 387

https://match.prod.bidr.io/cookie-sync/trl HTTP 303
https://match.prod.bidr.io/cookie-sync/trl?_bee_ppp=1 HTTP 303
https://eb2.3lift.com/xuid?mid=7255&xuid=AAJ9cE7Dki0AAEGbwiCDSw&dongle=bzwx

Request Chain 390

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=83&gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=3646&xuid=no-consent&dongle=1fa5&gdpr=1&gdpr_consent=

Request Chain 392

https://rtb.mfadsrvr.com/sync?ssp=triplelift&gdpr=1&gdpr_consent= HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=triplelift&gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=4945&xuid=4046931d-97d2-47b7-83b5-8b82791855f9&dongle=31ac

Request Chain 393

https://sync.srv.stackadapt.com/sync?nid=13&gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2319&xuid=0-d202834d-822c-4223-75f8-feb98a0023fe$ip$185.213.155.166&dongle=4430

Request Chain 394

https://sync.ipredictive.com/d/sync/cookie/generic?https://eb2.3lift.com/xuid?mid=3702&xuid=${ADELPHIC_CUID}&dongle=d54f&gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=3702&xuid=04edea56-66b4-11ec-b373-216702a4ec2c&dongle=d54f&gdpr=1&gdpr_consent=

Request Chain 396

https://um.simpli.fi/triplelift HTTP 302
https://eb2.3lift.com/xuid?mid=7969&xuid=F0773C369512422CA412DB672A018B81&dongle=yf3

Request Chain 397

https://cms.quantserve.com/pixel/p-VtN-a_yLd-GB-.gif?idmatch=0&gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?gdpr=1&mid=5316&dongle=fa68&xuid=4z0b0-Q6TNn4NBrf5DtVjLNtQNn4PEzf4jSzfPUc

Request Chain 398

https://pm.w55c.net/ping_match.gif?st=TRIPLELIFT&rurl=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D6019%26xuid%3D_wfivefivec_%26dongle%3D465e%26gdpr=1%26gdpr_consent= HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&st=TRIPLELIFT&rurl=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D6019%26xuid%3D_wfivefivec_%26dongle%3D465e%26gdpr=1%26gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=6019&xuid=oF0iMr0b1N1EMu5&dongle=465e&gdpr=1&gdpr_consent=

Request Chain 399

https://aax-eu.amazon-adsystem.com/s/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=9634054160953369579 HTTP 302
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=9634054160953369579&dcc=t

Request Chain 401

https://sasinator.realestate.com.au/rea/setid/external=TRIPLELIFT/value=9634054160953369579 HTTP 302
https://sasinator.realestate.com.au/rea/lserver/setid/external=TRIPLELIFT/value=9634054160953369579

Request Chain 403

https://us.creativecdn.com/cm-notify?pi=triplelift&gdpr=1&gdpr_consent= HTTP 302
https://us.creativecdn.com/cm-notify?pi=triplelift&gdpr=1&gdpr_consent=&tc=1 HTTP 302
https://eb2.3lift.com/xuid?mid=6547&xuid=kbsWX51QyvTzy9vu2Kyx&dongle=45fg&pi=triplelift&gdpr_consent=&gdpr=1&tc=1

Request Chain 408

https://hal900021.redintelligence.net/request.php?zone=1c1wx3ge11rm&nw=20&renderingType=javascript&namespace=9b4f9ee5cd&subid=&uid=dd908737cc3e8d32&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Ass6&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D1624633177335014892%26mt_id%3D9690035%26mt_adid%3D215543%26mt_sid%3D9955993%26mt_exid%3D62%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dd07061c9-1645-4a00-b232-e2ae32532fe8%26mt_cid%3Dd07061c9-1645-4a00-b232-e2ae32532fe8%26redirect%3D&documentReferer=https%3A%2F%2Fwww.urbandictionary.com%2F&ancestorOrigins=https%3A%2F%2Fwww.urbandictionary.com%2Chttps%3A%2F%2Fwww.urbandictionary.com&random=3330225055849&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900021.redintelligence.net/request.php?zone=1c1wx3ge11rm&nw=20&renderingType=javascript&namespace=9b4f9ee5cd&subid=&uid=dd908737cc3e8d32&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Ass6&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D1624633177335014892%26mt_id%3D9690035%26mt_adid%3D215543%26mt_sid%3D9955993%26mt_exid%3D62%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dd07061c9-1645-4a00-b232-e2ae32532fe8%26mt_cid%3Dd07061c9-1645-4a00-b232-e2ae32532fe8%26redirect%3D&documentReferer=https%3A%2F%2Fwww.urbandictionary.com%2F&ancestorOrigins=https%3A%2F%2Fwww.urbandictionary.com%2Chttps%3A%2F%2Fwww.urbandictionary.com&random=3330225055849&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 410

https://hal900027.redintelligence.net/request.php?zone=s013g5sbr739&nw=20&renderingType=javascript&namespace=c6d4b05393&subid=&uid=0d15e349801bac13&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Ass6&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D471711672728167935%26mt_id%3D9690033%26mt_adid%3D215543%26mt_sid%3D9955993%26mt_exid%3D62%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dd07061c9-1645-4a00-b232-e2ae32532fe8%26mt_cid%3Dd07061c9-1645-4a00-b232-e2ae32532fe8%26redirect%3D&documentReferer=https%3A%2F%2Fwww.urbandictionary.com%2F&ancestorOrigins=https%3A%2F%2Fwww.urbandictionary.com%2Chttps%3A%2F%2Fwww.urbandictionary.com&random=6905593376757&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900027.redintelligence.net/request.php?zone=s013g5sbr739&nw=20&renderingType=javascript&namespace=c6d4b05393&subid=&uid=0d15e349801bac13&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Ass6&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D471711672728167935%26mt_id%3D9690033%26mt_adid%3D215543%26mt_sid%3D9955993%26mt_exid%3D62%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dd07061c9-1645-4a00-b232-e2ae32532fe8%26mt_cid%3Dd07061c9-1645-4a00-b232-e2ae32532fe8%26redirect%3D&documentReferer=https%3A%2F%2Fwww.urbandictionary.com%2F&ancestorOrigins=https%3A%2F%2Fwww.urbandictionary.com%2Chttps%3A%2F%2Fwww.urbandictionary.com&random=6905593376757&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 424

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGlXq2n2yFpRj0Ljf-58hT4&google_cver=1

Request Chain 425

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YckWRZwlS.tA.TVA2RnE-gAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGlXq2n2yFpRj0Ljf-58hT4&google_cver=1&google_hm=2

Request Chain 426

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEBOZEax9Us_Ok55V-SAGPpg&google_cver=1

Request Chain 427

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzg1MTA5NTUxMzAwNTYyMTgxOQ%3D%3D

Request Chain 447

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=47735300012161100710592011821017&t=htlp HTTP 301
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=47735300012161100710592011821017&actionid=879111&produktid=ratenkredit&dt_url=

Request Chain 450

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=47735300012161100710592011821017 HTTP 302
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=47735300012161100710592011821017 HTTP 301
https://ad-server.eu/wm/pb/native.png

Request Chain 459

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEKGs5AB7imcjzQFK7UNMqD8&google_cver=1&google_push=AYg5qPLOe1Qw08UJXUZGLon1tZ0QrxXGPXSOc6tsi0tGSkk6JkAKO7zCPBY6cuGeE_8ccxKL3sIQZMEJOpPTlsaJg8U9nhIJBpFe HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPLOe1Qw08UJXUZGLon1tZ0QrxXGPXSOc6tsi0tGSkk6JkAKO7zCPBY6cuGeE_8ccxKL3sIQZMEJOpPTlsaJg8U9nhIJBpFe&google_hm=DDp7RXKT_d7iFq9ZE86TKg

Request Chain 460

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEEBXFBz4ka0pepwHCCjBH4g&google_cver=1&google_push=AYg5qPL0pSzjj8qjkmL8Z-U-QbarWs7koono4xgmKkIj-q4QGnZjG7Uy-KR8OGQplNJLpXNWCFuE5Ye9se0k7yzpWIqLavxm8WS2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=b0YwaU1yMGIxTjFFTXU1&google_gid=CAESEEBXFBz4ka0pepwHCCjBH4g&google_cver=1&google_push=AYg5qPL0pSzjj8qjkmL8Z-U-QbarWs7koono4xgmKkIj-q4QGnZjG7Uy-KR8OGQplNJLpXNWCFuE5Ye9se0k7yzpWIqLavxm8WS2

Request Chain 461

https://um.simpli.fi/gp_match?google_gid=CAESEKBxoBdRXPG4h5q6SJrg_oI&google_cver=1&google_push=AYg5qPLi3P-FkLvREgNf5B7JINUbrZXRx_0OoqriM8tM8SIIhW9hFHfhHW62H-72SL-YVvaI7OiMrBST3U7MjuMgjw8ft5b_j1gW HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F0773C369512422CA412DB672A018B81&google_push=AYg5qPLi3P-FkLvREgNf5B7JINUbrZXRx_0OoqriM8tM8SIIhW9hFHfhHW62H-72SL-YVvaI7OiMrBST3U7MjuMgjw8ft5b_j1gW

Request Chain 462

https://ads.travelaudience.com/google_pixel?google_gid=CAESEGOq8GlSEC6FJNSsRzKelmA&google_cver=1&google_push=AYg5qPJl7z0oaJQ0STFsazbD3O4JxDIwP4SVpetq1PiN_WFOhq7-ViZpiV7Gp46CaBIHapB1Kxkbt9MC6V82LsEe5OAyYZVQLOOF HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=TOUJlC4QQNu2eYNuEt1J2Q2&google_push=AYg5qPJl7z0oaJQ0STFsazbD3O4JxDIwP4SVpetq1PiN_WFOhq7-ViZpiV7Gp46CaBIHapB1Kxkbt9MC6V82LsEe5OAyYZVQLOOF

Request Chain 463

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEIfTMwEsUmAYOzDWaH38ssk&google_cver=1&google_push=AYg5qPKK4J3g23GBHFW0R28APV6XACt6XuBmPxe-o3SB1dTzxF1M2vW9R4rCbLjXWRLOROq28jUUcSVy_15jtmrAkTmSKmEgXP7d HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEIfTMwEsUmAYOzDWaH38ssk&google_cver=1&google_push=AYg5qPKK4J3g23GBHFW0R28APV6XACt6XuBmPxe-o3SB1dTzxF1M2vW9R4rCbLjXWRLOROq28jUUcSVy_15jtmrAkTmSKmEgXP7d&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPKK4J3g23GBHFW0R28APV6XACt6XuBmPxe-o3SB1dTzxF1M2vW9R4rCbLjXWRLOROq28jUUcSVy_15jtmrAkTmSKmEgXP7d&google_hm=93256ffb12fdf780af6aa9cd

Request Chain 464

https://onetag-sys.com/sync/i,19/?google_gid=CAESENpoePLpgN5by0it2xl7NdU&google_cver=1&google_push=AYg5qPLROo30Xf8L0Rxf_SJaQEhCmLu-35nCIHSZhAyPbNVhpcHyJhCR9-eGV90VhQ4aDSwUK_9dWHbnGi8dojPlyJRxTW7OX4Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLROo30Xf8L0Rxf_SJaQEhCmLu-35nCIHSZhAyPbNVhpcHyJhCR9-eGV90VhQ4aDSwUK_9dWHbnGi8dojPlyJRxTW7OX4Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLROo30Xf8L0Rxf_SJaQEhCmLu-35nCIHSZhAyPbNVhpcHyJhCR9-eGV90VhQ4aDSwUK_9dWHbnGi8dojPlyJRxTW7OX4Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLROo30Xf8L0Rxf_SJaQEhCmLu-35nCIHSZhAyPbNVhpcHyJhCR9-eGV90VhQ4aDSwUK_9dWHbnGi8dojPlyJRxTW7OX4Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLROo30Xf8L0Rxf_SJaQEhCmLu-35nCIHSZhAyPbNVhpcHyJhCR9-eGV90VhQ4aDSwUK_9dWHbnGi8dojPlyJRxTW7OX4Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLROo30Xf8L0Rxf_SJaQEhCmLu-35nCIHSZhAyPbNVhpcHyJhCR9-eGV90VhQ4aDSwUK_9dWHbnGi8dojPlyJRxTW7OX4Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLROo30Xf8L0Rxf_SJaQEhCmLu-35nCIHSZhAyPbNVhpcHyJhCR9-eGV90VhQ4aDSwUK_9dWHbnGi8dojPlyJRxTW7OX4Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLROo30Xf8L0Rxf_SJaQEhCmLu-35nCIHSZhAyPbNVhpcHyJhCR9-eGV90VhQ4aDSwUK_9dWHbnGi8dojPlyJRxTW7OX4Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLROo30Xf8L0Rxf_SJaQEhCmLu-35nCIHSZhAyPbNVhpcHyJhCR9-eGV90VhQ4aDSwUK_9dWHbnGi8dojPlyJRxTW7OX4Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLROo30Xf8L0Rxf_SJaQEhCmLu-35nCIHSZhAyPbNVhpcHyJhCR9-eGV90VhQ4aDSwUK_9dWHbnGi8dojPlyJRxTW7OX4Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLROo30Xf8L0Rxf_SJaQEhCmLu-35nCIHSZhAyPbNVhpcHyJhCR9-eGV90VhQ4aDSwUK_9dWHbnGi8dojPlyJRxTW7OX4Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLROo30Xf8L0Rxf_SJaQEhCmLu-35nCIHSZhAyPbNVhpcHyJhCR9-eGV90VhQ4aDSwUK_9dWHbnGi8dojPlyJRxTW7OX4Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLROo30Xf8L0Rxf_SJaQEhCmLu-35nCIHSZhAyPbNVhpcHyJhCR9-eGV90VhQ4aDSwUK_9dWHbnGi8dojPlyJRxTW7OX4Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLROo30Xf8L0Rxf_SJaQEhCmLu-35nCIHSZhAyPbNVhpcHyJhCR9-eGV90VhQ4aDSwUK_9dWHbnGi8dojPlyJRxTW7OX4Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLROo30Xf8L0Rxf_SJaQEhCmLu-35nCIHSZhAyPbNVhpcHyJhCR9-eGV90VhQ4aDSwUK_9dWHbnGi8dojPlyJRxTW7OX4Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLROo30Xf8L0Rxf_SJaQEhCmLu-35nCIHSZhAyPbNVhpcHyJhCR9-eGV90VhQ4aDSwUK_9dWHbnGi8dojPlyJRxTW7OX4Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLROo30Xf8L0Rxf_SJaQEhCmLu-35nCIHSZhAyPbNVhpcHyJhCR9-eGV90VhQ4aDSwUK_9dWHbnGi8dojPlyJRxTW7OX4Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLROo30Xf8L0Rxf_SJaQEhCmLu-35nCIHSZhAyPbNVhpcHyJhCR9-eGV90VhQ4aDSwUK_9dWHbnGi8dojPlyJRxTW7OX4Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLROo30Xf8L0Rxf_SJaQEhCmLu-35nCIHSZhAyPbNVhpcHyJhCR9-eGV90VhQ4aDSwUK_9dWHbnGi8dojPlyJRxTW7OX4Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLROo30Xf8L0Rxf_SJaQEhCmLu-35nCIHSZhAyPbNVhpcHyJhCR9-eGV90VhQ4aDSwUK_9dWHbnGi8dojPlyJRxTW7OX4Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLROo30Xf8L0Rxf_SJaQEhCmLu-35nCIHSZhAyPbNVhpcHyJhCR9-eGV90VhQ4aDSwUK_9dWHbnGi8dojPlyJRxTW7OX4Q

Request Chain 465

https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEBC5bVmaLKDZylbR2aXGrrQ&google_cver=1&google_push=AYg5qPKDG81knL4lVTtdUjxiZyVcAszkhwure5WDoCRbbA0g-LT4jcEFqgjFtXeCKjZoHqoAhihnc_p-SHVmpKfjBht7UN5I2XfW_w HTTP 302
https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEBC5bVmaLKDZylbR2aXGrrQ&google_cver=1&google_push=AYg5qPKDG81knL4lVTtdUjxiZyVcAszkhwure5WDoCRbbA0g-LT4jcEFqgjFtXeCKjZoHqoAhihnc_p-SHVmpKfjBht7UN5I2XfW_w&apid=UP0471dc94-66b4-11ec-a82d-0203314ef094 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVAwNDcxZGM5NC02NmI0LTExZWMtYTgyZC0wMjAzMzE0ZWYwOTQ%3D&google_push=AYg5qPKDG81knL4lVTtdUjxiZyVcAszkhwure5WDoCRbbA0g-LT4jcEFqgjFtXeCKjZoHqoAhihnc_p-SHVmpKfjBht7UN5I2XfW_w

535 HTTP transactions
15 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.urbandictionary.com/
Redirect Chain

http://urbandictionary.com/
https://www.urbandictionary.com/

113 KB
28 KB

147ms
116ms

Document
text/html

2a04:4e42:200::425
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.urbandictionary.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::425 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b7334ff3a363a292147229f5de0a7068842a9eb81b47514c820492772824bef7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
cache-control: private
accept-ranges: bytes
date: Mon, 27 Dec 2021 01:26:27 GMT
via: 1.1 varnish
x-served-by: cache-hhn4078-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1640568387.050469,VS0,VE110
vary: Accept-Encoding,Fastly-SSL

Redirect headers

Server: Varnish
Retry-After: 0
Content-Length: 0
Location: https://www.urbandictionary.com/
Accept-Ranges: bytes
Date: Mon, 27 Dec 2021 01:26:27 GMT
Via: 1.1 varnish
Connection: close
X-Served-By: cache-hhn4033-HHN
X-Cache: HIT
X-Cache-Hits: 0
X-Timer: S1640568387.013367,VS0,VE0

GET
H2 200 css
fonts.googleapis.com/ 10 KB
1 KB 137ms
52ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lora:700|Source+Sans+Pro:400,400i,700,700i

Requested by

Host: www.urbandictionary.com
URL: https://www.urbandictionary.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d421db3f1a99d2dcc188359dc347da043170c8f56f899e97f76fa0a2fa37feb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 27 Dec 2021 00:47:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 27 Dec 2021 01:26:27 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 27 Dec 2021 01:26:27 GMT

GET
H2 200 application-384077c43dddcfdb3603b90d581812b40859fe7e69bcdd46e147fb30111cb048.css
g.udimg.com/assets/ 299 KB
38 KB 63ms
18ms Stylesheet
text/css 34.107.179.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://g.udimg.com/assets/application-384077c43dddcfdb3603b90d581812b40859fe7e69bcdd46e147fb30111cb048.css
Requested by: Host: www.urbandictionary.com
URL: https://www.urbandictionary.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.179.104 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 104.179.107.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 384077c43dddcfdb3603b90d581812b40859fe7e69bcdd46e147fb30111cb048

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 03 Dec 2021 12:14:39 GMT
content-encoding: gzip
age: 2034708
x-guploader-uploadid: ADPycdsDkNcAT85rt71IQ0G6ln22URvDvBw7soBHMMpsgLBnO0a38hH9uAnO_CPP0waC4Q9bdNHTEpNphOM42WibKv14kvgD-g
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 38166
last-modified: Tue, 21 Sep 2021 21:47:36 GMT
server: UploadServer
etag: "e54b139e4e41473088c3127b73c8a618"
vary: Accept-Encoding
x-goog-hash: crc32c=biQ7Tw==, md5=5UsTnk5BRzCIwxJ7c8imGA==
x-goog-generation: 1632260856923396
cache-control: public, max-age=31557600
x-goog-stored-content-length: 38166
accept-ranges: bytes
content-type: text/css
expires: Sat, 03 Dec 2022 12:14:39 GMT

GET
H2 200 otSDKStub.js Show response
cookie-cdn.cookiepro.com/scripttemplates/ 19 KB
7 KB 45ms
19ms Script
application/javascript 2606:4700::6812:678
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js

Requested by

Host: www.urbandictionary.com
URL: https://www.urbandictionary.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:678 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d2a74d8b25e1ccd4b1294b0b937804bc24aeea7f46edad3f3c1f91604d2708c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 27 Dec 2021 01:26:27 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
content-md5: BXRr8anumVFsMvgN5QlueA==
age: 1154
x-ms-lease-status: unlocked
last-modified: Thu, 09 Dec 2021 02:49:37 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 9dc7effa-e01e-00b3-529c-f298e0000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
cf-ray: 6c3ec2c40ef0d6d9-FRA
expires: Mon, 27 Dec 2021 05:26:27 GMT

GET
H2 200 otCCPAiab.js Show response
cdn.cookielaw.org/opt-out/ 22 KB
6 KB 36ms
18ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/opt-out/otCCPAiab.js

Requested by

Host: www.urbandictionary.com
URL: https://www.urbandictionary.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c020f54c248a55614e1dbe7002ac03e4a6ed263a6e9d460621b4894add76efcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 27 Dec 2021 01:26:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: kdqkvU4KECv4erbHaj7Yfg==
age: 1156
vary: Accept-Encoding
x-ms-lease-status: unlocked
last-modified: Tue, 21 Dec 2021 17:26:02 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 36d2f147-001e-011d-1395-f64759000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
cf-ray: 6c3ec2c40f788bee-FRA

GET
H2 200 dmedianet.js Show response
contextual.media.net/ 264 KB
87 KB 76ms
47ms Script
text/javascript 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/dmedianet.js?cid=8CUU53W3Y

Requested by

Host: www.urbandictionary.com
URL: https://www.urbandictionary.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

6a692561d1c4b19376746bfa12edbc335b222f0e0af8556df547302d6f5a2822

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-mnt-h: 10-2
content-encoding: gzip
server: Apache
etag: "1e6eb4d1281d98732a2bfc41b9f2f84c"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=300
date: Mon, 27 Dec 2021 01:26:27 GMT
strict-transport-security: max-age=604800
x-mnt-w: 8-18
expires: Mon, 27 Dec 2021 01:31:27 GMT

GET
H2 200 mug-ad-02@2x-203a6d58f606a50f84d9e7509720bf42116be9c4c967e8a5d8a9e4316545f043.png
g.udimg.com/assets/ 14 KB
14 KB 46ms
44ms Image
image/png 34.107.179.104
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g.udimg.com/assets/mug-ad-02@2x-203a6d58f606a50f84d9e7509720bf42116be9c4c967e8a5d8a9e4316545f043.png
Requested by: Host: www.urbandictionary.com
URL: https://www.urbandictionary.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.179.104 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 104.179.107.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 203a6d58f606a50f84d9e7509720bf42116be9c4c967e8a5d8a9e4316545f043

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 03 Dec 2021 12:14:39 GMT
age: 2034708
x-guploader-uploadid: ADPycdtgEZU3fx-31fFkE5bxXv-KfKB6QwpYtTt7pB8CUxMT0iOmuaz5GykyK7W20twQpZtusqcz0H_VoSMbYnovu3I
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 14501
last-modified: Thu, 04 Jun 2020 01:57:09 GMT
server: UploadServer
etag: "111c585b547f3b708f9685a667016c56"
x-goog-hash: crc32c=AQ1LFA==, md5=ERxYW1R/O3CPloWmZwFsVg==
x-goog-generation: 1591235829267136
cache-control: public, max-age=31557600
x-goog-stored-content-length: 14501
accept-ranges: bytes
content-type: image/png
expires: Sat, 03 Dec 2022 12:14:39 GMT

GET
H2 200 d3.min.js Show response
cdn.jsdelivr.net/combine/npm/jquery@2.2.4,npm/autocomplete.js@0.28.1/dist/autocomplete.jquery.min.js,npm/qtip2@3.0.3,npm/nprogress@0.1.6,npm/slick-carousel@1.4.0,npm/selectize@0.12.2/dist/js/standa... 565 KB
175 KB 49ms
33ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/combine/npm/jquery@2.2.4,npm/autocomplete.js@0.28.1/dist/autocomplete.jquery.min.js,npm/qtip2@3.0.3,npm/nprogress@0.1.6,npm/slick-carousel@1.4.0,npm/selectize@0.12.2/dist/js/standalone/selectize.min.js,npm/c3@0.4.11,npm/d3@3.5.6/d3.min.js

Requested by

Host: www.urbandictionary.com
URL: https://www.urbandictionary.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55d1549700c6a6582ea11b81f65462c69d4314a161962264e1ac81dcacf8e221

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5373560
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19139-FRA
timing-allow-origin: *
server: cloudflare
etag: W/"8d2ed-fmrcarYdFh1IjhJuAOb60hDO83A"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6c3ec2c479a5175e-FRA

GET
H2 200 twemoji.min.js Show response
twemoji.maxcdn.com/2/ 17 KB
5 KB 25ms
6ms Script
application/javascript 23.111.9.57
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://twemoji.maxcdn.com/2/twemoji.min.js
Requested by: Host: www.urbandictionary.com
URL: https://www.urbandictionary.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.57 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 0e0e5259e3ff8ea805e0c5660c6336f7f46b14332e3cafb82939e1db3da8b6f8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-fastly-request-id: 3350aaa2c8d99b77f56a872576547f806c8b746e
date: Mon, 27 Dec 2021 01:26:27 GMT
content-encoding: gzip
x-cache: HIT
powered-by: MaxCDN
last-modified: Tue, 01 Jun 2021 07:52:51 GMT
server: NetDNA-cache/2.2
x-github-request-id: 6274:C869:826ECD:862952:61C2265D
etag: W/"60b5e753-4269"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2592000
permissions-policy: interest-cohort=()
x-origin-cache: HIT
x-proxy-cache: MISS
expires: Wed, 26 Jan 2022 01:26:27 GMT

GET
H2 200 application-a03821969dec51515aef904c96b7b22223902779dd85f97251559b15d66fc503.js Show response
g.udimg.com/assets/ 495 KB
145 KB 18ms
15ms Script
application/javascript 34.107.179.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://g.udimg.com/assets/application-a03821969dec51515aef904c96b7b22223902779dd85f97251559b15d66fc503.js
Requested by: Host: www.urbandictionary.com
URL: https://www.urbandictionary.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.179.104 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 104.179.107.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: a03821969dec51515aef904c96b7b22223902779dd85f97251559b15d66fc503

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 03 Dec 2021 12:14:39 GMT
content-encoding: gzip
age: 2034708
x-guploader-uploadid: ADPycdvS0i6_6JjWFhHJVC6WznITkM29L1obF435UdS2RiCOnFjXCoRqMamulMOcYZ2T5v9MekhFKjVwbWGn0qZ3LhNRrKK2oQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 147812
last-modified: Thu, 12 Aug 2021 07:30:45 GMT
server: UploadServer
etag: "123c055b32bfd7a3a88a99ec8ea5b82e"
vary: Accept-Encoding
x-goog-hash: crc32c=eF0rUw==, md5=EjwFWzK/16OoipnsjqW4Lg==
x-goog-generation: 1628753445552747
cache-control: public, max-age=31557600
x-goog-stored-content-length: 147812
accept-ranges: bytes
content-type: application/javascript
expires: Sat, 03 Dec 2022 12:14:39 GMT

GET
H2 200 aa85cc80-7b41-47ea-a423-a1cfb833fd55.json Show response
cookie-cdn.cookiepro.com/consent/aa85cc80-7b41-47ea-a423-a1cfb833fd55/ 2 KB
2 KB 36ms
16ms XHR
application/x-javascript 2606:4700::6812:678
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/consent/aa85cc80-7b41-47ea-a423-a1cfb833fd55/aa85cc80-7b41-47ea-a423-a1cfb833fd55.json

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:678 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d680c559bfc3623cf68413feff5c1ca69374f1d313def9f674a01869f4d7af25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 27 Dec 2021 01:26:27 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
content-md5: q3j1TAWYL56u5QARR3A9Eg==
age: 1678
x-ms-lease-status: unlocked
last-modified: Tue, 30 Jun 2020 19:47:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 3990b899-f01e-004b-5a9b-f2c41e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
cf-ray: 6c3ec2c4ed2a5be9-FRA

GET
H2 200 dnsfeed Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/ 191 B
396 B 43ms
23ms Script
text/javascript 2606:4700:10::6814:b944
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/dnsfeed

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0fd429b95adc1755ffb3f7d831ac7e33dad31379239750f32c49c98f7019e45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:27 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6c3ec2c4fceb5c56-FRA

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 134ms
43ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.urbandictionary.com
URL: https://www.urbandictionary.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 6693
date: Sun, 26 Dec 2021 23:34:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 27 Dec 2021 01:34:54 GMT

GET
H2 200 sp.js Show response
cdn.jsdelivr.net/snowplow/2.6.2/ 73 KB
26 KB 19ms
17ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/snowplow/2.6.2/sp.js

Requested by

Host: www.urbandictionary.com
URL: https://www.urbandictionary.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b8ee02bddec67b4e38863e28da563f65c682459773ba2a0800a839bc98755e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5373568
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19175-FRA
timing-allow-origin: *
server: cloudflare
etag: W/"125f4-+cg3Iaww3Bw836o4InOCIAyqOtc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6c3ec2c4d9de175e-FRA

GET
H2 200 quant.js Show response
secure.quantserve.com/ 24 KB
10 KB 41ms
12ms Script
application/javascript 2620:116:800d:21:36a9:ecb:e518:b308
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.urbandictionary.com
URL: https://www.urbandictionary.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 487fce51fd801415c362f3f9f2df43c445a4b9ba38f9b6d49dfc898dc85ede94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:27 GMT
content-encoding: gzip
etag: "FMCWFRCBdbNj8Eh2c0G78Q=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Mon, 03 Jan 2022 01:26:27 GMT

GET
H/1.1 200
OK wrap.js Show response
clarium.global.ssl.fastly.net/gpt/a/ 117 KB
37 KB 35ms
7ms Script
text/javascript 151.101.129.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://clarium.global.ssl.fastly.net/gpt/a/wrap.js?v2
Requested by: Host: www.urbandictionary.com
URL: https://www.urbandictionary.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 1872504536553a906534bf7decd822fa902fe07a0133bfbc99ac2b9be6d3f427

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 27 Dec 2021 01:26:27 GMT
Via: 1.1 varnish
Server: nginx
Age: 110
X-Served-By: cache-hhn4020-HHN
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/javascript;charset=UTF-8
Content-Encoding: gzip
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Connection: keep-alive
Accept-Ranges: bytes
X-Timer: S1640568387.358789,VS0,VE1
Content-Length: 37345
X-Cache-Hits: 1

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/156796/877/ 463 KB
140 KB 47ms
8ms Script
text/javascript 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/156796/877/pwt.js
Requested by: Host: www.urbandictionary.com
URL: https://www.urbandictionary.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: eb5490233911727fc6de6b0a4641fda9991756bf842204981f7eb0bbd6179c3e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:27 GMT
content-encoding: gzip
last-modified: Thu, 07 Oct 2021 21:52:12 GMT
server: Apache/2.2.15 (CentOS)
etag: "fe0d5a-73d83-5cdca4675babf"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=98742
accept-ranges: bytes
content-type: text/javascript
content-length: 142129
expires: Tue, 28 Dec 2021 04:52:09 GMT

GET
H2

200

tag Show response
btloader.com/
Redirect Chain

https://urbandictionary-com.videoplayerhub.com/gallery.js
https://btloader.com/tag?h=urbandictionary-com&upapi=true

10 KB
5 KB

57ms
19ms

Script
application/javascript

2606:4700:20::681a:68b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?h=urbandictionary-com&upapi=true
Requested by: Host: www.urbandictionary.com
URL: https://www.urbandictionary.com/
Protocol: H2
Server: 2606:4700:20::681a:68b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 710237d7476dc2ac8494a9b0530bb2e6822f045dc661eb5364c81de1f996107f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

cf-ray: 6c3ec2c5e8108b95-FRA
date: Mon, 27 Dec 2021 01:26:27 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2604
etag: W/"27c74ff5f5cae98ac9a11c2f4f67cd5a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SyKyfNscM7B7UCSvd4Hqhcw7wKlqsYCR21BtAjmiVLlOlyvW8QTeKwAN4rII6B2jDaJ4SzP78pvGgHdlcfLoMFEhZgf2RBWbxsdTiZ6UV%2FQHit4PROkLGKWL8GjNVeCL6Jan8GZXcgwPkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=1800, must-revalidate
content-encoding: br

Redirect headers

date: Mon, 27 Dec 2021 01:26:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dfcshgPCVgdAgWvIoihCJYxnigN21tKQlnieFBsCPn9733KXXm9rwLu0E%2Fsd9o2IFIG2URyTd8ym%2Fc1xCp%2BwmALB4R7Cy1sBvVFF7%2FtpYqtCofmUDDDm7bfVRTWLSF1XSVrgCAWXXjGSawijmQh7SiH%2B%2F%2F%2F8jdz5K4dy2j%2Bm0jJmLp7p"}],"group":"cf-nel","max_age":604800}
location: https://btloader.com/tag?h=urbandictionary-com&upapi=true
cache-control: max-age=3600
cf-ray: 6c3ec2c50ba7695e-FRA
expires: Mon, 27 Dec 2021 02:26:27 GMT

GET
H2 200 logo-1b439b7fa6572b659fbef161d8946372f472ef8e7169db1e47d21c91b410b918.svg
g.udimg.com/assets/ 3 KB
3 KB 43ms
43ms Image
image/svg+xml 34.107.179.104
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g.udimg.com/assets/logo-1b439b7fa6572b659fbef161d8946372f472ef8e7169db1e47d21c91b410b918.svg
Requested by: Host: www.urbandictionary.com
URL: https://www.urbandictionary.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.179.104 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 104.179.107.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 1b439b7fa6572b659fbef161d8946372f472ef8e7169db1e47d21c91b410b918

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 24 Dec 2021 16:15:41 GMT
age: 205846
x-guploader-uploadid: ADPycduo69Y0Uoo58PNekqci-PZkmXFcy76SZtsnqG-DYat1b5u58QvZ3Nqh7CrMlCmgrrVGiF_SVnkKMAjTk5T3uQI8U2iRFQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 3076
last-modified: Thu, 04 Jun 2020 01:57:13 GMT
server: UploadServer
etag: "8a4a70f9fcaded342f07628faffbd33b"
x-goog-hash: crc32c=PEw9zQ==, md5=ikpw+fyt7TQvB2KPr/vTOw==
x-goog-generation: 1591235833115358
cache-control: public, max-age=31557600
x-goog-stored-content-length: 3076
accept-ranges: bytes
content-type: image/svg+xml
expires: Sat, 24 Dec 2022 16:15:41 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v18/ 13 KB
13 KB 125ms
40ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v18/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lora:700|Source+Sans+Pro:400,400i,700,700i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7209c26bc245ae1b293f4b9622201b1dc97282229a2e8fcae555f36caa8650e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.urbandictionary.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 14:06:47 GMT
x-content-type-options: nosniff
age: 472780
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13008
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 18:10:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 21 Dec 2022 14:06:47 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v18/ 13 KB
13 KB 134ms
49ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v18/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lora:700|Source+Sans+Pro:400,400i,700,700i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

428f1eb7935944229430ac0fdce0033f05d9b8c1c020b87c681dd7a78ab4dd19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.urbandictionary.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 14:56:27 GMT
x-content-type-options: nosniff
age: 383400
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13080
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 18:10:26 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 22 Dec 2022 14:56:27 GMT

GET
H2 200 0QI6MX1D_JOuGQbT0gvTJPa787z5vBJBkq0.woff2
fonts.gstatic.com/s/lora/v20/ 19 KB
19 KB 191ms
106ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lora/v20/0QI6MX1D_JOuGQbT0gvTJPa787z5vBJBkq0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lora:700|Source+Sans+Pro:400,400i,700,700i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5d9bb5c1067545ab7bc5ec13a1bf70b5e58d858343a06bcef6b6dd74dfa935c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.urbandictionary.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 14:02:01 GMT
x-content-type-options: nosniff
age: 473066
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19124
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 18:00:37 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 21 Dec 2022 14:02:01 GMT

GET
H2 200 6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDI.woff2
fonts.gstatic.com/s/sourcesanspro/v18/ 12 KB
12 KB 165ms
80ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v18/6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lora:700|Source+Sans+Pro:400,400i,700,700i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b49f18370ab654be0367fb969d5015649fdf5406bcbec33e5b0644f4bb7fe0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.urbandictionary.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 03:09:21 GMT
x-content-type-options: nosniff
age: 425826
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12580
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 18:18:45 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 22 Dec 2022 03:09:21 GMT

GET
H2 200 6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZZclSds18Q.woff2
fonts.gstatic.com/s/sourcesanspro/v18/ 12 KB
12 KB 174ms
90ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v18/6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZZclSds18Q.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lora:700|Source+Sans+Pro:400,400i,700,700i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

243d70f43a15541e81882d53fc506e0d6d7360c7f9f88046ee80db70174bb5c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.urbandictionary.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 18:21:58 GMT
x-content-type-options: nosniff
age: 371069
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12628
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 18:10:36 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 22 Dec 2022 18:21:58 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 193 B
226 B 18ms
18ms Script
text/javascript 2606:4700:10::6814:b944
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

09b7ece464c01f640c13fdceb08bb12ab4a2db787f36a8253c109ea3d4f7d9f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:27 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6c3ec2c57d805c56-FRA

GET
H2 200 bping.php
lg3.media.net/ 35 B
189 B 16ms
7ms Image
image/gif 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bping.php?&gdpr=1&uspenf=2&prid=7PRFT79UO&cid=8CUU53W3Y&crid=327825625&vi=1640568387893781905&ugd=4&lf=6&cc=DE&sc=HE&wsip=2886781335&r=1640568387496&requrl=https%3A%2F%2Fwww.urbandictionary.com%2F&vgd_l2type=setting&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=39351&vgd_rakh=1640568387136354907&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fdmedianet.js&vgd_pbcm=1&vgd_pgid=p11160540481t202112270126&vgd_pgids=1&vgd_uspa=1&vgd_usps=con&vgd_uspcs=1---&vgd_uspcss=cmp&hvsid=00001640568387492031177838086632&gdpr=1&uspenf=2&vgd_end=1

Requested by

Host: www.urbandictionary.com
URL: https://www.urbandictionary.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=21600
server: Apache
date: Mon, 27 Dec 2021 01:26:27 GMT
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Mon, 27 Dec 2021 01:26:27 GMT

GET
H2 200 i
click.udimg.com/ 35 B
495 B 281ms
231ms Image
image/gif 35.190.23.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://click.udimg.com/i?stm=1640568387510&e=pv&url=https%3A%2F%2Fwww.urbandictionary.com%2F&page=Urban%20Dictionary%2C%20December%2027%3A%20Green%20Flag&tv=js-2.6.2&tna=cf&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&cookie=1&eid=aae4122d-278a-4410-b590-0f2e9ea22edf&dtm=1640568387509&vp=1600x1200&ds=1600x4723&vid=1&sid=9c23d488-653d-482a-b796-6ea07512cca3&duid=60125986-da15-4564-b5c6-e0ba5868bab5&fp=401617179&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic3RhY2siOiJzcGFyayJ9XX0
Requested by: Host: www.urbandictionary.com
URL: https://www.urbandictionary.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.23.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.23.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:27 GMT
x-guploader-uploadid: ADPycduhJPQkGnisAVcKQ2p4BkYQuUuZFBKA1CyzoEfOWlGi6c7UiDP9BlO8PqpvqTaY-OG6xo2FKTUh0HvLOnx_IBE
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 35
last-modified: Fri, 25 Aug 2017 23:28:10 GMT
server: UploadServer
etag: "28d6814f309ea289f847c69cf91194c6"
x-goog-hash: crc32c=6AobSA==, md5=KNaBTzCeoon4R8ac+RGUxg==
x-goog-generation: 1503703690241581
cache-control: public, max-age=3600
x-goog-stored-content-length: 35
accept-ranges: bytes
content-type: image/gif
expires: Mon, 27 Dec 2021 02:26:27 GMT

GET
H2 200 rules-p-77H27_lnOeCCI.js Show response
rules.quantcount.com/ 130 B
565 B 42ms
11ms Script
application/javascript 2600:9000:211e:d400:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-77H27_lnOeCCI.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:d400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e46c0a900716a463eadee0338a05548ced6a084199d066229426d42b9273d263

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:03:06 GMT
via: 1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
age: 1410
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 130
last-modified: Thu, 13 Apr 2017 01:01:47 GMT
server: AmazonS3
etag: "401074ab6d1cf1dca87aa37103d63ec1"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
x-amz-cf-id: mAd-wYIbYNPiW3DIgV4XC0VyPh8W8E4d7qwxHkkAoXYydVCuW4Y00w==

GET
H2 200 pixel;r=1395992519;rf=3;a=p-77H27_lnOeCCI;url=https%3A%2F%2Fwww.urbandictionary.com%2F;uht=2;fpan=1;fpa=P0-1198160337-1640568387534;pbc=;ns=0;ce=1;qjs=1;qv=92a3679b-20211110211611;cm=;gdpr=0;us_pri...
pixel.quantserve.com/ 35 B
372 B 41ms
15ms Image
image/gif 2620:116:800d:21:36a9:ecb:e518:b308
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1395992519;rf=3;a=p-77H27_lnOeCCI;url=https%3A%2F%2Fwww.urbandictionary.com%2F;uht=2;fpan=1;fpa=P0-1198160337-1640568387534;pbc=;ns=0;ce=1;qjs=1;qv=92a3679b-20211110211611;cm=;gdpr=0;us_privacy=1---;ref=;d=urbandictionary.com;je=0;sr=1600x1200x24;dst=0;et=1640568387533;tzo=0;ogl=description.A%20Green%20Flag%20is%20the%20direct%20opposite%20of%20a%20Red%20Flag%252E%20You%20know%20those%20things%20we%20know%2Ctitle.Urban%20Dictionary%252C%20December%2027%3A%20Green%20Flag%2Csite_name.Urban%20Dictionary

Requested by

Host: www.urbandictionary.com
URL: https://www.urbandictionary.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:27 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 79ms
31ms Script
application/javascript 13.35.253.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.urbandictionary.com
URL: https://www.urbandictionary.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.253.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-75.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 04:13:55 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 159972
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: 2Rt0e0RB_jntYgtURSLIJe8LM6NYhCnyKatjSbAOzGSXCB0yVor8qg==

GET
H2 200 uncacheable Show response
api.urbandictionary.com/v0/ 374 B
662 B 736ms
328ms XHR
application/json 2a00:1450:4019:80c::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.urbandictionary.com/v0/uncacheable?ids=15760185%2C2090762%2C4429605%2C3513929%2C2162685%2C3379384%2C15845993
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/combine/npm/jquery@2.2.4,npm/autocomplete.js@0.28.1/dist/autocomplete.jquery.min.js,npm/qtip2@3.0.3,npm/nprogress@0.1.6,npm/slick-carousel@1.4.0,npm/selectize@0.12.2/dist/js/standalone/selectize.min.js,npm/c3@0.4.11,npm/d3@3.5.6/d3.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4019:80c::2013 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 1d5f9db72b5578f215d3d6db952260c149fb70fd3dceeaf62cb89dcea9bb0b4f

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.urbandictionary.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:28 GMT
server: Google Frontend
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.urbandictionary.com
x-cloud-trace-context: 0a01082ea8301c9250cf5fdfc9b9289f
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-license: http://api.urbandictionary.com/
content-length: 374

GET
DATA 200
OK truncated
/ 58 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fef5a41be1b827a1729f19bcd123a57ee3f2cb8dc9074fffa4ab5b807f503514

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 otBannerSdk.js Show response
cookie-cdn.cookiepro.com/scripttemplates/6.2.0/ 325 KB
63 KB 36ms
35ms Script
application/javascript 2606:4700::6812:678
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/scripttemplates/6.2.0/otBannerSdk.js

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:678 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

614305ee414f9b73b89b32101c278293814beb310525293d2c24f35c1cd9de0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 27 Dec 2021 01:26:27 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
content-md5: Faq6ojkjeFBEt00AhvcPjA==
age: 5143165
x-ms-lease-status: unlocked
last-modified: Wed, 24 Jun 2020 21:26:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: f6933ccd-701e-0008-12f9-cb2242000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
cf-ray: 6c3ec2c68848d6d9-FRA
expires: Mon, 27 Dec 2021 05:26:27 GMT

GET
H2 200 100w_s.gif
media.giphy.com/media/LmWnCBTOGUmw8/ 11 KB
11 KB 92ms
19ms Image
image/gif 199.232.198.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.giphy.com/media/LmWnCBTOGUmw8/100w_s.gif

Requested by

Host: www.urbandictionary.com
URL: https://www.urbandictionary.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.198.2 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0c07b5df9ce1c2b83014f44b8607e1e60cf9730a30240fcdaaeada1a63d103ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=15465600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:27 GMT
via: kong/0.34-1-enterprise-edition, 1.1 varnish, 1.1 varnish
age: 4031792
x-kong-proxy-latency: 1
x-cache: HIT, HIT
x-kong-upstream-latency: 285
cross-origin-resource-policy: cross-origin
content-length: 11411
x-served-by: cache-bwi5154-BWI, cache-hhn4068-HHN
x-timer: S1640568388.718205,VS0,VE1
strict-transport-security: max-age=15465600
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 100w.webp
media.giphy.com/media/LmWnCBTOGUmw8/ 16 KB
16 KB 89ms
24ms Image
image/webp 199.232.198.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.giphy.com/media/LmWnCBTOGUmw8/100w.webp

Requested by

Host: www.urbandictionary.com
URL: https://www.urbandictionary.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.198.2 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

955508e747dcd797570bace5a506277a6895660c637947ee4fcf69657b85a816

Security Headers

Name	Value
Strict-Transport-Security	max-age=15465600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:27 GMT
via: 1.1 varnish, 1.1 varnish
age: 2929760
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 15936
x-served-by: cache-bwi5127-BWI, cache-hhn4068-HHN
last-modified: Wed, 24 Jul 2019 05:54:44 GMT
x-timer: S1640568388.718275,VS0,VE1
etag: "b0e4d79e0157e726f12f816f1b2f6b81"
strict-transport-security: max-age=15465600
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
x-cache-hits: 1, 1

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 91ms
16ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.urbandictionary.com%2F&domain=www.urbandictionary.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.urbandictionary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
access-control-allow-origin: https://www.urbandictionary.com
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1368
date: Mon, 27 Dec 2021 01:26:27 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.urbandictionary.com%2F&domain=www.urbandictionary.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=K0ZJZXxJTDNRWUpJeXN2K2VmWGlsd2RvODZCM3QvVitJUGJaZERNek9aVWRKZ0pwYUcyNlBxWWpSWUY2ZXlxNXZhZ3VsWnM4NUVnMnJjbXRadkZ3NHhHRVZZUk95WmhHZktVUVRKWVNrdHhxN1E4MW8vaElTSUdMNjFtbW...

356 B
622 B

46ms
16ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=K0ZJZXxJTDNRWUpJeXN2K2VmWGlsd2RvODZCM3QvVitJUGJaZERNek9aVWRKZ0pwYUcyNlBxWWpSWUY2ZXlxNXZhZ3VsWnM4NUVnMnJjbXRadkZ3NHhHRVZZUk95WmhHZktVUVRKWVNrdHhxN1E4MW8vaElTSUdMNjFtbWpzemtaSDhCVGZKaHBDOWxxbnVLb1EyR1FZdmVsRGdZTVlDdHk0Zm9zNFhkSC9xSk9OYzQ2QkdWMHBQdkwwekFiT1dmcVpmVmlyUmlxbFRkaXBLTG5EdTBNeTM3L0ptT2FKVVF1SncxQVRaQ1BqRjFOcENNcnluOVRaUDA4UFp5NlByY3o0c3lnfA&cppv=2

Requested by

Host: www.urbandictionary.com
URL: https://www.urbandictionary.com/

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

8554834885c022b9ae43216d18490e5f390a18a1aabac694b38752ded8a92733

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:27 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2338
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:27 GMT
location: https://mug.criteo.com/sid?cpp=K0ZJZXxJTDNRWUpJeXN2K2VmWGlsd2RvODZCM3QvVitJUGJaZERNek9aVWRKZ0pwYUcyNlBxWWpSWUY2ZXlxNXZhZ3VsWnM4NUVnMnJjbXRadkZ3NHhHRVZZUk95WmhHZktVUVRKWVNrdHhxN1E4MW8vaElTSUdMNjFtbWpzemtaSDhCVGZKaHBDOWxxbnVLb1EyR1FZdmVsRGdZTVlDdHk0Zm9zNFhkSC9xSk9OYzQ2QkdWMHBQdkwwekFiT1dmcVpmVmlyUmlxbFRkaXBLTG5EdTBNeTM3L0ptT2FKVVF1SncxQVRaQ1BqRjFOcENNcnluOVRaUDA4UFp5NlByY3o0c3lnfA&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.urbandictionary.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 3932
content-length: 509
expires: 0

GET
H2

200

j Show response
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/j?wpn=prebid&pu=https%3A%2F%2Fwww.urbandictionary.com%2F&duid=7b1bfe6a19f7--01fqwqxy2w38z9mjq37dmtjmcx&se=e30&dtstmp=1640568387678
https://rp4.liadm.com/j?wpn=prebid&pu=https%3A%2F%2Fwww.urbandictionary.com%2F&duid=7b1bfe6a19f7--01fqwqxy2w38z9mjq37dmtjmcx&se=e30&dtstmp=1640568387678&i6=MmEwMzoxYjIwOjY6ZjAxMTo6NmU%3D&n3pc=true

13 B
569 B

327ms
96ms

XHR
application/json

34.238.14.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rp4.liadm.com/j?wpn=prebid&pu=https%3A%2F%2Fwww.urbandictionary.com%2F&duid=7b1bfe6a19f7--01fqwqxy2w38z9mjq37dmtjmcx&se=e30&dtstmp=1640568387678&i6=MmEwMzoxYjIwOjY6ZjAxMTo6NmU%3D&n3pc=true

Requested by

Host: www.urbandictionary.com
URL: https://www.urbandictionary.com/

Protocol

Server

34.238.14.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-238-14-155.compute-1.amazonaws.com

Software

nginx/1.18.0 /

Resource Hash

efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:28 GMT
x-pixel-event-id: cdecdce1-8950-4d23-80d0-048689568c42
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
request-time: 1
vary: Origin
content-length: 13
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
server: nginx/1.18.0
x-frame-options: DENY
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json
access-control-allow-origin: null
access-control-allow-credentials: true
trace-id: d0de01347698d154

Redirect headers

date: Mon, 27 Dec 2021 01:26:27 GMT
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
server: nginx/1.18.0
vary: Origin
location: https://rp4.liadm.com/j?wpn=prebid&pu=https%3A%2F%2Fwww.urbandictionary.com%2F&duid=7b1bfe6a19f7--01fqwqxy2w38z9mjq37dmtjmcx&se=e30&dtstmp=1640568387678&i6=MmEwMzoxYjIwOjY6ZjAxMTo6NmU%3D&n3pc=true
x-frame-options: DENY
access-control-allow-origin: https://www.urbandictionary.com
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
trace-id: 3176ae9c2e3deabd
request-time: 0
content-length: 0
x-content-type-options: nosniff

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 78 KB
27 KB 181ms
47ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.urbandictionary.com
URL: https://www.urbandictionary.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1907478e8fa62801a1db26be87cab0755288131c9c8e80320582e560825df3cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1083 / 285 of 1000 / last-modified: 1639397097"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26912
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 27 Dec 2021 01:26:27 GMT

GET
H2

404

insync
thrtle.com/
Redirect Chain

https://px.britepool.com/new?partner_id=t
https://thrtle.com/insync?vxii_pid=10054&vxii_pdid=bbb932dd-b0ad-4c3c-8c11-07739ec9e8e0

0
0

312ms
101ms

Image
text/html

23.20.7.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thrtle.com/insync?vxii_pid=10054&vxii_pdid=bbb932dd-b0ad-4c3c-8c11-07739ec9e8e0
Requested by: Host: www.urbandictionary.com
URL: https://www.urbandictionary.com/
Protocol: H2
Server: 23.20.7.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-20-7-162.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Redirect headers

Date: Mon, 27 Dec 2021 01:26:28 GMT
Server: nginx
Vary: negotiate,Accept-Encoding
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://thrtle.com/insync?vxii_pid=10054&vxii_pdid=bbb932dd-b0ad-4c3c-8c11-07739ec9e8e0
Cache-Control: no-cache, no-store, private
Tcn: Choice
Connection: keep-alive
Content-Length: 0
X-Xss-Protection: 0
X-Request-Id: b74c6f0bbeebda1d63d05ea3cb66b9cc
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 favicon.ico
ad.doubleclick.net/ 1 KB
664 B 140ms
47ms Image
image/x-icon 142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: www.urbandictionary.com
URL: https://www.urbandictionary.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 10:57:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52156
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 27 Dec 2021 10:57:11 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
936 B 79ms
20ms Image
image/gif 2606:4700:20::ac43:4513
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.08671610954487297
Requested by: Host: www.urbandictionary.com
URL: https://www.urbandictionary.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
date: Mon, 27 Dec 2021 01:26:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2906
x-guploader-uploadid: ADPycduQXvKmfVZrx1VhfzYfNLT6UUHsqz4AUU_5avNm_yqiJx86d4YbAvjVWf9WfgQvfGeV6YmAmXQUKor8pah9Rg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-type: image/gif
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZMo3ZjJ4RI2UxprMYhxt%2FtVWEMX7F25KYXJLpmrHEhjHYr97OR%2BKkCdv276aj%2FE7j0zNPEoqL8L6cld3R%2FejNlDxwKLkKqomt98v%2FdWYuqQjlmQIXsJfH7HZdBW6Y9Dy3qQRvFwOCsjyeUyKAw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1620242732037093
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=86400
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 6c3ec2c7783e68e5-FRA
expires: Mon, 27 Dec 2021 01:20:20 GMT

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=31506057&ns__t=1640568387699&ns_c=UTF-8&cv=3.5&c8=Urban%20Dictionary%2C%20December%2027%3A%20Green%20Flag&c7=https%3A%2F%2Fwww.urbandictionary.com%2F&c9=
https://sb.scorecardresearch.com/b2?c1=2&c2=31506057&ns__t=1640568387699&ns_c=UTF-8&cv=3.5&c8=Urban%20Dictionary%2C%20December%2027%3A%20Green%20Flag&c7=https%3A%2F%2Fwww.urbandictionary.com%2F&c9=

0
223 B

10ms
10ms

Image
text/plain

13.35.253.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=31506057&ns__t=1640568387699&ns_c=UTF-8&cv=3.5&c8=Urban%20Dictionary%2C%20December%2027%3A%20Green%20Flag&c7=https%3A%2F%2Fwww.urbandictionary.com%2F&c9=
Requested by: Host: www.urbandictionary.com
URL: https://www.urbandictionary.com/
Protocol: H2
Server: 13.35.253.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-75.fra6.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:27 GMT
via: 1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id: iuRDKfJM9eWKf-OzDVS9xczO929-yJzEcvnYSO5IMzVSFSHyzC3KMg==
x-cache: Miss from cloudfront

Redirect headers

date: Mon, 27 Dec 2021 01:26:27 GMT
via: 1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=31506057&ns__t=1640568387699&ns_c=UTF-8&cv=3.5&c8=Urban%20Dictionary%2C%20December%2027%3A%20Green%20Flag&c7=https%3A%2F%2Fwww.urbandictionary.com%2F&c9=
content-length: 219
x-amz-cf-id: YPrjSiBy4gPBuaMhdrNkr8aaA1nmll8LQCKyFw9S8KerobRksSHgYQ==

GET
H2 200 en.json Show response
cookie-cdn.cookiepro.com/consent/aa85cc80-7b41-47ea-a423-a1cfb833fd55/cfbe3829-1033-42a5-8c7b-38dd74f6cb3d/ 38 KB
8 KB 26ms
26ms Fetch
application/x-javascript 2606:4700::6812:678
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/consent/aa85cc80-7b41-47ea-a423-a1cfb833fd55/cfbe3829-1033-42a5-8c7b-38dd74f6cb3d/en.json

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/6.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:678 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

09b6c25e51389cfe88a8dc892ccfc298f2db8f284613c564717f5e7aa22f0bfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 27 Dec 2021 01:26:27 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
content-md5: l8bZciD1BiKAUlDaqH5+1w==
age: 1669
x-ms-lease-status: unlocked
last-modified: Tue, 30 Jun 2020 19:47:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 31c13700-901e-0086-629b-f2f4f4000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
cf-ray: 6c3ec2c73ecd5be9-FRA

GET
H2 200 otFlat.json Show response
cookie-cdn.cookiepro.com/scripttemplates/6.2.0/assets/ 23 KB
4 KB 19ms
18ms Fetch
application/json 2606:4700::6812:678
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/scripttemplates/6.2.0/assets/otFlat.json

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/6.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:678 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84153107c9783beb9cd872cea87403d57ef93bde35eb9c4e9432dfc9d594b94f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 27 Dec 2021 01:26:27 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
content-md5: PMy/rO33ZxNqN5zz4lNYEg==
age: 1042
x-ms-lease-status: unlocked
last-modified: Wed, 24 Jun 2020 21:25:46 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: df2a0bc0-201e-0093-0306-f6e347000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
cf-ray: 6c3ec2c76eff5be9-FRA
expires: Mon, 27 Dec 2021 05:26:27 GMT

GET
H2 200 otPcCenter.json Show response
cookie-cdn.cookiepro.com/scripttemplates/6.2.0/assets/ 100 KB
18 KB 22ms
21ms Fetch
application/json 2606:4700::6812:678
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/scripttemplates/6.2.0/assets/otPcCenter.json

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/6.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:678 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

10ab566c9fb0560fc9b7690af2b2a06cb4ce5af583a6e9796d1ece57c702c5e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 27 Dec 2021 01:26:27 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
content-md5: khu7UrcWK2GuRVvI036GCQ==
age: 4470566
x-ms-lease-status: unlocked
last-modified: Wed, 24 Jun 2020 21:25:47 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: acab7cef-a01e-001b-1c17-d2064e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
cf-ray: 6c3ec2c77f005be9-FRA
expires: Mon, 27 Dec 2021 05:26:27 GMT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 54ms
15ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1036
date: Mon, 27 Dec 2021 01:26:27 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H2 204 pv Show response
api.btloader.com/ 0
96 B 155ms
116ms XHR
text/plain 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/pv?tid=zwCZMjec6&w=5632833957658624&o=5640981779054592&cv=2.0.2-2-gfdc9054&r=false&pageURL=https%3A%2F%2Fwww.urbandictionary.com%2F&upapi=true
Requested by: Host: urbandictionary-com.videoplayerhub.com
URL: https://urbandictionary-com.videoplayerhub.com/gallery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 27 Dec 2021 01:26:27 GMT
cache-control: no-cache, no-store, must-revalidate
vary: Origin
alt-svc: clear
via: 1.1 google

GET
H2 200 pubads_impl_2021120601.js Show response
securepubads.g.doubleclick.net/gpt/ 348 KB
117 KB 148ms
50ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119476
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 09:34:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 27 Dec 2021 01:26:28 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 124 B
737 B 147ms
49ms XHR
application/json 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.urbandictionary.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

148e5dde391de40ea192a2ae2055879603a0d5a9f25b7b176f16693ee1516a21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Dec 2021 01:26:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 101
x-xss-protection: 0
expires: Mon, 27 Dec 2021 01:26:28 GMT

POST
H2 200 hb-cm Show response
prebid.media.net/rtb/ 632 B
594 B 147ms
109ms XHR
application/json 34.107.148.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/hb-cm?cid=8HBY45V83
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/dmedianet.js?cid=8CUU53W3Y
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 72f70f5404f95af014f9497b4a34612f37e24f98f7844c3d42392633c116bba9

Request headers

Referer: https://www.urbandictionary.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:28 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.urbandictionary.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H2 200 pfcmdynet.js Show response
contextual.media.net/fc/1045354880/ 80 KB
25 KB 147ms
147ms Script
text/javascript 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/fc/1045354880/pfcmdynet.js?cb=window._mNDetails.initAd&&gdpr=1&uspenf=2&cid=8CUU53W3Y&cpcd=kd3SDNcT0D4O2qOois3E0w%3D%3D&crid=327825625&size=600x250&cc=DE&https=1&vif=1&requrl=https%3A%2F%2Fwww.urbandictionary.com%2F&nse=5&vi=1640568387893781905&lw=1&ugd=4&rtbs=1&nb=1

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/dmedianet.js?cid=8CUU53W3Y

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

6ea55309b41249727d51da7543ae1ccb4c50e883ec85e27d3c1ece612fec9dd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
x-mnt-hl2: 10-8
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=0, no-cache, no-store
date: Mon, 27 Dec 2021 01:26:28 GMT
x-mnt-w: 8-32
content-length: 25506
expires: Mon, 27 Dec 2021 01:26:28 GMT

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame B032 22 KB
8 KB 69ms
69ms Document
text/html 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8HBY45V83&prvid=2033%2C3020%2C2030%2C3018%2C3017%2C3016%2C3015%2C3014%2C238%2C117%2C54%2C99%2C77%2C3012%2C3010%2C184%2C141%2C241%2C188%2C3007%2C102%2C4%2C246%2C203%2C226%2C10000%2C9%2C108%2C208&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&uspstring=1---&itype=HB-CM

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/dmedianet.js?cid=8CUU53W3Y

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

185bd6adbe2e2cdd0934c564853b7903526b51a6fb75ba9443e8956d5392c48b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/

Response headers

server: Apache
content-type: text/html; charset=UTF-8
x-mnet-hl2: E
strict-transport-security: max-age=604800
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=172800
expires: Wed, 29 Dec 2021 01:26:28 GMT
date: Mon, 27 Dec 2021 01:26:28 GMT
content-length: 8115

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 10 KB
4 KB 66ms
65ms XHR
application/json 34.107.148.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU4TR801
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156796/877/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: a28d5bb2dfe3df501f9ada7611a9064d9b5dbdf0cec09c465d3409b1aa8af422

Request headers

Referer: https://www.urbandictionary.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:28 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.urbandictionary.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

POST
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
119 B 107ms
72ms XHR
text/plain 35.157.51.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156796/877/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.51.51 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-51-51.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.urbandictionary.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.urbandictionary.com
date: Mon, 27 Dec 2021 01:26:28 GMT
access-control-allow-credentials: true
vary: Origin

POST
H2 200 v2 Show response
e.serverbid.com/api/ 711 B
993 B 309ms
102ms XHR
application/json 165.227.252.242
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://e.serverbid.com/api/v2
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156796/877/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 165.227.252.242 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: acc1ca755792e32aa69e909064b90362857fb423614b62ee7ea99af20aeeaa3d

Request headers

Referer: https://www.urbandictionary.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.urbandictionary.com
date: Mon, 27 Dec 2021 01:26:28 GMT
access-control-allow-credentials: true
content-length: 711
vary: Origin
content-type: application/json

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
66 B 124ms
51ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156796/877/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.urbandictionary.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.urbandictionary.com
date: Mon, 27 Dec 2021 01:26:27 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 115ms
73ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96945a017373a17480a66ed38c02d8&pos=1031683_ud_ros_728x90_atf_flex_2&cmd=bid&secure=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156796/877/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 1e5983fa4d2be2eac40981cf1b0df95075835a7755d95449835ad1ab42203544

Request headers

Referer: https://www.urbandictionary.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 27 Dec 2021 01:26:28 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.urbandictionary.com
access-control-allow-credentials: true
content-length: 62

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 357 B
1 KB 767ms
252ms XHR
application/json 2602:803:c001::200:194
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=6317&site_id=126350&zone_id=598142&size_id=2&alt_size_ids=55&eid_pubcid.org=78e57d15-dd1e-46ae-98a1-7869c20eb5ce%5E1&rf=https%3A%2F%2Fwww.urbandictionary.com%2F&tg_i.dfp_ad_unit_code=1031683%2FUD_ROS_728x90_ATF_Flex&tg_i.pbadslot=1031683%2FUD_ROS_728x90_ATF_Flex&tk_flint=pbjs_lite_v4.43.0&x_source.tid=6c8f118e-6561-4d5f-93d4-642b7f154b75&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5031395452727976
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156796/877/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c001::200:194 San Jose, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 1b98066a9186221b5008ac5dda12ea40c2cc1c0362715ebd871ae046b60ebdee

Request headers

Referer: https://www.urbandictionary.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 27 Dec 2021 01:26:28 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.urbandictionary.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 357
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 mvo Show response
tag.1rx.io/rmp/74121/0/ 0
179 B 64ms
20ms XHR
text/plain 213.19.147.42
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/74121/0/mvo?z=1r&hbv=4.43,2.1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156796/877/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.urbandictionary.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.urbandictionary.com
pragma: no-cache
date: Mon, 27 Dec 2021 01:26:28 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: Tengine

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 53 B
743 B 59ms
22ms XHR
application/json 185.33.221.15
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156796/877/pwt.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.urbandictionary.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 27 Dec 2021 01:26:28 GMT
X-Proxy-Origin: 185.213.155.166; 185.213.155.166; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 3b491073-2b2a-44f0-9e01-d9644dd36713
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.urbandictionary.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 53
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 94 B
754 B 153ms
84ms XHR
application/json 216.52.2.19
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.43.0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156796/877/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: 00b7b3e4dd39d512a1f08ef786856b720475af62051658af277c0cf357c99b1c

Request headers

Referer: https://www.urbandictionary.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 27 Dec 2021 01:26:28 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://www.urbandictionary.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap4ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 99

POST
H2 200 auction Show response
tlx.3lift.com/header/ 2 KB
2 KB 295ms
271ms XHR
application/json 18.184.69.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=4.43.0&referrer=https%3A%2F%2Fwww.urbandictionary.com%2F&tmax=1551

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156796/877/pwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.184.69.62 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-184-69-62.eu-central-1.compute.amazonaws.com

Software

Resource Hash

f8a2a9a8910819e9dd33c9df27097653785db9423adea8d3c55927596292cd73

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.urbandictionary.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:28 GMT
content-encoding: gzip
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.urbandictionary.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 1354
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 37 B
339 B 96ms
65ms XHR
application/json 184.31.84.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=191164&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2221027c2b9f57f13%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.urbandictionary.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.0%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%222229dfcd2743fad%22%2C%22ext%22%3A%7B%22siteID%22%3A%22191164%22%2C%22sid%22%3A%221%22%2C%22dfp_ad_unit_code%22%3A%22%2F1031683%2FUD_ROS_728x90_ATF_Flex%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2223c330d7d126496%22%2C%22ext%22%3A%7B%22siteID%22%3A%22191164%22%2C%22sid%22%3A%221%22%2C%22dfp_ad_unit_code%22%3A%22%2F1031683%2FUD_ROS_728x90_ATF_Flex%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156796/877/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-31-84-150.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 2fffa17e889bf55d0fd9fcd1dee7ae7044298ed8e7ea69c480ab9a1b1a3c1961

Request headers

Referer: https://www.urbandictionary.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:28 GMT
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[185.213.155.166], XFF:[]
server: Apache
content-type: application/json
access-control-allow-origin: https://www.urbandictionary.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 37
x-ak-client-geo: 12
expires: Mon, 27 Dec 2021 01:26:28 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
66 B 120ms
57ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156796/877/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.urbandictionary.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.urbandictionary.com
date: Mon, 27 Dec 2021 01:26:27 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 10 KB
4 KB 58ms
58ms XHR
application/json 34.107.148.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU4TR801
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156796/877/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 1cf39622a056725a42e0541d2dcb6f2975fd1dff4d8fa470d1df908685b86cd1

Request headers

Referer: https://www.urbandictionary.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:28 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.urbandictionary.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 2 KB
3 KB 86ms
60ms XHR
application/json 184.31.84.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=191166&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22295fc14201f8ef8%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.urbandictionary.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.0%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2230f3a28a5038525%22%2C%22ext%22%3A%7B%22siteID%22%3A%22191166%22%2C%22sid%22%3A%223%22%2C%22dfp_ad_unit_code%22%3A%22%2F1031683%2FUD_ROS_300x250_ATF_Flex%22%7D%2C%22banner%22%3A%7B%22w%22%3A192%2C%22h%22%3A256%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2231ce59c6c474b13%22%2C%22ext%22%3A%7B%22siteID%22%3A%22191166%22%2C%22sid%22%3A%223%22%2C%22dfp_ad_unit_code%22%3A%22%2F1031683%2FUD_ROS_300x250_ATF_Flex%22%7D%2C%22banner%22%3A%7B%22w%22%3A256%2C%22h%22%3A192%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2232e8e38daa31bfe%22%2C%22ext%22%3A%7B%22siteID%22%3A%22191166%22%2C%22sid%22%3A%223%22%2C%22dfp_ad_unit_code%22%3A%22%2F1031683%2FUD_ROS_300x250_ATF_Flex%22%7D%2C%22banner%22%3A%7B%22w%22%3A256%2C%22h%22%3A144%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%223366e46c80bc691%22%2C%22ext%22%3A%7B%22siteID%22%3A%22191166%22%2C%22sid%22%3A%223%22%2C%22dfp_ad_unit_code%22%3A%22%2F1031683%2FUD_ROS_300x250_ATF_Flex%22%7D%2C%22banner%22%3A%7B%22w%22%3A144%2C%22h%22%3A256%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2234fe52cce0aad5a%22%2C%22ext%22%3A%7B%22siteID%22%3A%22191166%22%2C%22sid%22%3A%223%22%2C%22dfp_ad_unit_code%22%3A%22%2F1031683%2FUD_ROS_300x250_ATF_Flex%22%7D%2C%22banner%22%3A%7B%22w%22%3A256%2C%22h%22%3A256%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22351234436bfa053%22%2C%22ext%22%3A%7B%22siteID%22%3A%22191166%22%2C%22sid%22%3A%223%22%2C%22dfp_ad_unit_code%22%3A%22%2F1031683%2FUD_ROS_300x250_ATF_Flex%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2236dd3b02fb192eb%22%2C%22ext%22%3A%7B%22siteID%22%3A%22191166%22%2C%22sid%22%3A%223%22%2C%22dfp_ad_unit_code%22%3A%22%2F1031683%2FUD_ROS_300x250_ATF_Flex%22%7D%2C%22banner%22%3A%7B%22w%22%3A336%2C%22h%22%3A280%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156796/877/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-31-84-150.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: c41393a4ae0832a7169e4f3b80b0dbbd25444141eacd7920f80c59fa093c93f6

Request headers

Referer: https://www.urbandictionary.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:28 GMT
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[185.213.155.166], XFF:[]
server: Apache
content-type: application/json
access-control-allow-origin: https://www.urbandictionary.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 2323
x-ak-client-geo: 12
expires: Mon, 27 Dec 2021 01:26:28 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 360 B
1 KB 763ms
256ms XHR
application/json 2602:803:c001::200:194
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=6317&site_id=126350&zone_id=598142&size_id=15&alt_size_ids=16&eid_pubcid.org=78e57d15-dd1e-46ae-98a1-7869c20eb5ce%5E1&rf=https%3A%2F%2Fwww.urbandictionary.com%2F&tg_i.dfp_ad_unit_code=1031683%2FUD_ROS_300x250_ATF_Flex&tg_i.pbadslot=1031683%2FUD_ROS_300x250_ATF_Flex&tk_flint=pbjs_lite_v4.43.0&x_source.tid=0c8dd280-a08f-4b4a-ad39-e75c3b525afb&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.4516194040655681
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156796/877/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c001::200:194 San Jose, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: acf64df29b2293a9f317def20b93fabecf86f22fd434c082056fc5675f4a5f70

Request headers

Referer: https://www.urbandictionary.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 27 Dec 2021 01:26:28 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.urbandictionary.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 360
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 53 B
743 B 52ms
24ms XHR
application/json 185.33.221.15
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156796/877/pwt.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.urbandictionary.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 27 Dec 2021 01:26:28 GMT
X-Proxy-Origin: 185.213.155.166; 185.213.155.166; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: e5b0c3e8-a97c-4c9b-8ced-51114fa19e23
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.urbandictionary.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 53
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
120 B 36ms
16ms XHR
text/plain 35.157.51.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156796/877/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.51.51 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-51-51.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.urbandictionary.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.urbandictionary.com
date: Mon, 27 Dec 2021 01:26:28 GMT
access-control-allow-credentials: true
vary: Origin

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 94 B
753 B 128ms
69ms XHR
application/json 216.52.2.19
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.43.0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156796/877/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: 49886c0376bcfa5026073ce6314b2ad027338fde567cde729c3427fe2db77a69

Request headers

Referer: https://www.urbandictionary.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 27 Dec 2021 01:26:28 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://www.urbandictionary.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap4ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 98

POST
H2 200 v2 Show response
e.serverbid.com/api/ 711 B
993 B 295ms
103ms XHR
application/json 165.227.252.242
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://e.serverbid.com/api/v2
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156796/877/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 165.227.252.242 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: acc1ca755792e32aa69e909064b90362857fb423614b62ee7ea99af20aeeaa3d

Request headers

Referer: https://www.urbandictionary.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.urbandictionary.com
date: Mon, 27 Dec 2021 01:26:28 GMT
access-control-allow-credentials: true
content-length: 711
vary: Origin
content-type: application/json

POST
H2 204 mvo Show response
tag.1rx.io/rmp/74121/0/ 0
179 B 53ms
21ms XHR
text/plain 213.19.147.42
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/74121/0/mvo?z=1r&hbv=4.43,2.1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156796/877/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.urbandictionary.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.urbandictionary.com
pragma: no-cache
date: Mon, 27 Dec 2021 01:26:28 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: Tengine

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 96ms
69ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96945a017373a17480a66ed38c02d8&pos=1031683_ud_ros_300x250_atf_flex&cmd=bid&secure=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156796/877/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: fa151abc87b7ce7e8425d9e431ac66c27a8be7d71719e76d4cec932f38374819

Request headers

Referer: https://www.urbandictionary.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 27 Dec 2021 01:26:28 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.urbandictionary.com
access-control-allow-credentials: true
content-length: 62

POST
H2 200 auction Show response
tlx.3lift.com/header/ 2 KB
2 KB 80ms
67ms XHR
application/json 18.184.69.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=4.43.0&referrer=https%3A%2F%2Fwww.urbandictionary.com%2F&tmax=1551

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156796/877/pwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.184.69.62 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-184-69-62.eu-central-1.compute.amazonaws.com

Software

Resource Hash

d7d6ba4fd0c5f1f25ce38467a2a231fc0ff5fee0d23dca8f1781d741380e4064

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.urbandictionary.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:28 GMT
content-encoding: gzip
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.urbandictionary.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 1333
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
119 B 45ms
29ms XHR
text/plain 35.157.51.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156796/877/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.51.51 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-51-51.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.urbandictionary.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.urbandictionary.com
date: Mon, 27 Dec 2021 01:26:28 GMT
access-control-allow-credentials: true
vary: Origin

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 53 B
743 B 48ms
20ms XHR
application/json 185.33.221.15
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156796/877/pwt.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.urbandictionary.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 27 Dec 2021 01:26:28 GMT
X-Proxy-Origin: 185.213.155.166; 185.213.155.166; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: d15418b4-3cc7-4b17-a50e-57c37154da60
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.urbandictionary.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 53
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 v2 Show response
e.serverbid.com/api/ 711 B
993 B 291ms
103ms XHR
application/json 165.227.252.242
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://e.serverbid.com/api/v2
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156796/877/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 165.227.252.242 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: acc1ca755792e32aa69e909064b90362857fb423614b62ee7ea99af20aeeaa3d

Request headers

Referer: https://www.urbandictionary.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.urbandictionary.com
date: Mon, 27 Dec 2021 01:26:28 GMT
access-control-allow-credentials: true
content-length: 711
vary: Origin
content-type: application/json

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 1007 B
1 KB 75ms
57ms XHR
application/json 184.31.84.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=198549&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2260ea350318bc9f%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.urbandictionary.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.0%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2261f7f1580ed1ce5%22%2C%22ext%22%3A%7B%22siteID%22%3A%22198549%22%2C%22sid%22%3A%224%22%2C%22dfp_ad_unit_code%22%3A%22%2F1031683%2FUD_ROS_300x250_BTF_1%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156796/877/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-31-84-150.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: bee61bc00e3070d85567df780c08914b861333b11d74f9ae034b7ba2317580d6

Request headers

Referer: https://www.urbandictionary.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:28 GMT
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[185.213.155.166], XFF:[]
server: Apache
content-type: application/json
access-control-allow-origin: https://www.urbandictionary.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 1007
x-ak-client-geo: 12
expires: Mon, 27 Dec 2021 01:26:28 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 94 B
753 B 124ms
70ms XHR
application/json 216.52.2.19
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.43.0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156796/877/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: e2ccc9c8ea94440590d3398b6b7e69df145f34787bf9a915e3a9cbf920b108ff

Request headers

Referer: https://www.urbandictionary.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 27 Dec 2021 01:26:28 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://www.urbandictionary.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap4ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 98

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
270 B 70ms
61ms XHR
application/json 18.184.69.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=4.43.0&referrer=https%3A%2F%2Fwww.urbandictionary.com%2F&tmax=1551

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156796/877/pwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.184.69.62 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-184-69-62.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.urbandictionary.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:28 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.urbandictionary.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
122 B 98ms
45ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156796/877/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.urbandictionary.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.urbandictionary.com
date: Mon, 27 Dec 2021 01:26:28 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 10 KB
4 KB 55ms
55ms XHR
application/json 34.107.148.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU4TR801
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156796/877/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 299a84d4324c9776dcf0b8607389564103aab7b2176e98189bd3c767f0f792f7

Request headers

Referer: https://www.urbandictionary.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:28 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.urbandictionary.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
298 B 84ms
62ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96945a017373a17480a66ed38c02d8&pos=1031683_ud_ros_300x250_btf_1&cmd=bid&secure=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156796/877/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: cb5ad41e1a672ce7b05978fea4976dd4bb4f4e74059194f9301365f319015e9b

Request headers

Referer: https://www.urbandictionary.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 27 Dec 2021 01:26:28 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.urbandictionary.com
access-control-allow-credentials: true
content-length: 62

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 334 B
1 KB 759ms
260ms XHR
application/json 2602:803:c001::200:194
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=6317&site_id=126350&zone_id=598142&size_id=15&eid_pubcid.org=78e57d15-dd1e-46ae-98a1-7869c20eb5ce%5E1&rf=https%3A%2F%2Fwww.urbandictionary.com%2F&tg_i.dfp_ad_unit_code=1031683%2FUD_ROS_300x250_BTF_1&tg_i.pbadslot=1031683%2FUD_ROS_300x250_BTF_1&tk_flint=pbjs_lite_v4.43.0&x_source.tid=d3e3c1f6-5b96-487e-beca-ee86907e9e79&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3586589780925995
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156796/877/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c001::200:194 San Jose, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 29bb4b6b99538e3dcdd0f9ef0b22adee10a953436e86b7cf91f7d836a3d336d3

Request headers

Referer: https://www.urbandictionary.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 27 Dec 2021 01:26:28 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.urbandictionary.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 334
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 mvo Show response
tag.1rx.io/rmp/74121/0/ 0
179 B 46ms
21ms XHR
text/plain 213.19.147.42
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/74121/0/mvo?z=1r&hbv=4.43,2.1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156796/877/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.urbandictionary.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.urbandictionary.com
pragma: no-cache
date: Mon, 27 Dec 2021 01:26:28 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: Tengine

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 88ms
68ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96945a017373a17480a66ed38c02d8&pos=1031683_ud_ros_300x250_btf_2&cmd=bid&secure=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156796/877/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: f87bd576fcbe5e9fb3f76384b78da0f241eaa8ee4b5c7b1bf451a19e4995f8fd

Request headers

Referer: https://www.urbandictionary.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 27 Dec 2021 01:26:28 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.urbandictionary.com
access-control-allow-credentials: true
content-length: 62

POST
H2 200 auction Show response
tlx.3lift.com/header/ 2 KB
1 KB 68ms
63ms XHR
application/json 18.184.69.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=4.43.0&referrer=https%3A%2F%2Fwww.urbandictionary.com%2F&tmax=1551

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156796/877/pwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.184.69.62 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-184-69-62.eu-central-1.compute.amazonaws.com

Software

Resource Hash

1e6d3d4383e92055d93d26bb2d6006eda8839f57ea54c60b29e2e1ce2e40528e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.urbandictionary.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:28 GMT
content-encoding: gzip
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.urbandictionary.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 1187
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 36 B
338 B 70ms
57ms XHR
application/json 184.31.84.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=198550&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2281519f251e9623%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.urbandictionary.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.0%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2282ee6d12e0b3232%22%2C%22ext%22%3A%7B%22siteID%22%3A%22198550%22%2C%22sid%22%3A%225%22%2C%22dfp_ad_unit_code%22%3A%22%2F1031683%2FUD_ROS_300x250_BTF_2%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156796/877/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-31-84-150.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: f1d6eacc207784c0eca390fb932e65580c75fc1c2d19ae064d219e906cc05315

Request headers

Referer: https://www.urbandictionary.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:28 GMT
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[185.213.155.166], XFF:[]
server: Apache
content-type: application/json
access-control-allow-origin: https://www.urbandictionary.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 36
x-ak-client-geo: 12
expires: Mon, 27 Dec 2021 01:26:28 GMT

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 10 KB
4 KB 58ms
57ms XHR
application/json 34.107.148.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU4TR801
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156796/877/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 531d05a912c78d430f454775194e350f60330620c42513073cd84ac700077dc2

Request headers

Referer: https://www.urbandictionary.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:28 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.urbandictionary.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 53 B
743 B 70ms
23ms XHR
application/json 185.33.221.15
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156796/877/pwt.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.urbandictionary.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 27 Dec 2021 01:26:28 GMT
X-Proxy-Origin: 185.213.155.166; 185.213.155.166; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 0e08e9f6-91ef-46c2-99c9-739a800b30b0
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.urbandictionary.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 53
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
66 B 121ms
73ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156796/877/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.urbandictionary.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.urbandictionary.com
date: Mon, 27 Dec 2021 01:26:26 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 94 B
753 B 137ms
73ms XHR
application/json 216.52.2.19
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.43.0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156796/877/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: eede9de1fe2b6044d7a53ea6bd804a2e40c249d9f1e3b8a055a1b41baeac64de

Request headers

Referer: https://www.urbandictionary.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 27 Dec 2021 01:26:28 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://www.urbandictionary.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap4ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 98

POST
H2 200 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 8 KB
4 KB 74ms
67ms XHR
application/json 35.157.51.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156796/877/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.51.51 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-51-51.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: a1c43f0c5f7b237c1a9bcb74a11600939ca5a8e74ee02dd01ca0a2b2a331d1cf

Request headers

Referer: https://www.urbandictionary.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 27 Dec 2021 01:26:28 GMT
content-encoding: gzip
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.urbandictionary.com
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 4192

POST
H2 204 mvo Show response
tag.1rx.io/rmp/74121/0/ 0
179 B 39ms
20ms XHR
text/plain 213.19.147.42
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/74121/0/mvo?z=1r&hbv=4.43,2.1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156796/877/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.urbandictionary.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.urbandictionary.com
pragma: no-cache
date: Mon, 27 Dec 2021 01:26:28 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: Tengine

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 334 B
1 KB 747ms
254ms XHR
application/json 2602:803:c001::200:194
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=6317&site_id=126350&zone_id=598142&size_id=15&eid_pubcid.org=78e57d15-dd1e-46ae-98a1-7869c20eb5ce%5E1&rf=https%3A%2F%2Fwww.urbandictionary.com%2F&tg_i.dfp_ad_unit_code=1031683%2FUD_ROS_300x250_BTF_2&tg_i.pbadslot=1031683%2FUD_ROS_300x250_BTF_2&tk_flint=pbjs_lite_v4.43.0&x_source.tid=76d6a77b-d8d4-4bfc-a6a3-feb71613d309&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3802778689633295
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156796/877/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c001::200:194 San Jose, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: fa168732edfde31e4e17a90abf88fc734967fae274b2422c3944a74df6201c30

Request headers

Referer: https://www.urbandictionary.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 27 Dec 2021 01:26:28 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.urbandictionary.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 334
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 v2 Show response
e.serverbid.com/api/ 711 B
993 B 281ms
102ms XHR
application/json 165.227.252.242
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://e.serverbid.com/api/v2
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156796/877/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 165.227.252.242 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: acc1ca755792e32aa69e909064b90362857fb423614b62ee7ea99af20aeeaa3d

Request headers

Referer: https://www.urbandictionary.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.urbandictionary.com
date: Mon, 27 Dec 2021 01:26:28 GMT
access-control-allow-credentials: true
content-length: 711
vary: Origin
content-type: application/json

GET
H2 200 nrrV25277.js Show response
contextual.media.net/4a/ Frame 99B5 92 KB
30 KB 37ms
37ms Script
text/javascript 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/4a/nrrV25277.js

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/dmedianet.js?cid=8CUU53W3Y

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

086277042a04674a95dc3a57f66046ef70b8bb2337c8f9ef133f27a7540e3e3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: max-age=2592000
strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
etag: "c64c7085e3ecb77c60caf49560a1ea67"
vary: Accept-Encoding
x-mnet-h: 10-4
content-type: text/javascript; charset=utf-8
cache-control: max-age=1209600
date: Mon, 27 Dec 2021 01:26:28 GMT
content-length: 30278
expires: Mon, 10 Jan 2022 01:26:28 GMT

GET
DATA 200
OK truncated
/ Frame 99B5 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7792e1c9ac3133653260cc659a5cf19ffe50f4512e993a506308ee2d3211f858

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 99B5 107 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 99B5 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 99B5 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK SourceSansPro-SemiBold.woff
res-a.akamaihd.net/__media__/fonts/SourceSansPro-SemiBold/ Frame 99B5 17 KB
17 KB 63ms
8ms Font
application/font-woff 2.16.186.89
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://res-a.akamaihd.net/__media__/fonts/SourceSansPro-SemiBold/SourceSansPro-SemiBold.woff
Requested by: Host: www.urbandictionary.com
URL: https://www.urbandictionary.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.89 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-89.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: d5823f6f8f29021b5700ffaf97edb6e0b929b3bc4ec364c20127498ff23374a1

Request headers

Referer: https://www.urbandictionary.com/
Origin: https://www.urbandictionary.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 27 Dec 2021 01:26:28 GMT
Last-Modified: Mon, 16 May 2016 10:39:41 GMT
Server: nginx
ETag: "5739a36d-43e8"
Content-Type: application/font-woff
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17384

GET
H2 200 bql.php Show response
lg3.media.net/ Frame 99B5 15 B
216 B 13ms
12ms Script
text/javascript 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lg3.media.net/bql.php?&vgd_l2type=setting&v=1&gdpr=1&uspenf=2&hvsid=00001640568387492031177838086632&geo=50.12|8.68&dlper=50&lper=100&bdrid=7&fp=f1IyYtfjiQqwjOjf1A0iZj5NPiiHOGw-HwdHkpJboFuk84vAO85DaXfdoQCZ1EZqiyf0Xw6wah_cx-ljP21NT_Y_rt-kShQ68KErwcWcho51oO8WOoa5cw4eA8O4P8I3TIa2AKEqAsU%3D&lpid=&tsid=112&q=&prv=&type=&ps=&cme=OIkPwwjWMhD8bISeU2MK15jULFgEBjMXrsFtFtMj9henqp8ti-gs59vRTVbZLeqJfSZ1Ar-Yx88W78f_bXtJZZ95QF930L6tzxJoD_gt-7xCMnniWin5YZuO4M2mgee4L4gTxX2TPEa9MM6glRmNlgQxProQklj8Q15M8GwZQWFKDiC6gcN1-CSbpQ44Qf8oB1a86jfXlhtW0taAGrGl9yvo_n-r7MMW%7C%7CNDHRnZ9Gz3KXlI-i9OnZqQ%3D%3D%7C5gDUJdTGiJzedmq9hanWYg%3D%3D%7CsRBSg3CPSiQ%3D%7CYdjFvixrVaEBpaR24IWVC3uM-Rp2mZE2D80Seo-ZGcxFjW3dtmbx6g%3D%3D%7CN7fu2vKt8_s%3D%7C_0WO1l-j3IR1r3j4QJ4j4XKzTlM7AfPRm7CPz2oWUR2RxGQWi6WxYy910L-WGwC9pqHF7X9VM9txEWu2xynWh9KyDC4rcW4BKqBN7F5H_FV-T5q9fVJRftvWER_WqnadLue2aQEl-Qw5J_sYC8ilwrUs3j8Us0YaFTmvIeU_kyrNVhNUq83L80jpizkznGXfrB7q-51Q4yVqf-Y6rvztaIe2gsNl6FRvxtQiVcgEG0A%3D%7C&hint=&td=&cc=DE&wsip=2886995206&bca=0&ugd=4&vgd_fm_lang=DE&vgd_chost=contextual.media.net&vgd_fcic=0&vgde_kbbh=WoNWNY&vgde_setid=NW&&rc=0&ksu=243&vgd_opp_id=220049876279182731640568387499&fdkt=232&kwd[]=Die%20besten%20Aktien%20im%20DAX&kwt[]=232&kbc[]=c9e8e4d22c45b62597a973a6cf089718.d2s&kwp[]=1&kid[]=329464708&kbc2[]=0%7C%7Co_r%3D0.20%7C%7Cp_r%3D0.39%7C%7Cl_r%3D56%7C%7Cc%3D3%7C%7Crps%3D0.69%7C%7Cps%3D0.732%7C%7Crpc%3D0.88%7C%7Clvl%3D3.14&ktd[]=1126174801920768&kwd[]=Die%20besten%20der%20MBA%20Schulen&kwt[]=244&kbc[]=1203642517&kwp[]=2&kid[]=325052007&kbc2[]=c%3D-2%7C%7Crps%3D0.39%7C%7Cps%3D0.297%7C%7Crpc%3D0.80%7C%7Clvl%3D1.50&ktd[]=1126174801859328&kwd[]=Executive%20MBA%20Fernstudium&kwt[]=244&kbc[]=1203642517&kwp[]=3&kid[]=325052018&kbc2[]=c%3D-2%7C%7Crps%3D0.62%7C%7Cps%3D0.297%7C%7Crpc%3D0.64%7C%7Clvl%3D1.00&ktd[]=1126174801859328&kwd[]=Die%20besten%20Sprachschulen&kwt[]=244&kbc[]=1203642517&kwp[]=4&kid[]=326735490&kbc2[]=c%3D-2%7C%7Crps%3D1.05%7C%7Cps%3D0.297%7C%7Crpc%3D0.27%7C%7Clvl%3D1.00&ktd[]=1126174801859328&kwd[]=Die%20besten%20eBook-Reader&kwt[]=244&kbc[]=1203642517&kwp[]=5&kid[]=326742613&kbc2[]=c%3D-2%7C%7Crps%3D0.41%7C%7Cps%3D0.297%7C%7Crpc%3D0.08%7C%7Clvl%3D1.50&ktd[]=1126174801859328&kwd[]=Privat-Nachhilfe%20zu%20Hause&kwt[]=244&kbc[]=1203642517&kwp[]=6&kid[]=329495262&kbc2[]=c%3D-2%7C%7Crps%3D0.15%7C%7Cps%3D0.297%7C%7Crpc%3D0.05%7C%7Clvl%3D1.00&ktd[]=1126174801859328&kwd[]=Hochschulstipendien&kwt[]=244&kbc[]=1203642517&kwp[]=7&kid[]=329995346&kbc2[]=c%3D-2%7C%7Crps%3D0.15%7C%7Cps%3D0.297&ktd[]=1126174801859328&kwd[]=Die%20besten%20Online-MBA-Kurse&kwt[]=244&kbc[]=1203642517&kwp[]=8&kid[]=329553854&kbc2[]=c%3D-2%7C%7Crps%3D0.50%7C%7Cps%3D0.297%7C%7Crpc%3D0.54%7C%7Clvl%3D1.00&ktd[]=1126174801859328&rand=1640568388399&cid=8CUU53W3Y&vwid=1640568387893781905&vi=1640568387893781905&l3ch=1&slnkp=no&bdrct=0.00&vgd_rt=652&bto=102&tdAdd[]=rtbsd%3D10&tdAdd[]=ib=0&vgd_uspa=1&vgd_usps=con&vgd_uspcs=1---&vgd_uspcss=cmp&vgd_sc=HE&vgd_l1rakh=1640568387136354907&vgd_l1rhst=contextual.media.net&vgd_lhl=823&tdAdd[]=%7C%40%7Csde%3D1%7C%40%7Cadepth%3D1%7C%40%7Cddepth%3D1%7C%40%7Cfsap%3D0&vgd_ifrmode=00&sttm=1640568387492&upk=1640568387.12554&hvsid=00001640568387492031177838086632&verid=3121199&kbbq=%26sde%3D1%26adepth%3D1%26ddepth%3D1%26asn%3D39351&vgd_hbReqId=T1640566657C8S34U760&vgd_isiolc=1&rtbsd=10&vgd_pgid=p11160540481t202112270126&matm=1640568388406&vgd_ltime=937&vgd_ltimesrc=2&abpl=2&tdAdd[]=nw%3DNone&tdAdd[]=nwType%3DNone&tdAdd[]=asnum%3D39351&tdAdd[]=proxy%3DNone&tdAdd[]=comp%3DNone&vgd_l3_sc=HE&vgd_l1ch=1&vgd_pdtid=1&vgd_implt=3&vgd_sbSup=1&vgd_l2wsip=2886995206&vgd_nrrsf=nrr&vgd_nrrv=25277&vgd_nrrs=25277&vgd_nrrmf=4a&vgd_cntrdt=AS%7CDIV-327825625%7CDIV-content&vgd_x_pos=330&vgd_y_pos=1854&vgd_ren_page_h=5100&vgd_cty=FRANKFURT&vgd_l1hcsd=N2%7C8517&vgd_sethcsd=N8%7C8509&vgd_cfud=211111&vgd_is_amp=0&vgd_optout=0&vgd_l2ch=1&vgd_ect=4g&vgd_rensize=620_250&vgd_scr_h=1200&vgd_scr_w=1600&vgd_mbr=1&vgd_pbcm=1&vgd_l1rpth=%2Fdmedianet.js&vgd_pgids=1&oRurl=http%3A%2F%2Fcdng%2Fwlfc.js%3F%26esi%3D1%26%26fvips%3D0%26vpf%3D000%26chost%3Dcontextual.media.net%26cb%3Dwindow._mNDetails.initAd%26%26gdpr%3D1%26uspenf%3D2%26cid%3D8CUU53W3Y%26cpcd%3Dkd3SDNcT0D4O2qOois3E0w%253D%253D%26crid%3D327825625%26size%3D600x250%26cc%3DDE%26https%3D1%26vif%3D1%26requrl%3Dhttps%253A%252F%252Fwww.urbandictionary.com%252F%26nse%3D5%26vi%3D1640562258606357003%26lw%3D1%26ugd%3D4%26rtbs%3D1%26nb%3D1%26blacpfl%3D1%26baeFlag%3D1%26blapd%3D0%26isOffice%3D0&tdAdd[]=uiparams%3D%3Brend_w%3A620%3Brend_h%3A250%3Bwin_w%3A1600%3Bwin_h%3A1200%3Bkwd_scnt%3A8&vgd_end=1

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/4a/nrrV25277.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=21600
server: Apache
date: Mon, 27 Dec 2021 01:26:28 GMT
ntcoent-length: 15
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 15
expires: Mon, 27 Dec 2021 01:26:28 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 1018 B
1 KB 61ms
60ms XHR
application/json 184.31.84.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=191165&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22100537b497bfd81b%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.urbandictionary.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.0%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22101065a7020e29aa%22%2C%22ext%22%3A%7B%22siteID%22%3A%22191165%22%2C%22sid%22%3A%222%22%2C%22dfp_ad_unit_code%22%3A%22%2F1031683%2FUD_ROS_300x600_ATF_Flex%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%221023580e2c143e21%22%2C%22ext%22%3A%7B%22siteID%22%3A%22191165%22%2C%22sid%22%3A%222%22%2C%22dfp_ad_unit_code%22%3A%22%2F1031683%2FUD_ROS_300x600_ATF_Flex%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%221038058eb6704c0c%22%2C%22ext%22%3A%7B%22siteID%22%3A%22191165%22%2C%22sid%22%3A%222%22%2C%22dfp_ad_unit_code%22%3A%22%2F1031683%2FUD_ROS_300x600_ATF_Flex%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156796/877/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-31-84-150.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: fa4e09005d25c6c9ca0ca08156258261a834729669dc98b8e1780de7f46028a2

Request headers

Referer: https://www.urbandictionary.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:29 GMT
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[185.213.155.166], XFF:[]
server: Apache
content-type: application/json
access-control-allow-origin: https://www.urbandictionary.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 1018
x-ak-client-geo: 12
expires: Mon, 27 Dec 2021 01:26:29 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
269 B 52ms
52ms XHR
application/json 18.184.69.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=4.43.0&referrer=https%3A%2F%2Fwww.urbandictionary.com%2F&tmax=1551

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156796/877/pwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.184.69.62 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-184-69-62.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.urbandictionary.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:29 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.urbandictionary.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 53 B
743 B 14ms
13ms XHR
application/json 185.33.221.15
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156796/877/pwt.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.urbandictionary.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 27 Dec 2021 01:26:28 GMT
X-Proxy-Origin: 185.213.155.166; 185.213.155.166; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 0ea74eda-e037-4b47-aa95-d13f625eede3
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.urbandictionary.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 53
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
119 B 14ms
13ms XHR
text/plain 35.157.51.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156796/877/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.51.51 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-51-51.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.urbandictionary.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.urbandictionary.com
date: Mon, 27 Dec 2021 01:26:28 GMT
access-control-allow-credentials: true
vary: Origin

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 362 B
849 B 269ms
268ms XHR
application/json 2602:803:c001::200:194
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=6317&site_id=126350&zone_id=598142&size_id=15&alt_size_ids=9%2C10&eid_pubcid.org=78e57d15-dd1e-46ae-98a1-7869c20eb5ce%5E1&rf=https%3A%2F%2Fwww.urbandictionary.com%2F&tg_i.dfp_ad_unit_code=1031683%2FUD_ROS_300x600_ATF_Flex&tg_i.pbadslot=1031683%2FUD_ROS_300x600_ATF_Flex&tk_flint=pbjs_lite_v4.43.0&x_source.tid=f6cded92-604c-47f7-9deb-2137d24c1efc&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.846851745835983
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156796/877/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c001::200:194 San Jose, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 947a09f5ce3555232293442b48c046261494fe79dab3a4bbf77e06ade1020265

Request headers

Referer: https://www.urbandictionary.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 27 Dec 2021 01:26:29 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.urbandictionary.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 362
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
66 B 71ms
70ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156796/877/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.urbandictionary.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.urbandictionary.com
date: Mon, 27 Dec 2021 01:26:27 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 v2 Show response
e.serverbid.com/api/ 711 B
993 B 104ms
103ms XHR
application/json 165.227.252.242
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://e.serverbid.com/api/v2
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156796/877/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 165.227.252.242 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: acc1ca755792e32aa69e909064b90362857fb423614b62ee7ea99af20aeeaa3d

Request headers

Referer: https://www.urbandictionary.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.urbandictionary.com
date: Mon, 27 Dec 2021 01:26:28 GMT
access-control-allow-credentials: true
content-length: 711
vary: Origin
content-type: application/json

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 10 KB
4 KB 79ms
78ms XHR
application/json 34.107.148.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU4TR801
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156796/877/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 1a61e839600d86181b846ec06ce33c6729062dde0f755a16ddb640445302f950

Request headers

Referer: https://www.urbandictionary.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:29 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.urbandictionary.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
117 B 70ms
70ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96945a017373a17480a66ed38c02d8&pos=1031683_ud_ros_300x600_atf_flex_1&cmd=bid&secure=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156796/877/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 43f5e335ca9eba391f49f36fa3f4fb02cdc98ecbaa7ef8343fcabceae6a54f27

Request headers

Referer: https://www.urbandictionary.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 27 Dec 2021 01:26:29 GMT
server: ATS/9.1.0.33
age: 1
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.urbandictionary.com
access-control-allow-credentials: true
content-length: 62

POST
H2 204 mvo Show response
tag.1rx.io/rmp/74121/0/ 0
179 B 17ms
17ms XHR
text/plain 213.19.147.42
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/74121/0/mvo?z=1r&hbv=4.43,2.1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156796/877/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.urbandictionary.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.urbandictionary.com
pragma: no-cache
date: Mon, 27 Dec 2021 01:26:28 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: Tengine

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 143ms
55ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.urbandictionary.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Dec 2021 01:26:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 18 KB
8 KB 213ms
165ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2967380673806602&correlator=3208193079962001&output=ldjh&impl=fifs&eid=31060439%2C31061814%2C31063898&vrg=2021120601&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20211227&iu_parts=1031683%2CUD_ROS_300x250_ATF_Flex&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C192x256%7C256x192%7C256x144%7C144x256%7C256x256%7C300x250%7C336x280&fluid=height&prev_scp=pwtsid_medianet%3D11572171044611e3%26pwtbst_medianet%3D1%26pwtecp_medianet%3D0.07%26pwtsz_medianet%3D336x280%26pwtsid_triplelift%3D120b9954d7a5d9df%26pwtbst_triplelift%3D1%26pwtecp_triplelift%3D0.17%26pwtsz_triplelift%3D336x280%26pwtsid_ix%3D1212d7bea83bdf81%26pwtbst_ix%3D1%26pwtecp_ix%3D0.05%26pwtsz_ix%3D336x280%26pwtsid_pubmatic%3D126f50d1c195a9b1%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0%26pwtsid%3D120b9954d7a5d9df%26pwtbst%3D1%26pwtecp%3D0.17%26pwtpid%3Dtriplelift%26pwtpubid%3D156796%26pwtprofid%3D877%26pwtverid%3D81%26pwtsz%3D336x280%26pwtplt%3Ddisplay&eri=1&cust_params=experiment%3Dnone%26pb_update%3Dopenwrap%26page_type%3Dhome%26sfg_flag%3Dfalse&cookie_enabled=1&bc=31&abxe=1&lmt=1640568388&dt=1640568388985&dlt=1640568387165&idt=1007&frm=20&biw=1600&bih=1200&oid=2&adxs=544&adys=967&adks=1214588104&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.urbandictionary.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=619x-1&msz=579x-1&ga_vid=1599655245.1640568388&ga_sid=1640568389&ga_hid=637738408&ga_fc=true&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

ef7572a19ba5927e9b49109e6fd11d6ca2bbb93f78179bc6d4921fff704ccda4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8539
x-xss-protection: 0
google-lineitem-id: 5352191459
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138309100278
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.urbandictionary.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
9 KB 152ms
52ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021120601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a3f7144e808cdb189d4581b80d2f7e9cfdf112e39f429c190a3c23ff2f19b9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Dec 2021 01:26:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8420
x-xss-protection: 0

GET
H2 200 container.html Show response
cf946a16b6dc5b3b3a7f8207ac7c9a78.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0DA5 6 KB
4 KB 162ms
47ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cf946a16b6dc5b3b3a7f8207ac7c9a78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 27 Dec 2021 01:26:29 GMT
expires: Tue, 27 Dec 2022 01:26:29 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 18 KB
8 KB 167ms
129ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2967380673806602&correlator=1065188845023459&output=ldjh&impl=fifs&eid=31060439%2C31061814%2C31063898&vrg=2021120601&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20211227&iu_parts=1031683%2CUD_ROS_300x250_BTF_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=pwtsid_sharethrough%3D12326ece8cc34ddd%26pwtbst_sharethrough%3D1%26pwtecp_sharethrough%3D0.28%26pwtsz_sharethrough%3D300x250%26pwtsid_medianet%3D117121e1b1bfa394%26pwtbst_medianet%3D1%26pwtecp_medianet%3D0.02%26pwtsz_medianet%3D300x250%26pwtsid_triplelift%3D1185e156d8347e5c%26pwtbst_triplelift%3D1%26pwtecp_triplelift%3D0.52%26pwtsz_triplelift%3D300x250%26pwtsid_pubmatic%3D1279b9afaae68acd%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0%26pwtsid%3D1185e156d8347e5c%26pwtbst%3D1%26pwtecp%3D0.52%26pwtpid%3Dtriplelift%26pwtpubid%3D156796%26pwtprofid%3D877%26pwtverid%3D81%26pwtsz%3D300x250%26pwtplt%3Ddisplay&eri=1&cust_params=experiment%3Dnone%26pb_update%3Dopenwrap%26page_type%3Dhome%26sfg_flag%3Dfalse&cookie_enabled=1&bc=31&abxe=1&lmt=1640568388&dt=1640568388995&dlt=1640568387165&idt=1007&frm=20&biw=1600&bih=1200&oid=2&adxs=490&adys=4367&adks=3253764306&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.urbandictionary.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=619x-1&msz=579x-1&ga_vid=1599655245.1640568388&ga_sid=1640568389&ga_hid=637738408&ga_fc=true&fws=0&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

c71704461d36379165b4b265df85892d3a482815d2843f3d7f9a094ca573b615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8583
x-xss-protection: 0
google-lineitem-id: 5352191483
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138309100269
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.urbandictionary.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 18 KB
8 KB 190ms
156ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2967380673806602&correlator=2913091734092140&output=ldjh&impl=fifs&eid=31060439%2C31061814%2C31063898&vrg=2021120601&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20211227&iu_parts=1031683%2CUD_ROS_728x90_ATF_Flex&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90&prev_scp=pwtsid_medianet%3D1141e39fb4afdc56%26pwtbst_medianet%3D1%26pwtecp_medianet%3D0.05%26pwtsz_medianet%3D970x90%26pwtsid_triplelift%3D12829a1282e4edbc%26pwtbst_triplelift%3D1%26pwtecp_triplelift%3D0.17%26pwtsz_triplelift%3D728x90%26pwtsid_pubmatic%3D12577a20a38a4da6%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0%26pwtsid%3D12829a1282e4edbc%26pwtbst%3D1%26pwtecp%3D0.17%26pwtpid%3Dtriplelift%26pwtpubid%3D156796%26pwtprofid%3D877%26pwtverid%3D81%26pwtsz%3D728x90%26pwtplt%3Ddisplay&eri=1&cust_params=experiment%3Dnone%26pb_update%3Dopenwrap%26page_type%3Dhome%26sfg_flag%3Dfalse&cookie_enabled=1&bc=31&abxe=1&lmt=1640568389&dt=1640568389001&dlt=1640568387165&idt=1007&frm=20&biw=1600&bih=1200&oid=2&adxs=436&adys=146&adks=4191665587&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.urbandictionary.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x122&msz=1600x90&ga_vid=1599655245.1640568388&ga_sid=1640568389&ga_hid=637738408&ga_fc=true&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

876bbf0a2b842a8cbb5cb24dbc1074ba204d7735af3c5469d3570d8b52ac8b7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8553
x-xss-protection: 0
google-lineitem-id: 5352191459
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138309472504
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.urbandictionary.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 18 KB
9 KB 173ms
145ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2967380673806602&correlator=2644927316598572&output=ldjh&impl=fifs&eid=31060439%2C31061814%2C31063898&vrg=2021120601&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20211227&iu_parts=1031683%2CUD_ROS_300x250_BTF_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=pwtsid_medianet%3D116c10851d1fab76%26pwtbst_medianet%3D1%26pwtecp_medianet%3D0.02%26pwtsz_medianet%3D300x250%26pwtsid_ix%3D119a0aff3882c431%26pwtbst_ix%3D1%26pwtecp_ix%3D0.04%26pwtsz_ix%3D300x250%26pwtsid_pubmatic%3D1243ccbee0bd0a9d%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0%26pwtsid%3D119a0aff3882c431%26pwtbst%3D1%26pwtecp%3D0.04%26pwtpid%3Dix%26pwtpubid%3D156796%26pwtprofid%3D877%26pwtverid%3D81%26pwtsz%3D300x250%26pwtplt%3Ddisplay&eri=1&cust_params=experiment%3Dnone%26pb_update%3Dopenwrap%26page_type%3Dhome%26sfg_flag%3Dfalse&cookie_enabled=1&bc=31&abxe=1&lmt=1640568389&dt=1640568389007&dlt=1640568387165&idt=1007&frm=20&biw=1600&bih=1200&oid=2&adxs=490&adys=3050&adks=2063701895&ucis=4&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.urbandictionary.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=619x-1&msz=579x-1&ga_vid=1599655245.1640568388&ga_sid=1640568389&ga_hid=637738408&ga_fc=true&fws=0&ohw=0&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

358b728e852cf39a6b55c9eb0a70aa7790e8ca39eff99669bf35b7a2cf7243d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8878
x-xss-protection: 0
google-lineitem-id: 4737621798
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138240849880
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.urbandictionary.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame 3547 2 KB
1 KB 43ms
7ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156796/877/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/

Response headers

Server: Apache
Last-Modified: Thu, 11 Feb 2021 16:12:45 GMT
ETag: "e20015-90b-5bb11ca420f07"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1151
Date: Mon, 27 Dec 2021 01:26:29 GMT
Connection: keep-alive

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 75BA 52 KB
17 KB 109ms
17ms Document
text/html 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156796/877/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/

Response headers

Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: "5fc7ff8f-cf34"
Server: nginx/1.13.10
Access-Control-Allow-Origin: *
Content-Type: text/html
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Tue, 28 Dec 2021 01:26:31 GMT
Date: Mon, 27 Dec 2021 01:26:29 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1

200
OK

1032790.html Show response
serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/ Frame 64CB
Redirect Chain

https://sync.serverbid.com/ss/1032790.html
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/1032790.html

4 KB
4 KB

81ms
16ms

Document
text/html

205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/1032790.html

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156796/877/pwt.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

62dfe992f48c3ae7c1b6b12225a2a16e80177a3bdec3ae9064b012fad19166ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/

Response headers

Date: Mon, 27 Dec 2021 01:26:29 GMT
Connection: Keep-Alive
Cache-Control: max-age=53619
Content-Length: 3659
Content-Type: text/html
Last-Modified: Thu, 18 Apr 2019 23:21:46 GMT
Accept-Ranges: bytes
etag: "41b3230f702a1f166f86197fb6e1e151"
x-amz-request-id: tx00000000000000099a3ff-0061c895e3-f95976c-nyc3a
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 84
x-rgw-object-type: Normal
Vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW: 1640568389.dop226.am5.t,1640568389.cds251.am5.shn,1640568389.cds251.am5.c

Redirect headers

content-length: 0
location: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/1032790.html
cache-control: no-cache

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame D678 14 KB
5 KB 8ms
7ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156796
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156796/877/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=76134
expires: Mon, 27 Dec 2021 22:35:23 GMT
date: Mon, 27 Dec 2021 01:26:29 GMT
vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 8FBB 14 KB
5 KB 7ms
7ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156796
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156796/877/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=76134
expires: Mon, 27 Dec 2021 22:35:23 GMT
date: Mon, 27 Dec 2021 01:26:29 GMT
vary: Accept-Encoding

GET
H/1.1

200
OK

1032790.html Show response
serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/ Frame 24E5
Redirect Chain

https://sync.serverbid.com/ss/1032790.html
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/1032790.html

4 KB
4 KB

85ms
19ms

Document
text/html

205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/1032790.html

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156796/877/pwt.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

62dfe992f48c3ae7c1b6b12225a2a16e80177a3bdec3ae9064b012fad19166ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/

Response headers

Date: Mon, 27 Dec 2021 01:26:29 GMT
Connection: Keep-Alive
Cache-Control: max-age=67619
Content-Length: 3659
Content-Type: text/html
Last-Modified: Thu, 18 Apr 2019 23:21:46 GMT
Accept-Ranges: bytes
etag: "41b3230f702a1f166f86197fb6e1e151"
x-amz-request-id: tx0000000000000118d7484-0061c8cce8-d1bfb72-nyc3a
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 5
x-rgw-object-type: Normal
Vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW: 1640568389.dop002.am5.t,1640568389.cds119.am5.shn,1640568389.dop002.am5.t,1640568389.cds003.am5.c

Redirect headers

content-length: 0
location: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/1032790.html
cache-control: no-cache

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame AE3C 23 KB
8 KB 230ms
229ms Document
text/html 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU4TR801&prvid=2034%2C2033%2C193%2C2030%2C273%2C157%2C2027%2C2026%2C159%2C238%2C117%2C97%2C99%2C55%2C56%2C59%2C3012%2C122%2C3008%2C3007%2C3%2C201%2C4%2C246%2C203%2C126%2C9%2C208%2C171%2C251%2C175%2C132%2C255%2C178%2C3018%2C3017%2C3016%2C214%2C3015%2C3014%2C76%2C77%2C38%2C182%2C261%2C184%2C262%2C141%2C186%2C188%2C222%2C102%2C301%2C225%2C226%2C106%2C80%2C10000%2C229%2C108%2C109&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=PREBID

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156796/877/pwt.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

fbc058e52f83414e86ec45a7698feafd009bffeffd2e11877e155a63f3acd4ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/

Response headers

server: Apache
content-type: text/html; charset=UTF-8
x-mnet-hl2: E
strict-transport-security: max-age=604800
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=172800
expires: Wed, 29 Dec 2021 01:26:29 GMT
date: Mon, 27 Dec 2021 01:26:29 GMT
content-length: 8352

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame BC4E 52 KB
17 KB 100ms
15ms Document
text/html 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156796/877/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/

Response headers

Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: "5fc7ff8f-cf34"
Server: nginx/1.13.10
Access-Control-Allow-Origin: *
Content-Type: text/html
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Tue, 28 Dec 2021 01:26:31 GMT
Date: Mon, 27 Dec 2021 01:26:29 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame 8D7F 23 KB
8 KB 229ms
229ms Document
text/html 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156796/877/pwt.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

fbc058e52f83414e86ec45a7698feafd009bffeffd2e11877e155a63f3acd4ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/

Response headers

server: Apache
content-type: text/html; charset=UTF-8
x-mnet-hl2: E
strict-transport-security: max-age=604800
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=172800
expires: Wed, 29 Dec 2021 01:26:29 GMT
date: Mon, 27 Dec 2021 01:26:29 GMT
content-length: 8352

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 67A3 14 KB
5 KB 7ms
7ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156796
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156796/877/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=76134
expires: Mon, 27 Dec 2021 22:35:23 GMT
date: Mon, 27 Dec 2021 01:26:29 GMT
vary: Accept-Encoding

GET
H/1.1

200
OK

1032790.html Show response
serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/ Frame 5ED1
Redirect Chain

https://sync.serverbid.com/ss/1032790.html
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/1032790.html

4 KB
4 KB

81ms
16ms

Document
text/html

205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/1032790.html

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156796/877/pwt.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

62dfe992f48c3ae7c1b6b12225a2a16e80177a3bdec3ae9064b012fad19166ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/

Response headers

Date: Mon, 27 Dec 2021 01:26:29 GMT
Connection: Keep-Alive
Cache-Control: max-age=71424
Content-Length: 3659
Content-Type: text/html
Last-Modified: Thu, 18 Apr 2019 23:21:46 GMT
Accept-Ranges: bytes
x-rgw-object-type: Normal
etag: "41b3230f702a1f166f86197fb6e1e151"
x-amz-request-id: tx0000000000000069a86fb-0061c8dbc5-ef451db-nyc3a
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 0
Vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW: 1640568389.dop114.am5.t,1640568389.cds290.am5.shn,1640568389.cds290.am5.c

Redirect headers

content-length: 0
location: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/1032790.html
cache-control: no-cache

GET
H/1.1

200
OK

1032790.html Show response
serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/ Frame 14D5
Redirect Chain

https://sync.serverbid.com/ss/1032790.html
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/1032790.html

4 KB
4 KB

83ms
17ms

Document
text/html

205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/1032790.html

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156796/877/pwt.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

62dfe992f48c3ae7c1b6b12225a2a16e80177a3bdec3ae9064b012fad19166ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/

Response headers

Date: Mon, 27 Dec 2021 01:26:29 GMT
Connection: Keep-Alive
Cache-Control: max-age=67619
Content-Length: 3659
Content-Type: text/html
Last-Modified: Thu, 18 Apr 2019 23:21:46 GMT
Accept-Ranges: bytes
etag: "41b3230f702a1f166f86197fb6e1e151"
x-amz-request-id: tx0000000000000118d7484-0061c8cce8-d1bfb72-nyc3a
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 5
x-rgw-object-type: Normal
Vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW: 1640568389.dop004.am5.t,1640568389.cds145.am5.shn,1640568389.dop004.am5.t,1640568389.cds003.am5.c

Redirect headers

content-length: 0
location: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/1032790.html
cache-control: no-cache

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame 5F4A 2 KB
1 KB 31ms
7ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156796/877/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/

Response headers

Server: Apache
Last-Modified: Thu, 11 Feb 2021 16:12:45 GMT
ETag: "e20015-90b-5bb11ca420f07"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1151
Date: Mon, 27 Dec 2021 01:26:29 GMT
Connection: keep-alive

GET
H2

200

sync Show response
eb2.3lift.com/ Frame 0A73
Redirect Chain

https://eb2.3lift.com/sync?
https://eb2.3lift.com/sync?&ld=1

1 KB
1 KB

11ms
9ms

Document
text/html

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?&ld=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156796/877/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: 17f8c38e578718cdd0fe840056e389717e8e7694e7a83a75eb28d4705ff60b55

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/

Response headers

date: Mon, 27 Dec 2021 01:26:29 GMT
content-type: text/html; charset=utf-8
content-length: 458
content-encoding: gzip
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control: no-cache, no-store, must-revalidate

Redirect headers

date: Mon, 27 Dec 2021 01:26:29 GMT
content-length: 0
location: /sync?&ld=1
cache-control: no-cache, no-store, must-revalidate
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1 204
No Content beacon
ap.lijit.com/ Frame 7AFF 0
0 27ms
26ms Document
text/plain 216.52.2.19
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/beacon?informer=13414399
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156796/877/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx / raptor
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/

Response headers

Server: nginx
Date: Mon, 27 Dec 2021 01:26:29 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
Expires: Fri, 20 Mar 2009 00:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
X-Powered-By: raptor
X-Sovrn-Pod: ad_ap4ams1

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 43E6 52 KB
17 KB 93ms
16ms Document
text/html 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156796/877/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/

Response headers

Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: "5fc7ff8f-cf34"
Server: nginx/1.13.10
Access-Control-Allow-Origin: *
Content-Type: text/html
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Tue, 28 Dec 2021 01:26:31 GMT
Date: Mon, 27 Dec 2021 01:26:29 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 204
No Content beacon
ap.lijit.com/ Frame 331F 0
0 27ms
27ms Document
text/plain 216.52.2.19
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/beacon?informer=13414399
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156796/877/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx / raptor
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/

Response headers

Server: nginx
Date: Mon, 27 Dec 2021 01:26:29 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
Expires: Fri, 20 Mar 2009 00:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
X-Powered-By: raptor
X-Sovrn-Pod: ad_ap4ams1

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame 824C 23 KB
8 KB 221ms
220ms Document
text/html 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156796/877/pwt.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

fbc058e52f83414e86ec45a7698feafd009bffeffd2e11877e155a63f3acd4ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/

Response headers

server: Apache
content-type: text/html; charset=UTF-8
x-mnet-hl2: E
strict-transport-security: max-age=604800
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=172800
expires: Wed, 29 Dec 2021 01:26:29 GMT
date: Mon, 27 Dec 2021 01:26:29 GMT
content-length: 8352

GET
H2

200

sync Show response
eb2.3lift.com/ Frame BDAB
Redirect Chain

https://eb2.3lift.com/sync?
https://eb2.3lift.com/sync?&ld=1

1 KB
1 KB

10ms
9ms

Document
text/html

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?&ld=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156796/877/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: 17f8c38e578718cdd0fe840056e389717e8e7694e7a83a75eb28d4705ff60b55

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/

Response headers

date: Mon, 27 Dec 2021 01:26:29 GMT
content-type: text/html; charset=utf-8
content-length: 458
content-encoding: gzip
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control: no-cache, no-store, must-revalidate

Redirect headers

date: Mon, 27 Dec 2021 01:26:29 GMT
content-length: 0
location: /sync?&ld=1
cache-control: no-cache, no-store, must-revalidate
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1 204
No Content beacon
ap.lijit.com/ Frame 91D9 0
0 26ms
26ms Document
text/plain 216.52.2.19
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/beacon?informer=13414399
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156796/877/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx / raptor
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/

Response headers

Server: nginx
Date: Mon, 27 Dec 2021 01:26:29 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
Expires: Fri, 20 Mar 2009 00:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
X-Powered-By: raptor
X-Sovrn-Pod: ad_ap4ams1

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame 68FA 2 KB
1 KB 26ms
7ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156796/877/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/

Response headers

Server: Apache
Last-Modified: Thu, 11 Feb 2021 16:12:45 GMT
ETag: "e20015-90b-5bb11ca420f07"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1151
Date: Mon, 27 Dec 2021 01:26:29 GMT
Connection: keep-alive

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 0F68 281 B
554 B 34ms
7ms Document
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156796/877/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
ETag: "40014-119-5d32342a551c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 27 Dec 2021 01:26:29 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame BB7A 23 KB
8 KB 218ms
218ms Document
text/html 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156796/877/pwt.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

fbc058e52f83414e86ec45a7698feafd009bffeffd2e11877e155a63f3acd4ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/

Response headers

server: Apache
content-type: text/html; charset=UTF-8
x-mnet-hl2: E
strict-transport-security: max-age=604800
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=172800
expires: Wed, 29 Dec 2021 01:26:29 GMT
date: Mon, 27 Dec 2021 01:26:29 GMT
content-length: 8352

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame B1D0 2 KB
1 KB 26ms
6ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156796/877/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/

Response headers

Server: Apache
Last-Modified: Thu, 11 Feb 2021 16:12:45 GMT
ETag: "e20015-90b-5bb11ca420f07"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1151
Date: Mon, 27 Dec 2021 01:26:29 GMT
Connection: keep-alive

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 312A 52 KB
17 KB 85ms
16ms Document
text/html 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156796/877/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/

Response headers

Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: "5fc7ff8f-cf34"
Server: nginx/1.13.10
Access-Control-Allow-Origin: *
Content-Type: text/html
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Tue, 28 Dec 2021 01:26:31 GMT
Date: Mon, 27 Dec 2021 01:26:29 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 204
No Content beacon
ap.lijit.com/ Frame 00D4 0
0 26ms
25ms Document
text/plain 216.52.2.19
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/beacon?informer=13414399
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156796/877/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx / raptor
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/

Response headers

Server: nginx
Date: Mon, 27 Dec 2021 01:26:29 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
Expires: Fri, 20 Mar 2009 00:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
X-Powered-By: raptor
X-Sovrn-Pod: ad_ap4ams1

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame A6A0 52 KB
17 KB 76ms
9ms Document
text/html 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156796/877/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/

Response headers

Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: "5fc7ff8f-cf34"
Server: nginx/1.13.10
Access-Control-Allow-Origin: *
Content-Type: text/html
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Tue, 28 Dec 2021 01:26:31 GMT
Date: Mon, 27 Dec 2021 01:26:29 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2

200

sync Show response
eb2.3lift.com/ Frame 629F
Redirect Chain

https://eb2.3lift.com/sync?
https://eb2.3lift.com/sync?&ld=1

1 KB
1 KB

10ms
9ms

Document
text/html

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?&ld=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156796/877/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: 17f8c38e578718cdd0fe840056e389717e8e7694e7a83a75eb28d4705ff60b55

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/

Response headers

date: Mon, 27 Dec 2021 01:26:29 GMT
content-type: text/html; charset=utf-8
content-length: 458
content-encoding: gzip
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control: no-cache, no-store, must-revalidate

Redirect headers

date: Mon, 27 Dec 2021 01:26:29 GMT
content-length: 0
location: /sync?&ld=1
cache-control: no-cache, no-store, must-revalidate
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

sync Show response
eb2.3lift.com/ Frame E05A
Redirect Chain

https://eb2.3lift.com/sync?
https://eb2.3lift.com/sync?&ld=1

1 KB
1 KB

9ms
8ms

Document
text/html

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?&ld=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156796/877/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: 17f8c38e578718cdd0fe840056e389717e8e7694e7a83a75eb28d4705ff60b55

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/

Response headers

date: Mon, 27 Dec 2021 01:26:29 GMT
content-type: text/html; charset=utf-8
content-length: 458
content-encoding: gzip
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control: no-cache, no-store, must-revalidate

Redirect headers

date: Mon, 27 Dec 2021 01:26:29 GMT
content-length: 0
location: /sync?&ld=1
cache-control: no-cache, no-store, must-revalidate
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame D0E4 14 KB
5 KB 8ms
8ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156796
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156796/877/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=76134
expires: Mon, 27 Dec 2021 22:35:23 GMT
date: Mon, 27 Dec 2021 01:26:29 GMT
vary: Accept-Encoding

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame D678 2 KB
2 KB 66ms
16ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=2091790&p=156796&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156796
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: c86d9eefc9313a8a8f902e2ff7c971f1684eb0d8318085237180abfdd583ffed

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:27 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 1811
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 0F68 32 KB
10 KB 9ms
7ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 310ec08f78aca9b36c34a878dc933c8258bcb914800038508419033c2c69e25e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 27 Dec 2021 01:26:29 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Dec 2021 23:04:16 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=61065
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9702
Expires: Mon, 27 Dec 2021 18:24:14 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame E05A 70 B
264 B 111ms
32ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:29 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

404

xuidmid=7976&xuid=r79tbCOfp&dongle=u6nf
eb2.3lift.com/ Frame E05A
Redirect Chain

https://ad.mrtnsvr.com/sync/triplelift
https://eb2.3lift.com/xuidmid=7976&xuid=r79tbCOfp&dongle=u6nf

37 B
155 B

10ms
8ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuidmid=7976&xuid=r79tbCOfp&dongle=u6nf
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:29 GMT
cache-control: no-cache, no-store, must-revalidate
x-error: Not Found
content-length: 37
content-type: image/gif

Redirect headers

location: https://eb2.3lift.com/xuidmid=7976&xuid=r79tbCOfp&dongle=u6nf
date: Mon, 27 Dec 2021 01:26:29 GMT
via: 1.1 google
alt-svc: clear
content-length: 92
vary: Origin
content-type: text/html; charset=utf-8

GET
H2

200

xuid
eb2.3lift.com/ Frame E05A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm=&google_sc=&gdpr=1&gdpr_consent=&google_tc=
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEGUp9gpONcDiDgwlWDyCZy8&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1

37 B
352 B

10ms
9ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEGUp9gpONcDiDgwlWDyCZy8&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:29 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:29 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEGUp9gpONcDiDgwlWDyCZy8&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 332
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E05A
Redirect Chain

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTYzNDA1NDE2MDk1MzM2OTU3OQ%3D%3D
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTYzNDA1NDE2MDk1MzM2OTU3OQ%3D%3D&google_tc=

170 B
188 B

99ms
52ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTYzNDA1NDE2MDk1MzM2OTU3OQ%3D%3D&google_tc=

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:29 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTYzNDA1NDE2MDk1MzM2OTU3OQ%3D%3D&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 360
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 setuid
px.ads.linkedin.com/ Frame E05A 0
363 B 149ms
109ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=9634054160953369579&dbredirect=true&gdpr=1&consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:28 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 67EA36D90EF4479DA799E6887BD508C2 Ref B: FRAEDGE1515 Ref C: 2021-12-27T01:26:29Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXUFpgRoQsCY3+G8MAdoQ==

GET
H2

200

xuid
eb2.3lift.com/ Frame E05A
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/triplelift/9634054160953369579?gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2662&xuid=y-ZvDTrW5E2oQvN7rIKkfzoi0mkZWtYTFrkczKMuba5Q--~A&dongle=0883

37 B
352 B

9ms
9ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2662&xuid=y-ZvDTrW5E2oQvN7rIKkfzoi0mkZWtYTFrkczKMuba5Q--~A&dongle=0883
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:29 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date: Mon, 27 Dec 2021 01:26:29 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://eb2.3lift.com/xuid?mid=2662&xuid=y-ZvDTrW5E2oQvN7rIKkfzoi0mkZWtYTFrkczKMuba5Q--~A&dongle=0883
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame E05A 43 B
220 B 56ms
8ms Image
image/gif 18.197.42.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=triplelift&user_id=9634054160953369579&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.197.42.49 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-42-49.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 27 Dec 2021 01:26:29 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 c.gif
c.bing.com/ Frame E05A 42 B
258 B 75ms
30ms Image
image/gif 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bing.com/c.gif?xid=9634054160953369579&Red3=TLMS_pd
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:28 GMT
etag: "f95a3e4769d2d71:0"
last-modified: Fri, 05 Nov 2021 17:19:23 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6C4AEBB01D944AD1832204601585038F Ref B: FRAEDGE1221 Ref C: 2021-12-27T01:26:29Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

GET
H/1.1

200
OK

iu3
s.amazon-adsystem.com/ Frame E05A
Redirect Chain

https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=9634054160953369579
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=9634054160953369579&dcc=t

0
0

184ms
100ms

Image
text/html

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=9634054160953369579&dcc=t
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: HTTP/1.1
Server: 52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Redirect headers

Pragma: no-cache
Date: Mon, 27 Dec 2021 01:26:29 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: V8272RPFK2AMAXTB9DBP
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=9634054160953369579&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame E05A
Redirect Chain

https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1

37 B
139 B

30ms
30ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:29 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

Location: https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma: no-cache
Date: Mon, 27 Dec 2021 01:26:29 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 95
Content-Type: text/html; charset=utf-8

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 629F 70 B
264 B 110ms
32ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:29 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

404

xuidmid=7976&xuid=n79tskhfp&dongle=u6nf
eb2.3lift.com/ Frame 629F
Redirect Chain

https://ad.mrtnsvr.com/sync/triplelift
https://eb2.3lift.com/xuidmid=7976&xuid=n79tskhfp&dongle=u6nf

37 B
155 B

9ms
8ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuidmid=7976&xuid=n79tskhfp&dongle=u6nf
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:29 GMT
cache-control: no-cache, no-store, must-revalidate
x-error: Not Found
content-length: 37
content-type: image/gif

Redirect headers

location: https://eb2.3lift.com/xuidmid=7976&xuid=n79tskhfp&dongle=u6nf
date: Mon, 27 Dec 2021 01:26:29 GMT
via: 1.1 google
alt-svc: clear
content-length: 92
vary: Origin
content-type: text/html; charset=utf-8

GET
H2

200

xuid
eb2.3lift.com/ Frame 629F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm=&google_sc=&gdpr=1&gdpr_consent=&google_tc=
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEGUp9gpONcDiDgwlWDyCZy8&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1

37 B
352 B

9ms
8ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEGUp9gpONcDiDgwlWDyCZy8&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:29 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:29 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEGUp9gpONcDiDgwlWDyCZy8&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 332
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 629F
Redirect Chain

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTYzNDA1NDE2MDk1MzM2OTU3OQ%3D%3D
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTYzNDA1NDE2MDk1MzM2OTU3OQ%3D%3D&google_tc=

170 B
188 B

97ms
49ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTYzNDA1NDE2MDk1MzM2OTU3OQ%3D%3D&google_tc=

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:29 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTYzNDA1NDE2MDk1MzM2OTU3OQ%3D%3D&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 360
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 setuid
px.ads.linkedin.com/ Frame 629F 0
706 B 141ms
104ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=9634054160953369579&dbredirect=true&gdpr=1&consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:28 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 1B3381B820914998B51CC23CACCADAF7 Ref B: FRAEDGE1515 Ref C: 2021-12-27T01:26:29Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXUFpgRoR/8VlV0LJE8bQ==

GET
H2

200

xuid
eb2.3lift.com/ Frame 629F
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/triplelift/9634054160953369579?gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2662&xuid=y-GkSpDqFE2oTa_I7Cnw1TsTcQIfzARCYvYTu93G7p4w--~A&dongle=0883

37 B
352 B

10ms
10ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2662&xuid=y-GkSpDqFE2oTa_I7Cnw1TsTcQIfzARCYvYTu93G7p4w--~A&dongle=0883
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:29 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date: Mon, 27 Dec 2021 01:26:29 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://eb2.3lift.com/xuid?mid=2662&xuid=y-GkSpDqFE2oTa_I7Cnw1TsTcQIfzARCYvYTu93G7p4w--~A&dongle=0883
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame 629F 43 B
220 B 54ms
8ms Image
image/gif 18.197.42.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=triplelift&user_id=9634054160953369579&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.197.42.49 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-42-49.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 27 Dec 2021 01:26:29 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 c.gif
c.bing.com/ Frame 629F 42 B
259 B 73ms
32ms Image
image/gif 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bing.com/c.gif?xid=9634054160953369579&Red3=TLMS_pd
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:28 GMT
etag: "f95a3e4769d2d71:0"
last-modified: Fri, 05 Nov 2021 17:19:23 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 70834F9EA75E4778A80AD0DC1BE1DF6A Ref B: FRAEDGE1221 Ref C: 2021-12-27T01:26:29Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

GET
H/1.1

200
OK

iu3
s.amazon-adsystem.com/ Frame 629F
Redirect Chain

https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=9634054160953369579
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=9634054160953369579&dcc=t

0
0

185ms
100ms

Image
text/html

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=9634054160953369579&dcc=t
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: HTTP/1.1
Server: 52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Redirect headers

Pragma: no-cache
Date: Mon, 27 Dec 2021 01:26:29 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: QV9508GF5HFRC4E29Z4K
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=9634054160953369579&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame 629F
Redirect Chain

https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1

37 B
139 B

31ms
30ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:29 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

Location: https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma: no-cache
Date: Mon, 27 Dec 2021 01:26:29 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 95
Content-Type: text/html; charset=utf-8

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame BDAB 70 B
265 B 109ms
31ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:29 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

404

xuidmid=7976&xuid=c79tbChfp&dongle=u6nf
eb2.3lift.com/ Frame BDAB
Redirect Chain

https://ad.mrtnsvr.com/sync/triplelift
https://eb2.3lift.com/xuidmid=7976&xuid=c79tbChfp&dongle=u6nf

37 B
155 B

8ms
7ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuidmid=7976&xuid=c79tbChfp&dongle=u6nf
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:29 GMT
cache-control: no-cache, no-store, must-revalidate
x-error: Not Found
content-length: 37
content-type: image/gif

Redirect headers

location: https://eb2.3lift.com/xuidmid=7976&xuid=c79tbChfp&dongle=u6nf
date: Mon, 27 Dec 2021 01:26:29 GMT
via: 1.1 google
alt-svc: clear
content-length: 92
vary: Origin
content-type: text/html; charset=utf-8

GET
H2

200

xuid
eb2.3lift.com/ Frame BDAB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm=&google_sc=&gdpr=1&gdpr_consent=&google_tc=
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEGUp9gpONcDiDgwlWDyCZy8&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1

37 B
352 B

10ms
10ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEGUp9gpONcDiDgwlWDyCZy8&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:29 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:29 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEGUp9gpONcDiDgwlWDyCZy8&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 332
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BDAB
Redirect Chain

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTYzNDA1NDE2MDk1MzM2OTU3OQ%3D%3D
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTYzNDA1NDE2MDk1MzM2OTU3OQ%3D%3D&google_tc=

170 B
188 B

99ms
51ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTYzNDA1NDE2MDk1MzM2OTU3OQ%3D%3D&google_tc=

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:29 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTYzNDA1NDE2MDk1MzM2OTU3OQ%3D%3D&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 360
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 setuid
px.ads.linkedin.com/ Frame BDAB 0
577 B 144ms
108ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=9634054160953369579&dbredirect=true&gdpr=1&consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:28 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 420F6EB6FB654C919079D972C83E1521 Ref B: FRAEDGE1515 Ref C: 2021-12-27T01:26:29Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXUFpgRpa12nQzL+7YYMQ==

GET
H2

200

xuid
eb2.3lift.com/ Frame BDAB
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/triplelift/9634054160953369579?gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2662&xuid=y-qSfg3xVE2oT8.82Ju0sNm8CxGwa55TIPTJPC9OBzDQ--~A&dongle=0883

37 B
352 B

11ms
10ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2662&xuid=y-qSfg3xVE2oT8.82Ju0sNm8CxGwa55TIPTJPC9OBzDQ--~A&dongle=0883
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:29 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date: Mon, 27 Dec 2021 01:26:29 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://eb2.3lift.com/xuid?mid=2662&xuid=y-qSfg3xVE2oT8.82Ju0sNm8CxGwa55TIPTJPC9OBzDQ--~A&dongle=0883
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame BDAB 43 B
220 B 53ms
8ms Image
image/gif 18.197.42.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=triplelift&user_id=9634054160953369579&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.197.42.49 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-42-49.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 27 Dec 2021 01:26:29 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 c.gif
c.bing.com/ Frame BDAB 42 B
259 B 70ms
29ms Image
image/gif 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bing.com/c.gif?xid=9634054160953369579&Red3=TLMS_pd
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:28 GMT
etag: "f95a3e4769d2d71:0"
last-modified: Fri, 05 Nov 2021 17:19:23 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: CD345A2399DB4C2F9695BB49EC68B2F3 Ref B: FRAEDGE1221 Ref C: 2021-12-27T01:26:29Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

GET
H/1.1

200
OK

iu3
s.amazon-adsystem.com/ Frame BDAB
Redirect Chain

https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=9634054160953369579
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=9634054160953369579&dcc=t

0
0

322ms
101ms

Image
text/html

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=9634054160953369579&dcc=t
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: HTTP/1.1
Server: 52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Redirect headers

Pragma: no-cache
Date: Mon, 27 Dec 2021 01:26:29 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: JJWDND1JQYKT26CVZQBN
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=9634054160953369579&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame BDAB
Redirect Chain

https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1

37 B
139 B

30ms
29ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:29 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

Location: https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma: no-cache
Date: Mon, 27 Dec 2021 01:26:29 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 95
Content-Type: text/html; charset=utf-8

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 0A73 70 B
264 B 110ms
32ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:29 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

404

xuidmid=7976&xuid=nNrabkOfM&dongle=u6nf
eb2.3lift.com/ Frame 0A73
Redirect Chain

https://ad.mrtnsvr.com/sync/triplelift
https://eb2.3lift.com/xuidmid=7976&xuid=nNrabkOfM&dongle=u6nf

37 B
155 B

9ms
8ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuidmid=7976&xuid=nNrabkOfM&dongle=u6nf
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:29 GMT
cache-control: no-cache, no-store, must-revalidate
x-error: Not Found
content-length: 37
content-type: image/gif

Redirect headers

location: https://eb2.3lift.com/xuidmid=7976&xuid=nNrabkOfM&dongle=u6nf
date: Mon, 27 Dec 2021 01:26:29 GMT
via: 1.1 google
alt-svc: clear
content-length: 92
vary: Origin
content-type: text/html; charset=utf-8

GET
H2

200

xuid
eb2.3lift.com/ Frame 0A73
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm=&google_sc=&gdpr=1&gdpr_consent=&google_tc=
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEGUp9gpONcDiDgwlWDyCZy8&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1

37 B
352 B

9ms
8ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEGUp9gpONcDiDgwlWDyCZy8&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:29 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:29 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEGUp9gpONcDiDgwlWDyCZy8&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 332
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0A73
Redirect Chain

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTYzNDA1NDE2MDk1MzM2OTU3OQ%3D%3D
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTYzNDA1NDE2MDk1MzM2OTU3OQ%3D%3D&google_tc=

170 B
188 B

99ms
51ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTYzNDA1NDE2MDk1MzM2OTU3OQ%3D%3D&google_tc=

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:29 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTYzNDA1NDE2MDk1MzM2OTU3OQ%3D%3D&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 360
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 setuid
px.ads.linkedin.com/ Frame 0A73 0
362 B 154ms
121ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=9634054160953369579&dbredirect=true&gdpr=1&consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:28 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: A7EFBBFA9E04419C89DBDF97946D8068 Ref B: FRAEDGE1515 Ref C: 2021-12-27T01:26:29Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXUFpgRpFfdhp/nZNwfYQ==

GET
H2

200

xuid
eb2.3lift.com/ Frame 0A73
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/triplelift/9634054160953369579?gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2662&xuid=y-QgTDjGpE2oRG1krIPA10ruws3c6d4v7H9kLIVHIJgQ--~A&dongle=0883

37 B
352 B

10ms
9ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2662&xuid=y-QgTDjGpE2oRG1krIPA10ruws3c6d4v7H9kLIVHIJgQ--~A&dongle=0883
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:29 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date: Mon, 27 Dec 2021 01:26:29 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://eb2.3lift.com/xuid?mid=2662&xuid=y-QgTDjGpE2oRG1krIPA10ruws3c6d4v7H9kLIVHIJgQ--~A&dongle=0883
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame 0A73 43 B
220 B 51ms
8ms Image
image/gif 18.197.42.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=triplelift&user_id=9634054160953369579&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.197.42.49 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-42-49.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 27 Dec 2021 01:26:29 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 c.gif
c.bing.com/ Frame 0A73 42 B
592 B 67ms
29ms Image
image/gif 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bing.com/c.gif?xid=9634054160953369579&Red3=TLMS_pd
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:28 GMT
etag: "f95a3e4769d2d71:0"
last-modified: Fri, 05 Nov 2021 17:19:23 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1FA29862C15C4FC6B6A980D00A0E55D5 Ref B: FRAEDGE1221 Ref C: 2021-12-27T01:26:29Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

GET
H/1.1

200
OK

iu3
s.amazon-adsystem.com/ Frame 0A73
Redirect Chain

https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=9634054160953369579
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=9634054160953369579&dcc=t

0
0

319ms
99ms

Image
text/html

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=9634054160953369579&dcc=t
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: HTTP/1.1
Server: 52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Redirect headers

Pragma: no-cache
Date: Mon, 27 Dec 2021 01:26:29 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 6V11Z1V4JPJM1NT1XVGF
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=9634054160953369579&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame 0A73
Redirect Chain

https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1

37 B
139 B

10ms
8ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:29 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

Location: https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma: no-cache
Date: Mon, 27 Dec 2021 01:26:29 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 95
Content-Type: text/html; charset=utf-8

GET
H/1.1

200
OK

usermatch Show response
ssum-sec.casalemedia.com/ Frame 15E8
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https://www.urbandictionary.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://ssum-sec.casalemedia.com/usermatch?d=https://www.urbandictionary.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
3 KB

19ms
19ms

Document
text/html

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.urbandictionary.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 728c9a9952347dce2efe7452438e76d72e5107dd92395febd377e146fa464cf4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://js-sec.indexww.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 39|45|230|241|10|73|88|111
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1672
Expires: Mon, 27 Dec 2021 01:26:29 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 27 Dec 2021 01:26:29 GMT
Connection: keep-alive

Redirect headers

Server: Apache
Content-Length: 346
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?d=https://www.urbandictionary.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Mon, 27 Dec 2021 01:26:29 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 27 Dec 2021 01:26:29 GMT
Connection: keep-alive

GET
H/1.1

200
OK

usermatch Show response
ssum-sec.casalemedia.com/ Frame B55E
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https://www.urbandictionary.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://ssum-sec.casalemedia.com/usermatch?d=https://www.urbandictionary.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
3 KB

19ms
18ms

Document
text/html

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.urbandictionary.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: c60a61732841bead09d6801d940efd42964503d476d620ff3e009c5146d495b8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://js-sec.indexww.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 39|241|45|230|239|195|90|221
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1837
Expires: Mon, 27 Dec 2021 01:26:29 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 27 Dec 2021 01:26:29 GMT
Connection: keep-alive

Redirect headers

Server: Apache
Content-Length: 346
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?d=https://www.urbandictionary.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Mon, 27 Dec 2021 01:26:29 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 27 Dec 2021 01:26:29 GMT
Connection: keep-alive

GET
H/1.1

200
OK

usermatch Show response
ssum-sec.casalemedia.com/ Frame 772C
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https://www.urbandictionary.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://ssum-sec.casalemedia.com/usermatch?d=https://www.urbandictionary.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
3 KB

18ms
18ms

Document
text/html

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.urbandictionary.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 19fcb061c321a980bfbfe07037524dd4f0476c1971d6bbbeb1bb76d56660e94a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://js-sec.indexww.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 39|45|230|241|88|90|190|5
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1713
Expires: Mon, 27 Dec 2021 01:26:29 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 27 Dec 2021 01:26:29 GMT
Connection: keep-alive

Redirect headers

Server: Apache
Content-Length: 346
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?d=https://www.urbandictionary.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Mon, 27 Dec 2021 01:26:29 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 27 Dec 2021 01:26:29 GMT
Connection: keep-alive

GET
H/1.1

200
OK

usermatch Show response
ssum-sec.casalemedia.com/ Frame 3EBE
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https://www.urbandictionary.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://ssum-sec.casalemedia.com/usermatch?d=https://www.urbandictionary.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
3 KB

17ms
17ms

Document
text/html

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.urbandictionary.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 5f5cb993a0d38717b49cd64e977fff7338fc7f47c97760d256366b873ac9275e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://js-sec.indexww.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 39|241|45|230|218|156|8|123
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1595
Expires: Mon, 27 Dec 2021 01:26:29 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 27 Dec 2021 01:26:29 GMT
Connection: keep-alive

Redirect headers

Server: Apache
Content-Length: 346
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?d=https://www.urbandictionary.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Mon, 27 Dec 2021 01:26:29 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 27 Dec 2021 01:26:29 GMT
Connection: keep-alive

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 142ms
53ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
expires: Mon, 27 Dec 2021 01:26:29 GMT

GET
H/1.1

200
OK

bounce Show response
ib.adnxs.com/ Frame A6A0
Redirect Chain

https://ib.adnxs.com/async_usersync?cbfn=queuePixels
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

0
807 B

21ms
20ms

Script
text/html

185.33.221.15
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Server

185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Dec 2021 01:26:29 GMT
X-Proxy-Origin: 185.213.155.166; 185.213.155.166; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: f5e2efe2-b897-48d3-84e8-9a8af9e3806a
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 27 Dec 2021 01:26:29 GMT
X-Proxy-Origin: 185.213.155.166; 185.213.155.166; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: ee4f3960-9335-41f1-b00c-bbe0e814781c
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

match Show response
c1.adform.net/serving/cookie/ Frame 66AC
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&cid=350B745B-C7AE-4497-937B-9CBD22D89551
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=350B745B-C7AE-4497-937B-9CBD22D89551

35 B
468 B

20ms
19ms

Document
image/gif

37.157.4.24
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=350B745B-C7AE-4497-937B-9CBD22D89551

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156796

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Mon, 27 Dec 2021 01:26:29 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

Redirect headers

server: nginx
date: Mon, 27 Dec 2021 01:26:29 GMT
content-length: 0
location: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=350B745B-C7AE-4497-937B-9CBD22D89551
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 52B9
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3341311249734111238

42 B
519 B

65ms
14ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3341311249734111238
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156796
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Mon, 27 Dec 2021 01:26:27 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: amspug008:0:328
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3341311249734111238
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D678
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=NQt0W8euRJeTe5y9ItiVUQ%3D%3D
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

14 KB
14 KB

8ms
7ms

Image
text/html

2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156796
Protocol: H2
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:29 GMT
content-encoding: gzip
last-modified: Tue, 15 Jun 2021 06:08:03 GMT
server: Apache/2.2.15 (CentOS)
etag: "1300708-3945-5c4c7cc02bd56"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=76134
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 5054
expires: Mon, 27 Dec 2021 22:35:23 GMT

Redirect headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:29 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame D678
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=386961c9-1645-4600-ab5d-b8456addc617

0
260 B

80ms
16ms

Image
text/plain

185.64.190.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=386961c9-1645-4600-ab5d-b8456addc617
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156796
Protocol: H2
Server: 185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 00:17:10 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Mon, 27 Dec 2021 01:26:29 GMT
Server: MT3 4133 baa842e master cdg-pixel-x6 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=386961c9-1645-4600-ab5d-b8456addc617
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 27 Dec 2021 01:26:28 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame D678
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=350B745B-C7AE-4497-937B-9CBD22D89551
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=61a777059d243ce2766c4babc72e3e5a
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=xksw9la&ttd_tpi=1
https://pixel.onaudience.com/?partner=147&mapped=456b261a-6772-44d4-bdfe-6385b9439d94&icm
https://spl.zeotap.com/?zdid=1332&zcluid=2e600e5c7dd14c06
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=7a2d47b5-2c92-406f-5426-4a80e51ab110&reqId=212b8ec5-6f13-49db-5322-fbd2cfabf9b2&zclui...
https://mwzeom.zeotap.com/mw?google_gid=CAESEATY3WWfujy4hurJAb_egF8&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=7a2d47b5-2c92-406f-5426-4a80e51ab110&reqId=212b8ec5-6f13-49db-5322-fbd...

95 B
164 B

39ms
30ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?google_gid=CAESEATY3WWfujy4hurJAb_egF8&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=7a2d47b5-2c92-406f-5426-4a80e51ab110&reqId=212b8ec5-6f13-49db-5322-fbd2cfabf9b2&zcluid=2e600e5c7dd14c06&zdid=1332
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156796
Protocol: H2
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:30 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 6c3ec2d6fb2243b8-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:30 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://mwzeom.zeotap.com/mw?google_gid=CAESEATY3WWfujy4hurJAb_egF8&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=7a2d47b5-2c92-406f-5426-4a80e51ab110&reqId=212b8ec5-6f13-49db-5322-fbd2cfabf9b2&zcluid=2e600e5c7dd14c06&zdid=1332
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 469
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame D678
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MzUwQjc0NUItQzdBRS00NDk3LTkzN0ItOUNCRDIyRDg5NTUx&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
110 B

56ms
15ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156796
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:27 GMT
cache-control: no-store, no-cache, private
x-lat: amspug011:0:340
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:29 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame D678
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEA3iksR9QnR7BWWBqUCQTeY&google_cver=1

42 B
439 B

20ms
15ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEA3iksR9QnR7BWWBqUCQTeY&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156796
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:29 GMT
cache-control: no-store, no-cache, private
x-lat: amspug013:0:392
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:29 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEA3iksR9QnR7BWWBqUCQTeY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame D678 43 B
614 B 56ms
17ms Image
image/gif 159.122.14.34
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156796

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.122.14.34 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

22.0e.7a9f.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:29 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Sun, 26 Dec 2021 01:26:29 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame D678
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:d07061c9-1645-4a00-b232-e2ae32532fe8&gdpr=0&gdpr_consent=

42 B
647 B

68ms
14ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:d07061c9-1645-4a00-b232-e2ae32532fe8&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156796
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:29 GMT
cache-control: no-store, no-cache, private
x-lat: amspug015:0:393
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Mon, 27 Dec 2021 01:26:29 GMT
Server: MT3 4133 baa842e master cdg-pixel-x28 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:d07061c9-1645-4a00-b232-e2ae32532fe8&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 27 Dec 2021 01:26:28 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame D678
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5955457939755122757

42 B
390 B

15ms
14ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5955457939755122757
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156796
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:28 GMT
cache-control: no-store, no-cache, private
x-lat: amspug016:0:370
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:29 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5955457939755122757
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame BC4E 0
735 B 13ms
13ms Script
text/html 185.33.221.15
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Dec 2021 01:26:29 GMT
X-Proxy-Origin: 185.213.155.166; 185.213.155.166; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 99b477c0-b2e4-490c-b72c-5d3d99e9dbf3
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK / Show response
clarium.global.ssl.fastly.net/ Frame 16E9 124 KB
36 KB 14ms
14ms Script
text/javascript 151.101.129.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://clarium.global.ssl.fastly.net/?wrapper=dpDNFqkb5Lc3xut9hGBf3bUycI8&tpid=ZHBETkZxa2I1TGMzeHV0OWhHQmYzYlV5Y0k4LzI2ODYwMzM2MzE6MzAweDI1MA%3D%3D&v=v2lgcycid&d=eyJ3aCI6IlpIQkVUa1p4YTJJMVRHTXplSFYwT1doSFFtWXpZbFY1WTBrNEx6STJPRFl3TXpNMk16RTZNekF3ZURJMU1BPT0iLCJ3ZCI6eyJvIjoyNjg2MDMzNjMxLCJ3IjoiMzAwIiwiaCI6IjI1MCJ9LCJ3ciI6Mn0=
Requested by: Host: www.urbandictionary.com
URL: https://www.urbandictionary.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 772767f8cc04b25657a494a2a5aca873aede7c06b52bbd460222beedd917b1df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 27 Dec 2021 01:26:29 GMT
Content-Encoding: gzip
Age: 0
X-Cache-Status: hit
X-Cache: HIT
Connection: keep-alive
Content-Length: 35947
X-Served-By: cache-hhn4020-HHN
Access-Control-Allow-Origin: *
Server: nginx
X-Timer: S1640568389.217543,VS0,VE6
ETag: e070a5f9d97ac71eb78dd8738860cc75e81acbc2
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Via: 1.1 varnish
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Accept-Ranges: bytes
X-Cache-Hits: 1

POST
H2 204 beacon
api.urbandictionary.com/v0/ 0
76 B 350ms
350ms Ping
text/html 2a00:1450:4019:80c::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.urbandictionary.com/v0/beacon
Requested by: Host: www.urbandictionary.com
URL: https://www.urbandictionary.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4019:80c::2013 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.urbandictionary.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-cloud-trace-context: 2502dc00f98f5e8b09f0517d7ad16b08
cache-control: no-cache, no-store, must-revalidate
server: Google Frontend
x-license: http://api.urbandictionary.com/
date: Mon, 27 Dec 2021 01:26:29 GMT
content-length: 0
content-type: text/html

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 43E6 0
735 B 21ms
20ms Script
text/html 185.33.221.15
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Dec 2021 01:26:29 GMT
X-Proxy-Origin: 185.213.155.166; 185.213.155.166; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: adddee81-9893-41a0-acdb-3c092181c995
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 312A 0
735 B 15ms
15ms Script
text/html 185.33.221.15
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Dec 2021 01:26:29 GMT
X-Proxy-Origin: 185.213.155.166; 185.213.155.166; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 0d7b97aa-b191-445e-abb3-c49ee40c91c7
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK / Show response
clarium.global.ssl.fastly.net/ Frame E02B 130 KB
37 KB 9ms
9ms Script
text/javascript 151.101.129.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://clarium.global.ssl.fastly.net/?wrapper=dpDNFqkb5Lc3xut9hGBf3bUycI8&tpid=ZHBETkZxa2I1TGMzeHV0OWhHQmYzYlV5Y0k4LzIzNTA1NDUwMjM6MXgx&v=v2lgcycid&d=eyJ3aCI6IlpIQkVUa1p4YTJJMVRHTXplSFYwT1doSFFtWXpZbFY1WTBrNEx6SXpOVEExTkRVd01qTTZNWGd4Iiwid2QiOnsibyI6MjM1MDU0NTAyMywidyI6IjEiLCJoIjoiMSJ9LCJ3ciI6Mn0=
Requested by: Host: www.urbandictionary.com
URL: https://www.urbandictionary.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f27226a8124728cfd13b4af5c10200a99cd62486354895740efbcc56ef4e0c07

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 27 Dec 2021 01:26:29 GMT
Content-Encoding: gzip
Age: 184
X-Cache-Status: hit
X-Cache: HIT
Connection: keep-alive
Content-Length: 37233
X-Served-By: cache-hhn4020-HHN
Access-Control-Allow-Origin: *
Server: nginx
X-Timer: S1640568389.236795,VS0,VE1
ETag: b7863b356bd3df35fe287a78ea014ca6a16b50b9
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Via: 1.1 varnish
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Accept-Ranges: bytes
X-Cache-Hits: 1

POST
H2 204 beacon
api.urbandictionary.com/v0/ 0
66 B 349ms
349ms Ping
text/html 2a00:1450:4019:80c::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.urbandictionary.com/v0/beacon
Requested by: Host: www.urbandictionary.com
URL: https://www.urbandictionary.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4019:80c::2013 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.urbandictionary.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-cloud-trace-context: db2b1c730a4367e849778abe3c422146
cache-control: no-cache, no-store, must-revalidate
server: Google Frontend
x-license: http://api.urbandictionary.com/
date: Mon, 27 Dec 2021 01:26:29 GMT
content-length: 0
content-type: text/html

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 75BA 0
735 B 16ms
13ms Script
text/html 185.33.221.15
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Dec 2021 01:26:29 GMT
X-Proxy-Origin: 185.213.155.166; 185.213.155.166; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 3b2a9c17-a815-484c-baa0-11b06c77edca
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK / Show response
clarium.global.ssl.fastly.net/ Frame BFB2 112 KB
32 KB 13ms
11ms Script
text/javascript 151.101.129.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://clarium.global.ssl.fastly.net/?wrapper=dpDNFqkb5Lc3xut9hGBf3bUycI8&tpid=ZHBETkZxa2I1TGMzeHV0OWhHQmYzYlV5Y0k4LzI2ODYwMzM2MzE6OTcweDkw&v=v2lgcycid&d=eyJ3aCI6IlpIQkVUa1p4YTJJMVRHTXplSFYwT1doSFFtWXpZbFY1WTBrNEx6STJPRFl3TXpNMk16RTZPVGN3ZURrdyIsIndkIjp7Im8iOjI2ODYwMzM2MzEsInciOiI5NzAiLCJoIjoiOTAifSwid3IiOjJ9
Requested by: Host: www.urbandictionary.com
URL: https://www.urbandictionary.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e992e4a930bdca4151aff4635515d50cc4a1752f2fc62b560d2d403201db010f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 27 Dec 2021 01:26:29 GMT
Content-Encoding: gzip
Age: 0
X-Cache-Status: hit
X-Cache: HIT
Connection: keep-alive
Content-Length: 32731
X-Served-By: cache-hhn4020-HHN
Access-Control-Allow-Origin: *
Server: nginx
X-Timer: S1640568389.253070,VS0,VE5
ETag: 61564b464b3fa0223f9c4ea05bc70bd639692771
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Via: 1.1 varnish
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Accept-Ranges: bytes
X-Cache-Hits: 1

POST
H2 204 beacon
api.urbandictionary.com/v0/ 0
74 B 346ms
343ms Ping
text/html 2a00:1450:4019:80c::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.urbandictionary.com/v0/beacon
Requested by: Host: www.urbandictionary.com
URL: https://www.urbandictionary.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4019:80c::2013 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.urbandictionary.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-cloud-trace-context: a2f412042e70bd61af88fc2bf1abad67
cache-control: no-cache, no-store, must-revalidate
server: Google Frontend
x-license: http://api.urbandictionary.com/
date: Mon, 27 Dec 2021 01:26:29 GMT
content-length: 0
content-type: text/html

GET
H/1.1 200
OK / Show response
clarium.global.ssl.fastly.net/ Frame D5BF 130 KB
37 KB 7ms
7ms Script
text/javascript 151.101.129.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://clarium.global.ssl.fastly.net/?wrapper=dpDNFqkb5Lc3xut9hGBf3bUycI8&tpid=ZHBETkZxa2I1TGMzeHV0OWhHQmYzYlV5Y0k4LzI2ODYwMzM2MzE6MjU2eDE0NA%3D%3D&v=v2lgcycid&d=eyJ3aCI6IlpIQkVUa1p4YTJJMVRHTXplSFYwT1doSFFtWXpZbFY1WTBrNEx6STJPRFl3TXpNMk16RTZNalUyZURFME5BPT0iLCJ3ZCI6eyJvIjoyNjg2MDMzNjMxLCJ3IjoiMjU2IiwiaCI6IjE0NCJ9LCJ3ciI6Mn0=
Requested by: Host: www.urbandictionary.com
URL: https://www.urbandictionary.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 556c70de22653ea4c61432d9b4661c897ebc7df8416cf69070f580a7fc5792cc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 27 Dec 2021 01:26:29 GMT
Content-Encoding: gzip
Age: 190
X-Cache-Status: hit
X-Cache: HIT
Connection: keep-alive
Content-Length: 37232
X-Served-By: cache-hhn4020-HHN
Access-Control-Allow-Origin: *
Server: nginx
X-Timer: S1640568389.284537,VS0,VE1
ETag: b7863b356bd3df35fe287a78ea014ca6a16b50b9
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Via: 1.1 varnish
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Accept-Ranges: bytes
X-Cache-Hits: 1

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 99ms
51ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.urbandictionary.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Dec 2021 01:26:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 19 KB
10 KB 254ms
254ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2967380673806602&correlator=256740278183887&output=ldjh&impl=fifs&eid=31060439%2C31061814%2C31063898%2C676982961&vrg=2021120601&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20211227&iu_parts=1031683%2CUD_ROS_300x600_ATF_Flex&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C300x250%7C160x600&prev_scp=pwtsid_medianet%3D131042ac60a91cb5%26pwtbst_medianet%3D1%26pwtecp_medianet%3D0.05%26pwtsz_medianet%3D300x600%26pwtsid_ix%3D1297d2bd3117b71c%26pwtbst_ix%3D1%26pwtecp_ix%3D0.04%26pwtsz_ix%3D300x250%26pwtsid_pubmatic%3D130eac983e524684%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0%26pwtsid%3D131042ac60a91cb5%26pwtbst%3D1%26pwtecp%3D0.05%26pwtpid%3Dmedianet%26pwtpubid%3D156796%26pwtprofid%3D877%26pwtverid%3D81%26pwtsz%3D300x600%26pwtplt%3Ddisplay&eri=1&cust_params=experiment%3Dnone%26pb_update%3Dopenwrap%26page_type%3Dhome%26sfg_flag%3Dfalse&cookie=ID%3D7fcd3dc3ef7aec15-22297b0010cd0025%3AT%3D1640568389%3AS%3DALNI_MbYxS_YE6nTW_3UbFf7AYh1GBVbGw&bc=31&abxe=1&lmt=1640568389&dt=1640568389337&dlt=1640568387165&idt=1007&frm=20&biw=1600&bih=1200&oid=2&adxs=970&adys=593&adks=3618066576&ucis=5&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.urbandictionary.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=299x-1&msz=299x-1&psts=AGkb-H-RLU9Z_Ydl5amCDrHEGaqhJZ-woABLvyGTJdc_iVLY-U5ziaBDNGw7aRZgejYFXW8qaa2UndACJA%2CAGkb-H8J1qB0fldJ25mCEuA_usNTkkZw1pTqUaL0El_TjscYqijm2v-vvbx_h2DfRUESgJsk5f5jbkor%2CAGkb-H8-dR-uqv_V9XyA28XbceRCyn7m0fjpLU0XzXCDbSrOo_BBiOEVdqDu_HCa0Add-AmOIbztLN9d%2CAGkb-H-t2kjU3DjUeVKIUNlsw23gD5JqA69OJ9ysgiHyzo9NVYWK_Py-O-qm3izDtFZEkJBZr9HDPk_E&ga_vid=1599655245.1640568388&ga_sid=1640568389&ga_hid=637738408&ga_fc=true&fws=512&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e735dd34ecd465da6008b63e4006611a487b8de11d057a5e18f1220e9c694eb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10287
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.urbandictionary.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 16E9 0
0 78ms
77ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu482OOfmFSmtBRDYZWfQxkPqGRwDZioMll_SKDyDqzh2ckoqwt0L1wOpoMXFUFjKVtKwWJnoqgJRZqD5oiQbq7zNIMjU9C1QVcpJL_dcxhamEHZcafuT4MIILxpcfyF7kBCumPq1j8f8w72bZIAHpwhKWy5brSzZXo7yRZpyGM4PuSVj_tOeMTXJw94_1cstDN15PKQy2CcqvldY1Jq_CjaaH9cut87W3L7Fsbi4Nq1j9AN6CmUuhXXcZW8psxIg4QSM1oLYpeke3xniqBMKaCe8YpK8srni7ToHrNJDgcfYIM6PS00DRlagODsnz5PE_7wDGPPEhlBHCV&sai=AMfl-YQPbDRGzJjibrkTrExO5BJFfbnqs-2wjN3e4Z0HTbZe8h_STv1IjzrdpvaU2JjGyKPAxgBrPPq92kUDtkpjCOzUNiGe9sA8xlKiISFoPReKhcqE1rYLVRfMCFWBEa8&sig=Cg0ArKJSzKHst1nDjeRUEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.urbandictionary.com
URL: https://www.urbandictionary.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Dec 2021 01:26:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 ttj Show response
ib.3lift.com/ Frame 16E9 10 KB
4 KB 43ms
14ms Script
application/javascript 13.32.27.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.3lift.com/ttj?inv_code=UD_300x250_BTF2
Requested by: Host: clarium.global.ssl.fastly.net
URL: https://clarium.global.ssl.fastly.net/?wrapper=dpDNFqkb5Lc3xut9hGBf3bUycI8&tpid=ZHBETkZxa2I1TGMzeHV0OWhHQmYzYlV5Y0k4LzI2ODYwMzM2MzE6MzAweDI1MA%3D%3D&v=v2lgcycid&d=eyJ3aCI6IlpIQkVUa1p4YTJJMVRHTXplSFYwT1doSFFtWXpZbFY1WTBrNEx6STJPRFl3TXpNMk16RTZNekF3ZURJMU1BPT0iLCJ3ZCI6eyJvIjoyNjg2MDMzNjMxLCJ3IjoiMzAwIiwiaCI6IjI1MCJ9LCJ3ciI6Mn0=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-72.fra56.r.cloudfront.net
Software: /
Resource Hash: eabe49325f664d9b3f39c4d10db423329aeb89639eb5842dbdf4396e484eee84

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:29 GMT
via: 1.1 307a3e1075dd3d0976c64513a6ec3d74.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
etag: "ec656e34c38bab5d7e140573206aa0a1"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900
content-encoding: gzip
content-length: 3560
x-amz-cf-id: 0QD2IshrkUxRJ0zi2YCShXSGrhBjkHNfVPQHc3bDbH7gWot3ZZBMDw==

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 16E9 119 KB
36 KB 101ms
52ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: clarium.global.ssl.fastly.net
URL: https://clarium.global.ssl.fastly.net/?wrapper=dpDNFqkb5Lc3xut9hGBf3bUycI8&tpid=ZHBETkZxa2I1TGMzeHV0OWhHQmYzYlV5Y0k4LzI2ODYwMzM2MzE6MzAweDI1MA%3D%3D&v=v2lgcycid&d=eyJ3aCI6IlpIQkVUa1p4YTJJMVRHTXplSFYwT1doSFFtWXpZbFY1WTBrNEx6STJPRFl3TXpNMk16RTZNekF3ZURJMU1BPT0iLCJ3ZCI6eyJvIjoyNjg2MDMzNjMxLCJ3IjoiMzAwIiwiaCI6IjI1MCJ9LCJ3ciI6Mn0=

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 27 Dec 2021 01:26:29 GMT

GET
H2 200 notify
tlx.3lift.com/header/ Frame 16E9 37 B
183 B 10ms
8ms Image
image/gif 18.184.69.62
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tlx.3lift.com/header/notify?px=1&pr=${AUCTION_PRICE}&ts=1640568388&aid=107613134515662448340&ec=7354_130951_52094793&n=GgDyAroBCAASFTEwNzYxMzEzNDUxNTY2MjQ0ODM0MBgAIAEoujkwh%2F8HQAFIAFABYApoAHCNuyKQAQCYAQCoAQCwAbYFuAFkwAGJBMgBtgXgAW7wAQD4AbYFgAKJBIgCbpECAAAAAAAA8D%2BZAgAAAAAAANA%2FoQIAAAAAAADwP6gCALACAMgCBNgCAPECZmZmZmZm5j%2F4ApA3gAOsAogD%2BgGQAwCYAwCgAwC4A6LeS8ADAMgDANIDCDUyMDk0Nzkz%2BAIMiAMAkgMEQUQyMA%3D%3D
Requested by: Host: www.urbandictionary.com
URL: https://www.urbandictionary.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.184.69.62 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-184-69-62.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:29 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H2 200 pe
eb2.3lift.com/ Frame 16E9 37 B
139 B 10ms
8ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/pe?fid=10&peid=0&aid=107613134515662448340
Requested by: Host: www.urbandictionary.com
URL: https://www.urbandictionary.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:29 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 wt
t.pubmatic.com/ 17 B
17 B 83ms
11ms Image
text/plain 185.64.189.226
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.pubmatic.com/wt?pubid=156796&purl=https%3A%2F%2Fwww.urbandictionary.com%2F&tst=1640568389&iid=4c8b1956-efb1-47c9-bae1-b52c48a04817-dfeen&bidid=1185e156d8347e5c&pid=877&pdvid=81&slot=Define_300x250_3&au=%2F1031683%2FUD_ROS_300x250_BTF_2&bc=triplelift&pn=triplelift&en=0.52&eg=0.52&kgpv=%2F1031683%2FUD_ROS_300x250_BTF_2%40300x250&piid=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 27 Dec 2021 01:26:29 GMT
cache-control: no-cache, no-store, must-revalidate
expires: 0
content-length: 17
content-type: text/plain; charset=utf-8

GET
H/1.1 200
OK pixel
protected-by.clarium.io/ Frame 16E9 68 B
345 B 52ms
11ms Image
image/png 18.159.117.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_ZHBETkZxa2I1TGMzeHV0OWhHQmYzYlV5Y0k4LzI2ODYwMzM2MzE6MzAweDI1MA==&v=5&s=eefb95f128e202b219e493467b2596af06eded5a&id=eyJkZnAiOnsiYWQiOjk5NjMzLCJjIjoxMzgzMDkxMDAyNjksImwiOjUzNTIxOTE0ODMsIm8iOjI2ODYwMzM2MzEsIkEiOiIvMTAzMTY4My9VRF9ST1NfMzAweDI1MF9CVEZfMiIsInkiOjAsImNvIjowLCJzIjoiRGVmaW5lXzMwMHgyNTBfMyJ9fQ%3D%3D&sb=undefined&cb=2929129&h=www.urbandictionary.com
Requested by: Host: www.urbandictionary.com
URL: https://www.urbandictionary.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.159.117.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-117-129.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Dec 2021 01:26:29 GMT
Server: nginx/1.14.0 (Ubuntu)
Content-Type: image/png
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 68
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E02B 0
0 76ms
74ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstdEmplW8en7K9g0frVRutYhsgEVNB0binFXoKOfhbMQQTBWSvXzhKcF7eAhLCKKc72lL9lu4JX115cyAjZ6YVzaMG4rNshNoyFf7y4uXxff0QBem4iylk71VB1SXaSkipf52yNoSMgc3hzSsQbtI60ZDT2VGIOyfvxL1Awxd2EcnN0eJnpXJgXseBalFJdqdDadly8hsxPFDYWVhq87Gc-kER5YuzrEoyeliudp5wCcKNhRW2aOpn6bNc4WPuuJ5FneWOoQZb1435lEE1Z_hfob4woScmkt6rd3_QR3cz4GY8-1JKEmsGGaC9ya5Mdk5wJIt3EuZJMVoI&sai=AMfl-YSgSbLkmi946mWO25nTK380JYOJp8pyMGqJ4-0L5PvocGz3qF_-GHM5syptoIyyGsQ4mnSsAonT3JZZJ_tBjmePkjsfM2DdXCgX6oeVS-u8BgR2iLXtVEYg5wM2-3zz&sig=Cg0ArKJSzECTXpwmndHwEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.urbandictionary.com
URL: https://www.urbandictionary.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Dec 2021 01:26:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame E02B 933 B
1 KB 77ms
17ms Script
text/javascript 37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=43157361;rtbwp=YckWRAAAAABDVqoou9VTssznLIqxVh2BBb1zNw;rtbdata=mxYYoVJbhlVd6qv1GaTkk5zZdBcq-OOGEBjkTRK5ePgtKxSXjrg5inVQfQhSZ-tghzFaYIvj4TX9bzpk80h_mFPTq29bgYoQWZ6OcSZRT9mZPhbG2DVR2ExxrfP1JdsnOQdMZMoNmgeORFenOLXVyIYcD1xJ3XZ9gtcW73zADlIVAsxVvZrpaCCHi5trHHMYXFyYKhJRvxquzbUM9_cJogY_XY_D3lCi0

Requested by

Host: clarium.global.ssl.fastly.net
URL: https://clarium.global.ssl.fastly.net/?wrapper=dpDNFqkb5Lc3xut9hGBf3bUycI8&tpid=ZHBETkZxa2I1TGMzeHV0OWhHQmYzYlV5Y0k4LzIzNTA1NDUwMjM6MXgx&v=v2lgcycid&d=eyJ3aCI6IlpIQkVUa1p4YTJJMVRHTXplSFYwT1doSFFtWXpZbFY1WTBrNEx6SXpOVEExTkRVd01qTTZNWGd4Iiwid2QiOnsibyI6MjM1MDU0NTAyMywidyI6IjEiLCJoIjoiMSJ9LCJ3ciI6Mn0=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

1465ae8c2077abe2436d2e196b3ad677052e27523af6ec4740dbce18e85035e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:29 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 801
expires: -1

GET
H/1.1 200
OK v1
a5261.casalemedia.com/impression/ Frame E02B 43 B
303 B 40ms
8ms Image
image/gif 185.170.61.202
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a5261.casalemedia.com/impression/v1?bidID=348b4978-a42b-442a-969b-0b2de5dedf37&traceID=c74hch0sr69bp5hia1sg&dspID=111&userID=&cmpro=0&ap=${AUCTION_PRICE}
Requested by: Host: clarium.global.ssl.fastly.net
URL: https://clarium.global.ssl.fastly.net/?wrapper=dpDNFqkb5Lc3xut9hGBf3bUycI8&tpid=ZHBETkZxa2I1TGMzeHV0OWhHQmYzYlV5Y0k4LzIzNTA1NDUwMjM6MXgx&v=v2lgcycid&d=eyJ3aCI6IlpIQkVUa1p4YTJJMVRHTXplSFYwT1doSFFtWXpZbFY1WTBrNEx6SXpOVEExTkRVd01qTTZNWGd4Iiwid2QiOnsibyI6MjM1MDU0NTAyMywidyI6IjEiLCJoIjoiMSJ9LCJ3ciI6Mn0=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.170.61.202 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Dec 2021 01:26:29 GMT
Server: Apache
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=100
Content-Length: 43
Expires: 0

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E02B 119 KB
36 KB 114ms
82ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: clarium.global.ssl.fastly.net
URL: https://clarium.global.ssl.fastly.net/?wrapper=dpDNFqkb5Lc3xut9hGBf3bUycI8&tpid=ZHBETkZxa2I1TGMzeHV0OWhHQmYzYlV5Y0k4LzIzNTA1NDUwMjM6MXgx&v=v2lgcycid&d=eyJ3aCI6IlpIQkVUa1p4YTJJMVRHTXplSFYwT1doSFFtWXpZbFY1WTBrNEx6SXpOVEExTkRVd01qTTZNWGd4Iiwid2QiOnsibyI6MjM1MDU0NTAyMywidyI6IjEiLCJoIjoiMSJ9LCJ3ciI6Mn0=

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 27 Dec 2021 01:26:29 GMT

GET
H2 200 wt
t.pubmatic.com/ 17 B
17 B 68ms
12ms Image
text/plain 185.64.189.226
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.pubmatic.com/wt?pubid=156796&purl=https%3A%2F%2Fwww.urbandictionary.com%2F&tst=1640568389&iid=e06e677a-625e-4775-bb68-e1c3a5cc5288-eueen&bidid=119a0aff3882c431&pid=877&pdvid=81&slot=Define_300x250_2&au=%2F1031683%2FUD_ROS_300x250_BTF_1&bc=ix&pn=ix&en=0.04&eg=0.04&kgpv=%2F1031683%2FUD_ROS_300x250_BTF_1%40300x250&piid=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 27 Dec 2021 01:26:29 GMT
cache-control: no-cache, no-store, must-revalidate
expires: 0
content-length: 17
content-type: text/plain; charset=utf-8

GET
H/1.1 200
OK pixel
protected-by.clarium.io/ Frame E02B 68 B
345 B 38ms
12ms Image
image/png 18.159.117.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_ZHBETkZxa2I1TGMzeHV0OWhHQmYzYlV5Y0k4LzIzNTA1NDUwMjM6MXgx&v=5&s=776a996332cf997b845416eb30d8b82cc684cc3a&id=eyJkZnAiOnsiYWQiOjk5NjMzLCJjIjoxMzgyNDA4NDk4ODAsImwiOjQ3Mzc2MjE3OTgsIm8iOjIzNTA1NDUwMjMsIkEiOiIvMTAzMTY4My9VRF9ST1NfMzAweDI1MF9CVEZfMSIsInkiOjAsImNvIjowLCJzIjoiRGVmaW5lXzMwMHgyNTBfMiJ9fQ%3D%3D&sb=undefined&cb=760658&h=www.urbandictionary.com
Requested by: Host: www.urbandictionary.com
URL: https://www.urbandictionary.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.159.117.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-117-129.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Dec 2021 01:26:29 GMT
Server: nginx/1.14.0 (Ubuntu)
Content-Type: image/png
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 68
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 3EBE 70 B
264 B 31ms
30ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.urbandictionary.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:29 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 3EBE
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YckWRZwlS-tA-TVA2RnE_gAABLQAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YckWRZwlS-tA-TVA2RnE_gAABLQAAAAB&dcc=t

43 B
645 B

104ms
102ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YckWRZwlS-tA-TVA2RnE_gAABLQAAAAB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.urbandictionary.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Dec 2021 01:26:29 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: YV29KQ837DNP2G7021Z7
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 27 Dec 2021 01:26:29 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 3227NW7FQHFGHN9NS0B9
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YckWRZwlS-tA-TVA2RnE_gAABLQAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 3EBE
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YckWRZwlS.tA.TVA2RnE-gAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGlXq2n2yFpRj0Ljf-58hT4&google_cver=1&gdpr=1&google_hm=2

43 B
1011 B

15ms
13ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGlXq2n2yFpRj0Ljf-58hT4&google_cver=1&gdpr=1&google_hm=2
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.urbandictionary.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Dec 2021 01:26:29 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 27 Dec 2021 01:26:29 GMT

Redirect headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:29 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGlXq2n2yFpRj0Ljf-58hT4&google_cver=1&gdpr=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 341
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame 3EBE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YckWRZwlS-tA-TVA2RnE_gAABLQAAAAB&gdpr_consent=&us_privacy=&gdpr=1
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESELR8rl8MXnkj5-zaQ29jfLo&google_cver=1

43 B
315 B

26ms
26ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESELR8rl8MXnkj5-zaQ29jfLo&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.urbandictionary.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Dec 2021 01:26:29 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Mon, 27 Dec 2021 01:26:29 GMT

Redirect headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:29 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESELR8rl8MXnkj5-zaQ29jfLo&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK ibs:dpid=23728&dpuuid=YckWRZwlS.tA.TVA2RnE-gAA%261204
dpm.demdex.net/ Frame 3EBE 0
0 199ms
33ms Image
application/json 52.16.124.238
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YckWRZwlS.tA.TVA2RnE-gAA%261204?gdpr_consent=&us_privacy=&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.urbandictionary.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.16.124.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-16-124-238.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H/1.1 200
OK cookiesync
bttrack.com/pixel/ Frame 3EBE 35 B
380 B 387ms
94ms Image
image/gif 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.urbandictionary.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

X-ServerName: Track001-dc3
Pragma: no-cache
Date: Mon, 27 Dec 2021 01:26:28 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control: private,no-cache
Content-Type: image/gif
Content-Length: 35
Expires: -1

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 3EBE
Redirect Chain

https://beacon.lynx.cognitivlabs.com/ix.gif
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=2446002a-8032-4cdb-9d07-bed53b35ef2b&expiration=1672104389

43 B
1 KB

15ms
15ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=2446002a-8032-4cdb-9d07-bed53b35ef2b&expiration=1672104389
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.urbandictionary.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Dec 2021 01:26:29 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 27 Dec 2021 01:26:29 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=2446002a-8032-4cdb-9d07-bed53b35ef2b&expiration=1672104389
date: Mon, 27 Dec 2021 01:26:29 GMT
server: Kestrel
content-length: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 3EBE
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=68&gdpr=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=0gKDTYIsQiN1-P65igAj_rnVm6Y

43 B
1 KB

20ms
20ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=0gKDTYIsQiN1-P65igAj_rnVm6Y
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.urbandictionary.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Dec 2021 01:26:29 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 27 Dec 2021 01:26:29 GMT

Redirect headers

Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=0gKDTYIsQiN1-P65igAj_rnVm6Y
Date: Mon, 27 Dec 2021 01:26:29 GMT
Connection: keep-alive
Content-Length: 122
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK htw-pixel.gif
js-sec.indexww.com/ht/ Frame 3EBE 43 B
425 B 12ms
7ms Image
image/gif 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js-sec.indexww.com/ht/htw-pixel.gif?YckWRZwlS.tA.TVA2RnE-gAA%261204
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.urbandictionary.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 27 Dec 2021 01:26:29 GMT
Last-Modified: Tue, 24 Jan 2017 19:36:04 GMT
Server: Apache
ETag: "da1f1d-2b-546dc3a097100"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=1346
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 27 Dec 2021 01:48:55 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 772C 70 B
264 B 34ms
29ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.urbandictionary.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:29 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 772C
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YckWRZwlS.tA.TVA2RnE-gAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGlXq2n2yFpRj0Ljf-58hT4&google_cver=1&gdpr=1&google_hm=2

43 B
1011 B

18ms
15ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGlXq2n2yFpRj0Ljf-58hT4&google_cver=1&gdpr=1&google_hm=2
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.urbandictionary.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Dec 2021 01:26:29 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 27 Dec 2021 01:26:29 GMT

Redirect headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:29 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGlXq2n2yFpRj0Ljf-58hT4&google_cver=1&gdpr=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 341
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame 772C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YckWRZwlS-tA-TVA2RnE_gAABLQAAAAB&gdpr_consent=&us_privacy=&gdpr=1
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESELR8rl8MXnkj5-zaQ29jfLo&google_cver=1

43 B
315 B

22ms
22ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESELR8rl8MXnkj5-zaQ29jfLo&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.urbandictionary.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Dec 2021 01:26:29 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Mon, 27 Dec 2021 01:26:29 GMT

Redirect headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:29 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESELR8rl8MXnkj5-zaQ29jfLo&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 772C
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YckWRZwlS-tA-TVA2RnE_gAABLQAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YckWRZwlS-tA-TVA2RnE_gAABLQAAAAB&dcc=t

43 B
645 B

203ms
101ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YckWRZwlS-tA-TVA2RnE_gAABLQAAAAB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.urbandictionary.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Dec 2021 01:26:29 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: CGS2RX41HHQ2GH93TBYA
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 27 Dec 2021 01:26:29 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: PRVPZN5GRWX7MZ71B84G
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YckWRZwlS-tA-TVA2RnE_gAABLQAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

ZMAwryCI
sync-tm.everesttech.net/ct/upi/pid/ Frame 772C
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YckWRQAAAaVcOQAF

85 B
163 B

10ms
5ms

Image
image/png

151.101.2.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YckWRQAAAaVcOQAF
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.urbandictionary.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Server: 151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:29 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
age: 272
x-served-by: cache-hhn4077-HHN
x-cache: HIT
content-type: image/png
cache-control: no-cache
accept-ranges: bytes
x-timer: S1640568390.645966,VS0,VE0
content-length: 85
x-cache-hits: 800

Redirect headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:29 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1640568389.464816,VS0,VE89
x-served-by: cache-hhn4077-HHN
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location: https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YckWRQAAAaVcOQAF
cache-control: no-cache
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
x-cache-hits: 0

GET
H2

204

no_match_opted_out
um.simpli.fi/ Frame 772C
Redirect Chain

https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1
https://um.simpli.fi/no_match_opted_out

0
278 B

22ms
21ms

Image
text/plain

159.122.14.34
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/no_match_opted_out

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.urbandictionary.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

Server

159.122.14.34 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

22.0e.7a9f.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 27 Dec 2021 01:26:29 GMT
x-content-type-options: nosniff
server: nginx
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS

Redirect headers

date: Mon, 27 Dec 2021 01:26:29 GMT
x-content-type-options: nosniff
server: nginx
location: /no_match_opted_out
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Sun, 26 Dec 2021 01:26:29 GMT

GET
H/1.1 400
Request failed due to privacy signals getuid
ib.adnxs.com/ Frame 772C 0
0 19ms
13ms Image
text/html 185.33.221.15
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.urbandictionary.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H2 200 ix
ad4m.at/ad/sim/ Frame 772C 0
0 46ms
19ms Image
text/html 2606:4700:3039::6815:c079
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad4m.at/ad/sim/ix?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.urbandictionary.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c079 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H/1.1 200
OK htw-pixel.gif
js-sec.indexww.com/ht/ Frame 772C 43 B
425 B 12ms
7ms Image
image/gif 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js-sec.indexww.com/ht/htw-pixel.gif?YckWRZwlS.tA.TVA2RnE-gAA%261204
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.urbandictionary.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 27 Dec 2021 01:26:29 GMT
Last-Modified: Tue, 24 Jan 2017 19:36:04 GMT
Server: Apache
ETag: "da1f1d-2b-546dc3a097100"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=1346
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 27 Dec 2021 01:48:55 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame B55E 70 B
264 B 33ms
30ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.urbandictionary.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:29 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame B55E
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YckWRZwlS-tA-TVA2RnE_gAABLQAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YckWRZwlS-tA-TVA2RnE_gAABLQAAAAB&dcc=t

43 B
645 B

204ms
102ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YckWRZwlS-tA-TVA2RnE_gAABLQAAAAB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.urbandictionary.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Dec 2021 01:26:29 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: NRGVVWNEB4WFMJN8XNVB
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 27 Dec 2021 01:26:29 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 4DBJSHFJZ8KPXHDPBQEX
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YckWRZwlS-tA-TVA2RnE_gAABLQAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame B55E
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YckWRZwlS.tA.TVA2RnE-gAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGlXq2n2yFpRj0Ljf-58hT4&google_cver=1&gdpr=1&google_hm=2

43 B
1011 B

13ms
12ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGlXq2n2yFpRj0Ljf-58hT4&google_cver=1&gdpr=1&google_hm=2
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.urbandictionary.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Dec 2021 01:26:29 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 27 Dec 2021 01:26:29 GMT

Redirect headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:29 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGlXq2n2yFpRj0Ljf-58hT4&google_cver=1&gdpr=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 341
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame B55E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YckWRZwlS-tA-TVA2RnE_gAABLQAAAAB&gdpr_consent=&us_privacy=&gdpr=1
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESELR8rl8MXnkj5-zaQ29jfLo&google_cver=1

43 B
315 B

36ms
36ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESELR8rl8MXnkj5-zaQ29jfLo&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.urbandictionary.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Dec 2021 01:26:29 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Mon, 27 Dec 2021 01:26:29 GMT

Redirect headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:29 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESELR8rl8MXnkj5-zaQ29jfLo&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK user-registering
ads.stickyadstv.com/ Frame B55E 43 B
727 B 146ms
53ms Image
image/gif 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=YckWRZwlS.tA.TVA2RnE-gAA%261204&gdpr_consent=&us_privacy=&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.urbandictionary.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Dec 2021 01:26:29 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
x-sticky-vk: 1640568389228072-353
Expires: Mon, 27 Dec 2021 01:26:29 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame B55E
Redirect Chain

https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-53467a0e-216e-4b45-b675-5039ca23607d

43 B
1 KB

33ms
33ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-53467a0e-216e-4b45-b675-5039ca23607d
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.urbandictionary.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Dec 2021 01:26:29 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 27 Dec 2021 01:26:29 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-53467a0e-216e-4b45-b675-5039ca23607d
date: Mon, 27 Dec 2021 01:26:29 GMT
server: Apache-Coyote/1.1
content-length: 0

GET
H2

204

no_match_opted_out
um.simpli.fi/ Frame B55E
Redirect Chain

https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1
https://um.simpli.fi/no_match_opted_out

0
278 B

22ms
22ms

Image
text/plain

159.122.14.34
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/no_match_opted_out

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.urbandictionary.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

Server

159.122.14.34 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

22.0e.7a9f.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 27 Dec 2021 01:26:29 GMT
x-content-type-options: nosniff
server: nginx
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS

Redirect headers

date: Mon, 27 Dec 2021 01:26:29 GMT
x-content-type-options: nosniff
server: nginx
location: /no_match_opted_out
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Sun, 26 Dec 2021 01:26:29 GMT

GET
H2 200 tpid=YckWRZwlS.tA.TVA2RnE-gAA%261204
bcp.crwdcntrl.net/map/c=6725/tp=INDX/ Frame B55E 49 B
737 B 45ms
40ms Image
image/gif 52.19.22.209
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YckWRZwlS.tA.TVA2RnE-gAA%261204?gdpr_consent=&us_privacy=&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.urbandictionary.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.19.22.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-22-209.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:29 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.23.247
content-type: image/gif
content-length: 49
expires: 0

GET
H/1.1 200
OK htw-pixel.gif
js-sec.indexww.com/ht/ Frame B55E 43 B
425 B 10ms
6ms Image
image/gif 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js-sec.indexww.com/ht/htw-pixel.gif?YckWRZwlS.tA.TVA2RnE-gAA%261204
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.urbandictionary.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 27 Dec 2021 01:26:29 GMT
Last-Modified: Tue, 24 Jan 2017 19:36:04 GMT
Server: Apache
ETag: "da1f1d-2b-546dc3a097100"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=1346
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 27 Dec 2021 01:48:55 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 15E8 70 B
264 B 33ms
30ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.urbandictionary.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:29 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 15E8
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YckWRZwlS.tA.TVA2RnE-gAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGlXq2n2yFpRj0Ljf-58hT4&google_cver=1&gdpr=1&google_hm=2

43 B
1011 B

18ms
16ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGlXq2n2yFpRj0Ljf-58hT4&google_cver=1&gdpr=1&google_hm=2
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.urbandictionary.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Dec 2021 01:26:29 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 27 Dec 2021 01:26:29 GMT

Redirect headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:29 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGlXq2n2yFpRj0Ljf-58hT4&google_cver=1&gdpr=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 341
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame 15E8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YckWRZwlS-tA-TVA2RnE_gAABLQAAAAB&gdpr_consent=&us_privacy=&gdpr=1
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESELR8rl8MXnkj5-zaQ29jfLo&google_cver=1

43 B
315 B

36ms
36ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESELR8rl8MXnkj5-zaQ29jfLo&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.urbandictionary.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Dec 2021 01:26:29 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Mon, 27 Dec 2021 01:26:29 GMT

Redirect headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:29 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESELR8rl8MXnkj5-zaQ29jfLo&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 15E8
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YckWRZwlS-tA-TVA2RnE_gAABLQAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YckWRZwlS-tA-TVA2RnE_gAABLQAAAAB&dcc=t

43 B
645 B

102ms
100ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YckWRZwlS-tA-TVA2RnE_gAABLQAAAAB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.urbandictionary.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Dec 2021 01:26:29 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: AJPMWVENEV0ZRS85K2BA
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 27 Dec 2021 01:26:29 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 5Y3YV3G40JDPV16PTQEA
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YckWRZwlS-tA-TVA2RnE_gAABLQAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 15E8
Redirect Chain

https://ums.acuityplatform.com/tum?umid=8
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=634835032505

43 B
984 B

41ms
41ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=634835032505
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.urbandictionary.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Dec 2021 01:26:29 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 27 Dec 2021 01:26:29 GMT

Redirect headers

access-control-allow-origin: *
content-length: 0
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=634835032505

GET
H2 200 YckWRZwlS-tA-TVA2RnE_gAABLQAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 15E8 43 B
877 B 35ms
32ms Image
image/gif 2a05:d018:d29:3605:15eb:8f8e:fe0:229e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/YckWRZwlS-tA-TVA2RnE_gAABLQAAAAB?gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.urbandictionary.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3605:15eb:8f8e:fe0:229e Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:29 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 15E8
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YckWRQAA749dnQAF
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YckWRQAA749dnQAF&gdpr=1&_test=YckWRQAA749dnQAF

43 B
1 KB

15ms
15ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YckWRQAA749dnQAF&gdpr=1&_test=YckWRQAA749dnQAF
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.urbandictionary.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Dec 2021 01:26:29 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 27 Dec 2021 01:26:29 GMT

Redirect headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:29 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1640568390.776537,VS0,VE0
x-served-by: cache-hhn4077-HHN
x-cache: HIT
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YckWRQAA749dnQAF&gdpr=1&_test=YckWRQAA749dnQAF
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 403 match
c1.adform.net/serving/cookie/ Frame 15E8 0
330 B 21ms
18ms Image
text/plain 37.157.4.24
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=29&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.urbandictionary.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:29 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1 200
OK htw-pixel.gif
js-sec.indexww.com/ht/ Frame 15E8 43 B
425 B 10ms
8ms Image
image/gif 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js-sec.indexww.com/ht/htw-pixel.gif?YckWRZwlS.tA.TVA2RnE-gAA%261204
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.urbandictionary.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 27 Dec 2021 01:26:29 GMT
Last-Modified: Tue, 24 Jan 2017 19:36:04 GMT
Server: Apache
ETag: "da1f1d-2b-546dc3a097100"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=1346
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 27 Dec 2021 01:48:55 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame BFB2 0
0 75ms
75ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssAEIb-ICPbnf-VSkJCblsK7Zj567oj-hJyoi_zNEs15c2sGrpA8ueZo2A92ueWqhOn0kqPSdfWV0U1mG7AJcNai2gAQc8J9AVVX9qwCtWqwQ_Uj4Xv5rPVZnAOF-eaG8gkVQr3Vkw44tkKqN9p28WncMTYajr5qlcYBf_0FKCEUcMW2Af5QARlwKba9SlFuwGgrUHOCUZkeHRdgKN0E4oiNoWlqNQWjT8QQSX2ojZ5k5CT7C5z-qDAGQ5GSY4fdADo0RJo9ctLrG71puOnztkEYNlHXa-6KtVBGGAeZXBNcofg9ys0oDPpiPKETPICD8jMjuHfBrocy3Tm6jk&sai=AMfl-YT69QgSMpq8N02WdD1xpJao9asiIJebO9zzQbNw29FLNI0Q2OWk6ri0nkPJ71ZGiSxJyqOBiqgs-Gp_ycgN0WT8fM7_z_5KA0Pvb6z2UCxtAZKVVK4Qcxh6QSSosQIm&sig=Cg0ArKJSzMUUlepDxInHEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.urbandictionary.com
URL: https://www.urbandictionary.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Dec 2021 01:26:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 ttj Show response
ib.3lift.com/ Frame BFB2 9 KB
4 KB 11ms
11ms Script
application/javascript 13.32.27.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.3lift.com/ttj?inv_code=UD_desktop_leaderboard
Requested by: Host: clarium.global.ssl.fastly.net
URL: https://clarium.global.ssl.fastly.net/?wrapper=dpDNFqkb5Lc3xut9hGBf3bUycI8&tpid=ZHBETkZxa2I1TGMzeHV0OWhHQmYzYlV5Y0k4LzI2ODYwMzM2MzE6OTcweDkw&v=v2lgcycid&d=eyJ3aCI6IlpIQkVUa1p4YTJJMVRHTXplSFYwT1doSFFtWXpZbFY1WTBrNEx6STJPRFl3TXpNMk16RTZPVGN3ZURrdyIsIndkIjp7Im8iOjI2ODYwMzM2MzEsInciOiI5NzAiLCJoIjoiOTAifSwid3IiOjJ9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-72.fra56.r.cloudfront.net
Software: /
Resource Hash: 0a6dba6be9fabace7b448e1f431cf5660a8e30028e895226b8e15f45eb7c13aa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:29 GMT
via: 1.1 307a3e1075dd3d0976c64513a6ec3d74.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
etag: "cc1dfa29921e238dc136fe1557a15cb2"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900
content-encoding: gzip
content-length: 3469
x-amz-cf-id: c-ttZPNs1rMKI55Dxh7C53VuEskKsG6IB_NYZ_YiAoU_V5HPuOr6ZQ==

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BFB2 119 KB
36 KB 128ms
115ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: clarium.global.ssl.fastly.net
URL: https://clarium.global.ssl.fastly.net/?wrapper=dpDNFqkb5Lc3xut9hGBf3bUycI8&tpid=ZHBETkZxa2I1TGMzeHV0OWhHQmYzYlV5Y0k4LzI2ODYwMzM2MzE6OTcweDkw&v=v2lgcycid&d=eyJ3aCI6IlpIQkVUa1p4YTJJMVRHTXplSFYwT1doSFFtWXpZbFY1WTBrNEx6STJPRFl3TXpNMk16RTZPVGN3ZURrdyIsIndkIjp7Im8iOjI2ODYwMzM2MzEsInciOiI5NzAiLCJoIjoiOTAifSwid3IiOjJ9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 27 Dec 2021 01:26:29 GMT

GET
H2 200 notify
tlx.3lift.com/header/ Frame BFB2 37 B
183 B 26ms
25ms Image
image/gif 18.184.69.62
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tlx.3lift.com/header/notify?px=1&pr=${AUCTION_PRICE}&ts=1640568388&aid=108506165963685801330&ec=3690_62334_9690035&n=GgDyArgBCAASFTEwODUwNjE2NTk2MzY4NTgwMTMzMBgAIAEo6hww%2FuYDQAFIAFAAYApoAHCjgAOQAQCYAQCoAQCwAYMCuAFkwAGuAcgBgwLgAW7wAQD4AYMCgAKuAYgCbpECAAAAAAAA8D%2BZAh%2BF61G4HtU%2FoQIAAAAAAADwP6gCALACAMgCBNgCAPECZmZmZmZm5j%2F4AuE4gAPYBYgDWpADAJgDAKADALgDsf0SwAMAyAMA0gMHOTY5MDAzNfgCDIgDAJIDBDM5OTU%3D
Requested by: Host: www.urbandictionary.com
URL: https://www.urbandictionary.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.184.69.62 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-184-69-62.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:29 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H2 200 pe
eb2.3lift.com/ Frame BFB2 37 B
139 B 11ms
10ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/pe?fid=10&peid=0&aid=108506165963685801330
Requested by: Host: www.urbandictionary.com
URL: https://www.urbandictionary.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:29 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 wt
t.pubmatic.com/ 17 B
17 B 49ms
12ms Image
text/plain 185.64.189.226
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.pubmatic.com/wt?pubid=156796&purl=https%3A%2F%2Fwww.urbandictionary.com%2F&tst=1640568389&iid=0b1aff0b-3057-4e09-bd6e-8c245a1dc387-fendi&bidid=12829a1282e4edbc&pid=877&pdvid=81&slot=UD_ROS_728x90_ATF_Flex&au=%2F1031683%2FUD_ROS_728x90_ATF_Flex&bc=triplelift&pn=triplelift&en=0.17&eg=0.17&kgpv=%2F1031683%2FUD_ROS_728x90_ATF_Flex%40728x90&piid=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 27 Dec 2021 01:26:29 GMT
cache-control: no-cache, no-store, must-revalidate
expires: 0
content-length: 17
content-type: text/plain; charset=utf-8

GET
H/1.1 200
OK pixel
protected-by.clarium.io/ Frame BFB2 68 B
345 B 28ms
12ms Image
image/png 18.159.117.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_ZHBETkZxa2I1TGMzeHV0OWhHQmYzYlV5Y0k4LzI2ODYwMzM2MzE6OTcweDkw&v=5&s=a3d1d67d934e84b5fe21aaa9c1f8ccbce7bd6cd3&id=eyJkZnAiOnsiYWQiOjk5NjMzLCJjIjoxMzgzMDk0NzI1MDQsImwiOjUzNTIxOTE0NTksIm8iOjI2ODYwMzM2MzEsIkEiOiIvMTAzMTY4My9VRF9ST1NfNzI4eDkwX0FURl9GbGV4IiwieSI6MCwiY28iOjAsInMiOiJVRF9ST1NfNzI4eDkwX0FURl9GbGV4In19&sb=undefined&cb=1975926&h=www.urbandictionary.com
Requested by: Host: www.urbandictionary.com
URL: https://www.urbandictionary.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.159.117.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-117-129.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Dec 2021 01:26:29 GMT
Server: nginx/1.14.0 (Ubuntu)
Content-Type: image/png
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 68
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D5BF 0
0 75ms
75ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvX5xjX8NlZrPoOcR2KUGF3IE8JTj5BHFuI95qz1SJHkD_SIf9Ih6t164iQafCr7gkiXMvqQxumJlyie4-nGlyvohzweAGjtLdGc273No1ghNrjMx8NDpkHXc_cg077CUtwXUYHA5tzbGCMKHOe2KQjJgIy9ET8sBjzNcofSxDmiGTkqUhW2PpOJYGJnCT2v3sYOoDzN_vd-knYJuA2jD8gpgeLQ5bnwagUpzTC5aoUW0jF0prK_XtUKIHa5Er8uMhxp2nfRRZGRget7XrgQwvB88m4BZOmlNNdPPtaKK-1opKvsocaCGvW2NSY81sVZPdCTYj5zVzNhtQz0R1w&sai=AMfl-YR9Keh6f_T3k7DZIR3IOqOHr5s_BWoXojupLa2gZ7VAt1iiCo48lvOBG-m_b-kiQnHtHnKd5-i-MLhIDbb-rATsw6w5tpSfJnHxEWyfuzwfs0IrIb7KtP2w7oGU6Bs&sig=Cg0ArKJSzFAhVjntCdA4EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.urbandictionary.com
URL: https://www.urbandictionary.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Dec 2021 01:26:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 ttj Show response
ib.3lift.com/ Frame D5BF 10 KB
4 KB 10ms
10ms Script
application/javascript 13.32.27.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.3lift.com/ttj?inv_code=UD_300x250_ATF
Requested by: Host: clarium.global.ssl.fastly.net
URL: https://clarium.global.ssl.fastly.net/?wrapper=dpDNFqkb5Lc3xut9hGBf3bUycI8&tpid=ZHBETkZxa2I1TGMzeHV0OWhHQmYzYlV5Y0k4LzI2ODYwMzM2MzE6MjU2eDE0NA%3D%3D&v=v2lgcycid&d=eyJ3aCI6IlpIQkVUa1p4YTJJMVRHTXplSFYwT1doSFFtWXpZbFY1WTBrNEx6STJPRFl3TXpNMk16RTZNalUyZURFME5BPT0iLCJ3ZCI6eyJvIjoyNjg2MDMzNjMxLCJ3IjoiMjU2IiwiaCI6IjE0NCJ9LCJ3ciI6Mn0=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-72.fra56.r.cloudfront.net
Software: /
Resource Hash: 39e0bcfc32461ddf29132144172891496436a1c8eef9830f7795ca89c43b4462

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:29 GMT
via: 1.1 307a3e1075dd3d0976c64513a6ec3d74.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
etag: "593c53594c830417a3952b11cb4e360f"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900
content-encoding: gzip
content-length: 3558
x-amz-cf-id: Y2uf3eVCEMnaGGycpo6AnaoBZ-yq-3iJymKtaZ2_pqRltFhPO_nvMw==

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D5BF 119 KB
36 KB 96ms
96ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: clarium.global.ssl.fastly.net
URL: https://clarium.global.ssl.fastly.net/?wrapper=dpDNFqkb5Lc3xut9hGBf3bUycI8&tpid=ZHBETkZxa2I1TGMzeHV0OWhHQmYzYlV5Y0k4LzI2ODYwMzM2MzE6MjU2eDE0NA%3D%3D&v=v2lgcycid&d=eyJ3aCI6IlpIQkVUa1p4YTJJMVRHTXplSFYwT1doSFFtWXpZbFY1WTBrNEx6STJPRFl3TXpNMk16RTZNalUyZURFME5BPT0iLCJ3ZCI6eyJvIjoyNjg2MDMzNjMxLCJ3IjoiMjU2IiwiaCI6IjE0NCJ9LCJ3ciI6Mn0=

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 27 Dec 2021 01:26:29 GMT

GET
H2 200 notify
tlx.3lift.com/header/ Frame D5BF 37 B
183 B 8ms
7ms Image
image/gif 18.184.69.62
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tlx.3lift.com/header/notify?px=1&pr=${AUCTION_PRICE}&ts=1640568388&aid=87716900272599027740&ec=3690_62334_9690033&n=GgDyArgBCAASFDg3NzE2OTAwMjcyNTk5MDI3NzQwGAAgASjqHDD%2B5gNAAUgAUABgCmgAcKOAA5ABAJgBAKgBALABgwK4AWTAAa4ByAGDAuABbvABAPgBgwKAAq4BiAJukQIAAAAAAADwP5kCH4XrUbge1T%2BhAgAAAAAAAPA%2FqAIAsAIAyAIE2AIA8QJmZmZmZmbmP%2FgC4TiAA9ACiAOYApADAJgDAKADALgDsf0SwAMAyAMA0gMHOTY5MDAzM%2FgCDIgDAJIDBDM5OTU%3D
Requested by: Host: www.urbandictionary.com
URL: https://www.urbandictionary.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.184.69.62 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-184-69-62.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:29 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H2 200 pe
eb2.3lift.com/ Frame D5BF 37 B
139 B 8ms
8ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/pe?fid=10&peid=0&aid=87716900272599027740
Requested by: Host: www.urbandictionary.com
URL: https://www.urbandictionary.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:29 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 wt
t.pubmatic.com/ 17 B
17 B 33ms
12ms Image
text/plain 185.64.189.226
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.pubmatic.com/wt?pubid=156796&purl=https%3A%2F%2Fwww.urbandictionary.com%2F&tst=1640568389&iid=c97aba38-21a2-40e7-b93e-bb41e3ee3ad7-finee&bidid=120b9954d7a5d9df&pid=877&pdvid=81&slot=Define_300x250_1&au=%2F1031683%2FUD_ROS_300x250_ATF_Flex&bc=triplelift&pn=triplelift&en=0.17&eg=0.17&kgpv=%2F1031683%2FUD_ROS_300x250_ATF_Flex%40336x280&piid=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 27 Dec 2021 01:26:29 GMT
cache-control: no-cache, no-store, must-revalidate
expires: 0
content-length: 17
content-type: text/plain; charset=utf-8

GET
H/1.1 200
OK pixel
protected-by.clarium.io/ Frame D5BF 68 B
345 B 12ms
11ms Image
image/png 18.159.117.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_ZHBETkZxa2I1TGMzeHV0OWhHQmYzYlV5Y0k4LzI2ODYwMzM2MzE6MHgw&v=5&s=e9563fca7f45a0b28d136c3c26f028c0dd179ff0&id=eyJkZnAiOnsiYWQiOjk5NjMzLCJjIjoxMzgzMDkxMDAyNzgsImwiOjUzNTIxOTE0NTksIm8iOjI2ODYwMzM2MzEsIkEiOiIvMTAzMTY4My9VRF9ST1NfMzAweDI1MF9BVEZfRmxleCIsInkiOjAsImNvIjowLCJzIjoiRGVmaW5lXzMwMHgyNTBfMSJ9fQ%3D%3D&sb=undefined&cb=4432234&h=www.urbandictionary.com
Requested by: Host: www.urbandictionary.com
URL: https://www.urbandictionary.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.159.117.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-117-129.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Dec 2021 01:26:29 GMT
Server: nginx/1.14.0 (Ubuntu)
Content-Type: image/png
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 68
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0F68
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1---
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDZiZjhmNGIzOTFhNDJhZmM5MjNiODlhZWM2ZjRjODlkMTYyMjM0ZA&us_privacy=1---

170 B
188 B

67ms
66ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDZiZjhmNGIzOTFhNDJhZmM5MjNiODlhZWM2ZjRjODlkMTYyMjM0ZA&us_privacy=1---

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDZiZjhmNGIzOTFhNDJhZmM5MjNiODlhZWM2ZjRjODlkMTYyMjM0ZA&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 611afce88997db6fdd35eb213e662871
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0F68
Redirect Chain

https://token.rubiconproject.com/token?pid=25470&us_privacy=1---
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1hPMDI2RDItMTUtM0FVWQ==&us_privacy=1---

170 B
188 B

66ms
66ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1hPMDI2RDItMTUtM0FVWQ==&us_privacy=1---

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1hPMDI2RDItMTUtM0FVWQ==&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 611afce88997db6fdd35eb213e662871
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 0F68
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&us_privacy=1---
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&us_privacy=1---&_test=YckWRQAA63nFtQBK
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YckWRQAA63nFtQBK&us_privacy=1---&_test=YckWRQAA63nFtQBK

0
239 B

8ms
8ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YckWRQAA63nFtQBK&us_privacy=1---&_test=YckWRQAA63nFtQBK
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:29 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1640568390.649424,VS0,VE0
x-served-by: cache-hhn4077-HHN
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YckWRQAA63nFtQBK&us_privacy=1---&_test=YckWRQAA63nFtQBK
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 0F68 70 B
264 B 32ms
31ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon?us_privacy=1---
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:29 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 0F68
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=d07061c9-1645-4a00-b232-e2ae32532fe8&expires=28

0
239 B

93ms
9ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=d07061c9-1645-4a00-b232-e2ae32532fe8&expires=28
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Content-Type: image/gif

Redirect headers

Date: Mon, 27 Dec 2021 01:26:29 GMT
Server: MT3 4133 baa842e master cdg-pixel-x25 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=d07061c9-1645-4a00-b232-e2ae32532fe8&expires=28
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 27 Dec 2021 01:26:28 GMT

GET
H2 451 709414.gif
id.rlcdn.com/ Frame 0F68 0
0 62ms
20ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/709414.gif?us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 0F68
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBpCFpYDp6qXuwnnb8igAt0&google_cver=1

0
239 B

82ms
8ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBpCFpYDp6qXuwnnb8igAt0&google_cver=1
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:29 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBpCFpYDp6qXuwnnb8igAt0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 0F68
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1---
https://pr-bh.ybp.yahoo.com/sync/rubicon/sOwAma3S4mQ372q2Ib0MbMn5EUdSAgOZEtemQ7w0kco?csrc=&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=817498629427485841

0
239 B

7ms
7ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=817498629427485841
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Content-Type: image/gif

Redirect headers

date: Mon, 27 Dec 2021 01:26:29 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=817498629427485841
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E7EA 13 KB
5 KB 112ms
55ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
date: Mon, 27 Dec 2021 00:01:29 GMT
expires: Tue, 27 Dec 2022 00:01:29 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 5100
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 694B 783 B
1 KB 163ms
49ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2d73ef8e8aaf61183ad486f81ca65fb1c9e9bdbf764d4133b12ef317dfa04d51

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-D/AfJMXkLpVQPONzuAXTcQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Mon, 27 Dec 2021 01:26:29 GMT
date: Mon, 27 Dec 2021 01:26:29 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-D/AfJMXkLpVQPONzuAXTcQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 bundle.js Show response
ib.3lift.com/rev/c0c42695359d47a3003f7e51db08efad70b63076/dist/ Frame 16E9 246 KB
79 KB 13ms
13ms Script
application/javascript 13.32.27.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.3lift.com/rev/c0c42695359d47a3003f7e51db08efad70b63076/dist/bundle.js
Requested by: Host: ib.3lift.com
URL: https://ib.3lift.com/ttj?inv_code=UD_300x250_BTF2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-72.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 42bab28225b200fcaef4d6dc17379592c02c63daf49fea12450d9c66e4afa1c5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 17:14:46 GMT
content-encoding: gzip
last-modified: Mon, 13 Dec 2021 17:10:39 GMT
server: AmazonS3
age: 1152704
etag: "63ce70b8f5a8fd74fd206c097492fb0f"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 307a3e1075dd3d0976c64513a6ec3d74.cloudfront.net (CloudFront)
cache-control: max-age=31536000, immutable
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
content-length: 79992
x-amz-cf-id: iAoMmN_e1gEsUllnaqqBZ31lOkgNBJtg_xf1jnFGf7yVTgIz5J2QeQ==

GET
H2 200 bundle.js Show response
ib.3lift.com/rev/c0c42695359d47a3003f7e51db08efad70b63076/dist/ Frame BFB2 246 KB
79 KB 34ms
34ms Script
application/javascript 13.32.27.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.3lift.com/rev/c0c42695359d47a3003f7e51db08efad70b63076/dist/bundle.js
Requested by: Host: ib.3lift.com
URL: https://ib.3lift.com/ttj?inv_code=UD_desktop_leaderboard
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-72.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 42bab28225b200fcaef4d6dc17379592c02c63daf49fea12450d9c66e4afa1c5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 17:14:46 GMT
content-encoding: gzip
last-modified: Mon, 13 Dec 2021 17:10:39 GMT
server: AmazonS3
age: 1152704
etag: "63ce70b8f5a8fd74fd206c097492fb0f"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 307a3e1075dd3d0976c64513a6ec3d74.cloudfront.net (CloudFront)
cache-control: max-age=31536000, immutable
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
content-length: 79992
x-amz-cf-id: VOCV2CwXUViEoBVFtm3teZJ4tVPg-zhtzYSb6M2c7Bhf90lzsYWLcw==

GET
H2 200 bundle.js Show response
ib.3lift.com/rev/c0c42695359d47a3003f7e51db08efad70b63076/dist/ Frame D5BF 246 KB
79 KB 59ms
58ms Script
application/javascript 13.32.27.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.3lift.com/rev/c0c42695359d47a3003f7e51db08efad70b63076/dist/bundle.js
Requested by: Host: ib.3lift.com
URL: https://ib.3lift.com/ttj?inv_code=UD_300x250_ATF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-72.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 42bab28225b200fcaef4d6dc17379592c02c63daf49fea12450d9c66e4afa1c5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 17:14:46 GMT
content-encoding: gzip
last-modified: Mon, 13 Dec 2021 17:10:39 GMT
server: AmazonS3
age: 1152704
etag: "63ce70b8f5a8fd74fd206c097492fb0f"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 307a3e1075dd3d0976c64513a6ec3d74.cloudfront.net (CloudFront)
cache-control: max-age=31536000, immutable
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
content-length: 79992
x-amz-cf-id: yLvLGwJ94OaItJJBjLSIuSqOHZ74gLteCMyvGtJXkwhJqEIw6dMlqw==

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame E02B 33 KB
16 KB 135ms
33ms Script
text/javascript 37.157.2.248
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: clarium.global.ssl.fastly.net
URL: https://clarium.global.ssl.fastly.net/?wrapper=dpDNFqkb5Lc3xut9hGBf3bUycI8&tpid=ZHBETkZxa2I1TGMzeHV0OWhHQmYzYlV5Y0k4LzIzNTA1NDUwMjM6MXgx&v=v2lgcycid&d=eyJ3aCI6IlpIQkVUa1p4YTJJMVRHTXplSFYwT1doSFFtWXpZbFY1WTBrNEx6SXpOVEExTkRVd01qTTZNWGd4Iiwid2QiOnsibyI6MjM1MDU0NTAyMywidyI6IjEiLCJoIjoiMSJ9LCJ3ciI6Mn0=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 30d2143e5e0ad4af94bf25a55ea17ac1451f5f8b91ff96dc4a32b4791aaeeab8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:29 GMT
content-encoding: gzip
last-modified: Wed, 01 Dec 2021 14:23:05 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Tue, 28 Dec 2021 04:19:39 GMT

GET
H2 200 cm Show response
gift-connect-d.openx.net/w/1.0/ Frame 1517 0
80 B 123ms
22ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://gift-connect-d.openx.net/w/1.0/cm?id=fd531c74-f5ed-4e60-8874-939fb2acafa1&r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/1032790.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/17.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

vary: Accept, Accept-Encoding
server: OXGW/17.0.0
date: Mon, 27 Dec 2021 01:26:29 GMT
content-type: text/html
content-length: 20
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 1303
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17632&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east

281 B
554 B

15ms
7ms

Document
text/html

104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/1032790.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
ETag: "40014-119-5d32342a551c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 27 Dec 2021 01:26:29 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Date: Mon, 27 Dec 2021 01:26:29 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H2

200

i.gif
e.serverbid.com/udb/9969/sync/ Frame 64CB
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D28%26userId%3D%24UID
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=7851095513005621819

0
44 B

93ms
92ms

Image
text/plain

165.227.252.242
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=7851095513005621819
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/1032790.html
Protocol: H2
Server: 165.227.252.242 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:29 GMT
content-length: 0

Redirect headers

Pragma: no-cache
Date: Mon, 27 Dec 2021 01:26:29 GMT
X-Proxy-Origin: 185.213.155.166; 185.213.155.166; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: f4212248-ca7e-4409-b423-626125d52a2d
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=7851095513005621819
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

i.gif
e.serverbid.com/udb/9969/sync/ Frame 64CB
Redirect Chain

https://pixel.advertising.com/ups/56621/occ
https://pixel.advertising.com/ups/56621/occ?verify=true
https://ups.analytics.yahoo.com/ups/56621/occ?apid=UP0471dc94-66b4-11ec-a82d-0203314ef094
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP0471dc94-66b4-11ec-a82d-0203314ef094

0
44 B

93ms
92ms

Image
text/plain

165.227.252.242
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP0471dc94-66b4-11ec-a82d-0203314ef094
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/1032790.html
Protocol: H2
Server: 165.227.252.242 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:29 GMT
content-length: 0

Redirect headers

location: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP0471dc94-66b4-11ec-a82d-0203314ef094
date: Mon, 27 Dec 2021 01:26:29 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

i.gif
e.serverbid.com/udb/9969/sync/ Frame 64CB
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YckWRZwlS.tA.TVA2RnE-gAA%261204

0
44 B

100ms
98ms

Image
text/plain

165.227.252.242
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YckWRZwlS.tA.TVA2RnE-gAA%261204
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/1032790.html
Protocol: H2
Server: 165.227.252.242 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:29 GMT
content-length: 0

Redirect headers

Pragma: no-cache
Date: Mon, 27 Dec 2021 01:26:29 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YckWRZwlS.tA.TVA2RnE-gAA%261204
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 282
Expires: Mon, 27 Dec 2021 01:26:29 GMT

GET
H/1.1 200
OK cookiesync
bttrack.com/pixel/ Frame 64CB 35 B
380 B 357ms
93ms Image
image/gif 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bttrack.com/pixel/cookiesync?source=a0ae337b-1bd0-4e75-ada7-a2993da64737&secure=1
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/1032790.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

X-ServerName: Track003-dc3
Pragma: no-cache
Date: Mon, 27 Dec 2021 01:26:29 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control: private,no-cache
Content-Type: image/gif
Content-Length: 35
Expires: -1

GET
H2

200

i.gif
e.serverbid.com/udb/9969/sync/ Frame 5ED1
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D28%26userId%3D%24UID
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=7851095513005621819

0
44 B

99ms
97ms

Image
text/plain

165.227.252.242
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=7851095513005621819
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/1032790.html
Protocol: H2
Server: 165.227.252.242 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:29 GMT
content-length: 0

Redirect headers

Pragma: no-cache
Date: Mon, 27 Dec 2021 01:26:29 GMT
X-Proxy-Origin: 185.213.155.166; 185.213.155.166; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 1c1f1aa6-b2c8-44ed-8742-da9e76a71e41
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=7851095513005621819
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

i.gif
e.serverbid.com/udb/9969/sync/ Frame 5ED1
Redirect Chain

https://pixel.advertising.com/ups/56621/occ
https://pixel.advertising.com/ups/56621/occ?verify=true
https://ups.analytics.yahoo.com/ups/56621/occ?apid=UP0471dc94-66b4-11ec-a82d-0203314ef094
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP0471dc94-66b4-11ec-a82d-0203314ef094

0
44 B

108ms
108ms

Image
text/plain

165.227.252.242
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP0471dc94-66b4-11ec-a82d-0203314ef094
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/1032790.html
Protocol: H2
Server: 165.227.252.242 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:29 GMT
content-length: 0

Redirect headers

location: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP0471dc94-66b4-11ec-a82d-0203314ef094
date: Mon, 27 Dec 2021 01:26:29 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

i.gif
e.serverbid.com/udb/9969/sync/ Frame 5ED1
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YckWRZwlS.tA.TVA2RnE-gAA%261204

0
44 B

99ms
97ms

Image
text/plain

165.227.252.242
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YckWRZwlS.tA.TVA2RnE-gAA%261204
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/1032790.html
Protocol: H2
Server: 165.227.252.242 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:29 GMT
content-length: 0

Redirect headers

Pragma: no-cache
Date: Mon, 27 Dec 2021 01:26:29 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YckWRZwlS.tA.TVA2RnE-gAA%261204
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 282
Expires: Mon, 27 Dec 2021 01:26:29 GMT

GET
H/1.1 200
OK cookiesync
bttrack.com/pixel/ Frame 5ED1 35 B
380 B 388ms
99ms Image
image/gif 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bttrack.com/pixel/cookiesync?source=a0ae337b-1bd0-4e75-ada7-a2993da64737&secure=1
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/1032790.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

X-ServerName: Track001-dc3
Pragma: no-cache
Date: Mon, 27 Dec 2021 01:26:29 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control: private,no-cache
Content-Type: image/gif
Content-Length: 35
Expires: -1

GET
H2 200 cm Show response
gift-connect-d.openx.net/w/1.0/ Frame 5DB7 0
177 B 118ms
21ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://gift-connect-d.openx.net/w/1.0/cm?id=fd531c74-f5ed-4e60-8874-939fb2acafa1&r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/1032790.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/17.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

vary: Accept, Accept-Encoding
server: OXGW/17.0.0
date: Mon, 27 Dec 2021 01:26:29 GMT
content-type: text/html
content-length: 20
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame C19C
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17632&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east

281 B
554 B

7ms
7ms

Document
text/html

104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/1032790.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
ETag: "40014-119-5d32342a551c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 27 Dec 2021 01:26:29 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Date: Mon, 27 Dec 2021 01:26:29 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
DATA 200
OK truncated
/ Frame 16E9 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e286a59bebbbd432549e87c5cc38b2e900440cdc616d4b4286611e59bbdb9c61

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

i.gif
e.serverbid.com/udb/9969/sync/ Frame 14D5
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D28%26userId%3D%24UID
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=7851095513005621819

0
44 B

95ms
94ms

Image
text/plain

165.227.252.242
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=7851095513005621819
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/1032790.html
Protocol: H2
Server: 165.227.252.242 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:29 GMT
content-length: 0

Redirect headers

Pragma: no-cache
Date: Mon, 27 Dec 2021 01:26:29 GMT
X-Proxy-Origin: 185.213.155.166; 185.213.155.166; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: ecd7b532-90ed-42ac-bfb1-0adbb09641c9
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=7851095513005621819
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

i.gif
e.serverbid.com/udb/9969/sync/ Frame 14D5
Redirect Chain

https://pixel.advertising.com/ups/56621/occ
https://pixel.advertising.com/ups/56621/occ?verify=true
https://ups.analytics.yahoo.com/ups/56621/occ?apid=UP0471dc94-66b4-11ec-a82d-0203314ef094
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP0471dc94-66b4-11ec-a82d-0203314ef094

0
44 B

93ms
93ms

Image
text/plain

165.227.252.242
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP0471dc94-66b4-11ec-a82d-0203314ef094
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/1032790.html
Protocol: H2
Server: 165.227.252.242 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:29 GMT
content-length: 0

Redirect headers

location: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP0471dc94-66b4-11ec-a82d-0203314ef094
date: Mon, 27 Dec 2021 01:26:29 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

i.gif
e.serverbid.com/udb/9969/sync/ Frame 14D5
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YckWRZwlS.tA.TVA2RnE-gAA%261204

0
44 B

93ms
92ms

Image
text/plain

165.227.252.242
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YckWRZwlS.tA.TVA2RnE-gAA%261204
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/1032790.html
Protocol: H2
Server: 165.227.252.242 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:29 GMT
content-length: 0

Redirect headers

Pragma: no-cache
Date: Mon, 27 Dec 2021 01:26:29 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YckWRZwlS.tA.TVA2RnE-gAA%261204
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 282
Expires: Mon, 27 Dec 2021 01:26:29 GMT

GET
H/1.1 200
OK cookiesync
bttrack.com/pixel/ Frame 14D5 35 B
380 B 346ms
97ms Image
image/gif 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bttrack.com/pixel/cookiesync?source=a0ae337b-1bd0-4e75-ada7-a2993da64737&secure=1
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/1032790.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

X-ServerName: Track003-dc3
Pragma: no-cache
Date: Mon, 27 Dec 2021 01:26:29 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control: private,no-cache
Content-Type: image/gif
Content-Length: 35
Expires: -1

GET
H2 200 cm Show response
gift-connect-d.openx.net/w/1.0/ Frame E8F2 0
80 B 76ms
22ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://gift-connect-d.openx.net/w/1.0/cm?id=fd531c74-f5ed-4e60-8874-939fb2acafa1&r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/1032790.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/17.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

vary: Accept, Accept-Encoding
server: OXGW/17.0.0
date: Mon, 27 Dec 2021 01:26:29 GMT
content-type: text/html
content-length: 20
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame AC80
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17632&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east

281 B
554 B

19ms
7ms

Document
text/html

104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/1032790.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
ETag: "40014-119-5d32342a551c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 27 Dec 2021 01:26:29 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Date: Mon, 27 Dec 2021 01:26:29 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H2

200

i.gif
e.serverbid.com/udb/9969/sync/ Frame 24E5
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D28%26userId%3D%24UID
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=7851095513005621819

0
44 B

95ms
95ms

Image
text/plain

165.227.252.242
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=7851095513005621819
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/1032790.html
Protocol: H2
Server: 165.227.252.242 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:29 GMT
content-length: 0

Redirect headers

Pragma: no-cache
Date: Mon, 27 Dec 2021 01:26:29 GMT
X-Proxy-Origin: 185.213.155.166; 185.213.155.166; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: c23b7e64-e69b-4308-a8e8-23b2e45830d8
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=7851095513005621819
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

i.gif
e.serverbid.com/udb/9969/sync/ Frame 24E5
Redirect Chain

https://pixel.advertising.com/ups/56621/occ
https://pixel.advertising.com/ups/56621/occ?verify=true
https://ups.analytics.yahoo.com/ups/56621/occ?apid=UP0471dc94-66b4-11ec-a82d-0203314ef094
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP0471dc94-66b4-11ec-a82d-0203314ef094

0
44 B

93ms
92ms

Image
text/plain

165.227.252.242
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP0471dc94-66b4-11ec-a82d-0203314ef094
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/1032790.html
Protocol: H2
Server: 165.227.252.242 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:29 GMT
content-length: 0

Redirect headers

location: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP0471dc94-66b4-11ec-a82d-0203314ef094
date: Mon, 27 Dec 2021 01:26:29 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

i.gif
e.serverbid.com/udb/9969/sync/ Frame 24E5
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YckWRZwlS.tA.TVA2RnE-gAA%261204

0
44 B

92ms
92ms

Image
text/plain

165.227.252.242
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YckWRZwlS.tA.TVA2RnE-gAA%261204
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/1032790.html
Protocol: H2
Server: 165.227.252.242 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:29 GMT
content-length: 0

Redirect headers

Pragma: no-cache
Date: Mon, 27 Dec 2021 01:26:29 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YckWRZwlS.tA.TVA2RnE-gAA%261204
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 282
Expires: Mon, 27 Dec 2021 01:26:29 GMT

GET
H/1.1 200
OK cookiesync
bttrack.com/pixel/ Frame 24E5 35 B
380 B 365ms
94ms Image
image/gif 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bttrack.com/pixel/cookiesync?source=a0ae337b-1bd0-4e75-ada7-a2993da64737&secure=1
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/1032790.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

X-ServerName: Track002-dc3
Pragma: no-cache
Date: Mon, 27 Dec 2021 01:26:29 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control: private,no-cache
Content-Type: image/gif
Content-Length: 35
Expires: -1

GET
H2 200 cm Show response
gift-connect-d.openx.net/w/1.0/ Frame 1851 0
80 B 72ms
23ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://gift-connect-d.openx.net/w/1.0/cm?id=fd531c74-f5ed-4e60-8874-939fb2acafa1&r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/1032790.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/17.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

vary: Accept, Accept-Encoding
server: OXGW/17.0.0
date: Mon, 27 Dec 2021 01:26:29 GMT
content-type: text/html
content-length: 20
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 1043
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17632&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east

281 B
554 B

18ms
7ms

Document
text/html

104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/1032790.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
ETag: "40014-119-5d32342a551c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 27 Dec 2021 01:26:29 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Date: Mon, 27 Dec 2021 01:26:29 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
DATA 200
OK truncated
/ Frame D5BF 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a23b6379de12cc2615f3376d784dff35a611a05365ae6c901b7829a72439a6b9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame BFB2 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6ea3397749fc6b873d51573b1121abfd8ece9b6727ebacbea870605ce5ba5d38

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 container.html Show response
cf946a16b6dc5b3b3a7f8207ac7c9a78.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C341 6 KB
3 KB 88ms
39ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cf946a16b6dc5b3b3a7f8207ac7c9a78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: clarium.global.ssl.fastly.net
URL: https://clarium.global.ssl.fastly.net/gpt/a/wrap.js?v2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 27 Dec 2021 01:26:29 GMT
expires: Tue, 27 Dec 2022 01:26:29 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 notify
tlx.3lift.com/header/ 37 B
183 B 16ms
16ms Image
image/gif 18.184.69.62
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tlx.3lift.com/header/notify?px=1&pr=${AUCTION_PRICE}&ts=1640568388&aid=107613134515662448340&ec=7354_130951_52094793&n=GgDyAroBCAASFTEwNzYxMzEzNDUxNTY2MjQ0ODM0MBgAIAEoujkwh%2F8HQAFIAFABYApoAHCNuyKQAQCYAQCoAQCwAbYFuAFkwAGJBMgBtgXgAW7wAQD4AbYFgAKJBIgCbpECAAAAAAAA8D%2BZAgAAAAAAANA%2FoQIAAAAAAADwP6gCALACAMgCBNgCAPECZmZmZmZm5j%2F4ApA3gAOsAogD%2BgGQAwCYAwCgAwC4A6LeS8ADAMgDANIDCDUyMDk0Nzkz%2BAIMiAMAkgMEQUQyMA%3D%3D&b=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.184.69.62 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-184-69-62.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:29 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H2 200 r
eb2.3lift.com/ 37 B
139 B 8ms
8ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/r?inv_code=UD_300x250_BTF2&aid=107613134515662448340&rev=c0c4269&ss=12&bc=0.694&pr=un&brid=564621&bmid=7354&biid=7056&bcud=694&sid=130951&ts=1640568388&caid=0&unid=0&domain=www.urbandictionary.com&ref=https%253A%252F%252Fwww.urbandictionary.com%252F&rr=creative&fid=10&rb=0&g=0&cb=88420
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:29 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
DATA 200
OK truncated Show response
/ Frame 006D 26 B
0 Script
image/gif

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c00a759275b8628823a9809f24cbeca08cb48b52713adf221f70284e66d9c82f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 OBA_TRANS.png
ib.3lift.com/static/buttons/edaa/ Frame 16E9 3 KB
3 KB 8ms
7ms Image
image/png 13.32.27.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.3lift.com/static/buttons/edaa/OBA_TRANS.png
Requested by: Host: www.urbandictionary.com
URL: https://www.urbandictionary.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-72.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 07:26:46 GMT
via: 1.1 307a3e1075dd3d0976c64513a6ec3d74.cloudfront.net (CloudFront)
last-modified: Thu, 05 Aug 2021 17:23:36 GMT
server: AmazonS3
age: 496784
etag: "ddf020e069f1706b72b7698b28fede09"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=604800,s-maxage=604800,public
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
content-length: 3125
x-amz-cf-id: aSjhGAzelRAyYb5-Pyhfk2lkfOEsD0sSi7pSu5KtMyxbuUdRQFYIuw==

GET
H2 200 OBA_UK.png
ib.3lift.com/static/buttons/edaa/ Frame 16E9 3 KB
4 KB 8ms
7ms Image
image/png 13.32.27.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.3lift.com/static/buttons/edaa/OBA_UK.png
Requested by: Host: www.urbandictionary.com
URL: https://www.urbandictionary.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-72.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08285afd2f0c11a2a9d89f00dce769479e4d164e62caa39eceea9f1eb551afa9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 01:04:16 GMT
via: 1.1 307a3e1075dd3d0976c64513a6ec3d74.cloudfront.net (CloudFront)
last-modified: Thu, 05 Aug 2021 17:23:31 GMT
server: AmazonS3
age: 87734
etag: "7ceab27af00fa466072a3c3360041755"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=604800,s-maxage=604800,public
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
content-length: 3518
x-amz-cf-id: ABJDLR5DcLM4WaSDna6Ib2pZ8l_7FJmEUS38YTeTsRqwAXkG5A0g5Q==

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame 9BD1 943 B
1 KB 20ms
19ms Script
text/javascript 37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=52094793;rtbwp=0.694;rtbdata=e-4gecWcpwZeEPrn_KTIxrG_5RRah7r5QiS3GKqXqmOC37wfCqGTQAVnUETmH6vVs33byewNVQxLETnJI_K-VNBXbqaWS4fSlfClTA81HMfi5fQe8Hd-3RmcmBPgNF2B-uwhqLb0_kbcrbiWeWGdweq2-AYdKcXDzAC0EYCAYcDFdOM0WuYcCDxdwmKqJ21BkT2YWOlhVtw4tePuzGrQNO52e1q5vkZJhS5EBIRnDWewtRT-rd04K9HepMWUDT0uZPSVCRcBPzE1

Requested by

Host: ib.3lift.com
URL: https://ib.3lift.com/rev/c0c42695359d47a3003f7e51db08efad70b63076/dist/bundle.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

1c89db4b2886d91bf58decbae0593a2a3f327c196f2fe2ce8df17363eb4b9c2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:29 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 806
expires: -1

GET
H2 200 aop
eb2.3lift.com/ 37 B
139 B 8ms
8ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/aop?inv_code=UD_300x250_BTF2&aid=107613134515662448340&rev=c0c4269&ss=12&bc=0.694&pr=un&brid=564621&bmid=7354&biid=7056&bcud=694&sid=130951&ts=1640568388&caid=0&unid=0&domain=www.urbandictionary.com&ref=https%253A%252F%252Fwww.urbandictionary.com%252F&rr=creative&fid=10&rb=0&g=0&cb=24912
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:29 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 sync Show response
eb2.3lift.com/ Frame D3C0 1 KB
1 KB 8ms
8ms Document
text/html 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?max=10&cb=55043
Requested by: Host: ib.3lift.com
URL: https://ib.3lift.com/rev/c0c42695359d47a3003f7e51db08efad70b63076/dist/bundle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: 15de584bc2971ae67049d2a9997f7aa7069243edaf645475a7682640968d0f94

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/

Response headers

date: Mon, 27 Dec 2021 01:26:29 GMT
content-type: text/html; charset=utf-8
content-length: 397
content-encoding: gzip
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control: no-cache, no-store, must-revalidate

OPTIONS id
api.britepool.com/v1/britepool/ Frame 0
0

POST id
api.britepool.com/v1/britepool/ 0
0

GET
H2 451 envelope Show response
api.rlcdn.com/api/identity/ 44 B
334 B 60ms
20ms XHR
text/plain 34.120.133.55
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rlcdn.com/api/identity/envelope?pid=1327

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156796/877/pwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

55.133.120.34.bc.googleusercontent.com

Software

Resource Hash

da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.urbandictionary.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 27 Dec 2021 01:26:29 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.urbandictionary.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 44

GET
H/1.1 200
OK 36744 Show response
idx.liadm.com/idex/prebid/ 68 B
556 B 417ms
102ms XHR
application/json 52.86.156.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://idx.liadm.com/idex/prebid/36744?duid=7b1bfe6a19f7--01fqwqxy2w38z9mjq37dmtjmcx

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156796/877/pwt.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.86.156.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-86-156-15.compute-1.amazonaws.com

Software

Resource Hash

fb38d35231518cb883bcaf98214930b304470aba76a545666bdf8bb533c0f65c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.urbandictionary.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 27 Dec 2021 01:26:29 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/json
Access-Control-Allow-Origin: https://www.urbandictionary.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
trace-id: 71590b0942517144
Content-Length: 68

GET
H2 200 id Show response
id.crwdcntrl.net/ 63 B
343 B 49ms
40ms XHR
application/json 52.19.22.209
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156796/877/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.19.22.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-22-209.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 3aaf3ac542301cf81ff6104045bdcd1433b927145c8950012feed8efca1c9c54

Request headers

Referer: https://www.urbandictionary.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:29 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.urbandictionary.com
cache-control: no-cache
x-server: 10.45.12.206
access-control-allow-credentials: true
content-type: application/json;charset=utf-8
content-length: 63
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 108 B
653 B 31ms
31ms XHR
application/json 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156796/877/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: cab36f9b41731db38b485e3734fc715b3ee3c4ba8dbbea49c0268257305516f0

Request headers

Referer: https://www.urbandictionary.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 27 Dec 2021 01:26:29 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.urbandictionary.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 108
expires: Wed, 26 Jan 2022 01:26:29 GMT

GET
H2 200 r
eb2.3lift.com/ 37 B
139 B 9ms
9ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/r?inv_code=UD_desktop_leaderboard&aid=108506165963685801330&rev=c0c4269&ss=12&bc=0.259&pr=un&brid=49187&bmid=3690&biid=7265&bcud=259&sid=62334&ts=1640568388&caid=0&unid=0&domain=www.urbandictionary.com&ref=https%253A%252F%252Fwww.urbandictionary.com%252F&rr=creative&fid=10&rb=0&g=0&cb=39120
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:29 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 OBA_TRANS.png
ib.3lift.com/static/buttons/edaa/ Frame BFB2 3 KB
3 KB 8ms
8ms Image
image/png 13.32.27.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.3lift.com/static/buttons/edaa/OBA_TRANS.png
Requested by: Host: ib.3lift.com
URL: https://ib.3lift.com/rev/c0c42695359d47a3003f7e51db08efad70b63076/dist/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-72.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 07:26:46 GMT
via: 1.1 307a3e1075dd3d0976c64513a6ec3d74.cloudfront.net (CloudFront)
last-modified: Thu, 05 Aug 2021 17:23:36 GMT
server: AmazonS3
age: 496784
etag: "ddf020e069f1706b72b7698b28fede09"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=604800,s-maxage=604800,public
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
content-length: 3125
x-amz-cf-id: pnwqI3X9w65MWOKLXGtTeuKHRF4Kabk0GSWU-mIQ8rMAw4xtAgaKyA==

GET
H2 200 OBA_UK.png
ib.3lift.com/static/buttons/edaa/ Frame BFB2 3 KB
4 KB 9ms
9ms Image
image/png 13.32.27.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.3lift.com/static/buttons/edaa/OBA_UK.png
Requested by: Host: ib.3lift.com
URL: https://ib.3lift.com/rev/c0c42695359d47a3003f7e51db08efad70b63076/dist/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-72.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08285afd2f0c11a2a9d89f00dce769479e4d164e62caa39eceea9f1eb551afa9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 01:04:16 GMT
via: 1.1 307a3e1075dd3d0976c64513a6ec3d74.cloudfront.net (CloudFront)
last-modified: Thu, 05 Aug 2021 17:23:31 GMT
server: AmazonS3
age: 87734
etag: "7ceab27af00fa466072a3c3360041755"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=604800,s-maxage=604800,public
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
content-length: 3518
x-amz-cf-id: HGNw7MGp-ZXQhFe_Exj4IM9n7cbk15cz4wQ6fq7YFxq01x8p3Z0mEA==

GET
DATA 200
OK truncated Show response
/ Frame E1DF 26 B
0 Script
image/gif

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c00a759275b8628823a9809f24cbeca08cb48b52713adf221f70284e66d9c82f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK js Show response
tags.mathtag.com/notify/ Frame 1921 2 KB
1 KB 77ms
38ms Script
application/x-javascript 185.29.134.249
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.mathtag.com/notify/js?exch=gor&s_exch=ss6&id=5aW95q2jLzIzLyAvTkRsa05HUTRNRGt0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzE2MjQ2MzMxNzczMzUwMTQ4OTIvOTY5MDAzNS85OTU1OTkzLzYyL2JRcmVaV2xuS2YwaTV3dUhxeU40VE1FeU9GZTVUV1RiVkhyV05FalViNFkvMS82Mi8wLzAvMTczNDk0NS8zMTE3NzgzOTc0LzIxNTU0My8xMDQwODc5LzEvMC8wL01EQXdNREF3TURBdE1EQXdNQzB3TURBd0xUQXdNREF0TURBd01EQXdNREF3TURBdy8wLzAvMC8wLzAvMTYyNDYzMzE3NzMzNTAxNDg5Mi96cmgvMC8xMDAxMC80NC85OTkvMjU4LzE4NS4yMTMuMTU1LjAvMC4wMDAvMTY0MDU2ODM4OC8xNjQwNTgwOTg4LzYyLzMwMzAv/004Hrfog4dH1MhjVeIvIXUvZM60&nodeid=2801&group=zrh&auctionid=1624633177335014892&shardkey=1624633177335014892&sid=9955993&cid=9690035&price=0.259&bp=a_cfjjig&nfy_act=LD5wfnw&type=adm&client=c2s&bfip=185.29.133.161
Requested by: Host: ib.3lift.com
URL: https://ib.3lift.com/rev/c0c42695359d47a3003f7e51db08efad70b63076/dist/bundle.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.249 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.210.4 /
Resource Hash: a5d90042ab77d822ee4e9377a6c76afc335ad9d30d8c952f848d1f87b1e07124

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 27 Dec 2021 01:26:29 GMT
Content-Encoding: gzip
x-mm-bid-request-time: 1640568388
Last-Modified: Mon, 27 Dec 2021 01:26:28 GMT
Server: MMBD/3.210.4
x-mm-latency: 24 (1)
Content-Type: application/x-javascript; charset=UTF-8
x-mm-dbg: Count
Cache-Control: no-cache
x-mm-host: cdg-router-x49, zrh-bidder-x156
Connection: close
Expires: Mon, 27 Dec 2021 01:26:28 GMT

GET
H2 200 aop
eb2.3lift.com/ 37 B
139 B 8ms
8ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/aop?inv_code=UD_desktop_leaderboard&aid=108506165963685801330&rev=c0c4269&ss=12&bc=0.259&pr=un&brid=49187&bmid=3690&biid=7265&bcud=259&sid=62334&ts=1640568388&caid=0&unid=0&domain=www.urbandictionary.com&ref=https%253A%252F%252Fwww.urbandictionary.com%252F&rr=creative&fid=10&rb=0&g=0&cb=49304
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:29 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 sync Show response
eb2.3lift.com/ Frame 44E1 1 KB
1 KB 14ms
14ms Document
text/html 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?max=10&cb=60499
Requested by: Host: ib.3lift.com
URL: https://ib.3lift.com/rev/c0c42695359d47a3003f7e51db08efad70b63076/dist/bundle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: d52d1c737ccf46ce4597f44d77440b396122e0ac4eb0868bfe63dd97cd5fea55

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/

Response headers

date: Mon, 27 Dec 2021 01:26:29 GMT
content-type: text/html; charset=utf-8
content-length: 454
content-encoding: gzip
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control: no-cache, no-store, must-revalidate

GET
H2 200 r
eb2.3lift.com/ 37 B
139 B 9ms
8ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/r?inv_code=UD_300x250_ATF&aid=87716900272599027740&rev=c0c4269&ss=12&bc=0.259&pr=un&brid=49187&bmid=3690&biid=7265&bcud=259&sid=62334&ts=1640568388&caid=0&unid=0&domain=www.urbandictionary.com&ref=https%253A%252F%252Fwww.urbandictionary.com%252F&rr=creative&fid=10&rb=0&g=0&cb=28175
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:29 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 OBA_TRANS.png
ib.3lift.com/static/buttons/edaa/ Frame D5BF 3 KB
3 KB 8ms
7ms Image
image/png 13.32.27.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.3lift.com/static/buttons/edaa/OBA_TRANS.png
Requested by: Host: ib.3lift.com
URL: https://ib.3lift.com/rev/c0c42695359d47a3003f7e51db08efad70b63076/dist/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-72.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 07:26:46 GMT
via: 1.1 307a3e1075dd3d0976c64513a6ec3d74.cloudfront.net (CloudFront)
last-modified: Thu, 05 Aug 2021 17:23:36 GMT
server: AmazonS3
age: 496784
etag: "ddf020e069f1706b72b7698b28fede09"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=604800,s-maxage=604800,public
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
content-length: 3125
x-amz-cf-id: KD2w_fChnmSp4edTVdMTpRWN29nJ4lI4twXcDm4OYBMPyEHMRUkQUA==

GET
H2 200 OBA_UK.png
ib.3lift.com/static/buttons/edaa/ Frame D5BF 3 KB
4 KB 8ms
8ms Image
image/png 13.32.27.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.3lift.com/static/buttons/edaa/OBA_UK.png
Requested by: Host: ib.3lift.com
URL: https://ib.3lift.com/rev/c0c42695359d47a3003f7e51db08efad70b63076/dist/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-72.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08285afd2f0c11a2a9d89f00dce769479e4d164e62caa39eceea9f1eb551afa9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 01:04:16 GMT
via: 1.1 307a3e1075dd3d0976c64513a6ec3d74.cloudfront.net (CloudFront)
last-modified: Thu, 05 Aug 2021 17:23:31 GMT
server: AmazonS3
age: 87734
etag: "7ceab27af00fa466072a3c3360041755"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=604800,s-maxage=604800,public
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
content-length: 3518
x-amz-cf-id: gM2I7ZR7fyAwrpxWn8K-Zl0r_CyrY4FCBhGeNnJHN7N0D5sHUSxIAg==

GET
DATA 200
OK truncated Show response
/ Frame 15E8 26 B
0 Script
image/gif

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c00a759275b8628823a9809f24cbeca08cb48b52713adf221f70284e66d9c82f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK js Show response
tags.mathtag.com/notify/ Frame F67A 2 KB
1 KB 56ms
28ms Script
application/x-javascript 185.29.134.249
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.mathtag.com/notify/js?exch=gor&s_exch=ss6&id=5aW95q2jLzIzLyAvTkRsa05HUTRNRGt0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzQ3MTcxMTY3MjcyODE2NzkzNS85NjkwMDMzLzk5NTU5OTMvNjIvYlFyZVpXbG5LZjBpNXd1SHF5TjRUTFBBcUlOZzZvdXR0MzZReHBjcEVENC8xLzYyLzAvMC8xNzM0OTQ1LzMxMTc3ODM5NzQvMjE1NTQzLzEwNDA4NzkvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC80NzE3MTE2NzI3MjgxNjc5MzUvenJoLzAvMTAwMTAvNDQvOTk5LzI1OC8xODUuMjEzLjE1NS4wLzAuMDAwLzE2NDA1NjgzODgvMTY0MDU4MDk4OC82Mi8zMDMwLw/PHvuCZ7DJktQDzS9Y2ZVB2UIeJM&nodeid=2801&group=zrh&auctionid=471711672728167935&shardkey=471711672728167935&sid=9955993&cid=9690033&price=0.259&bp=a_cfjjig&nfy_act=LD5wfnw&type=adm&client=c2s&bfip=185.29.135.136
Requested by: Host: ib.3lift.com
URL: https://ib.3lift.com/rev/c0c42695359d47a3003f7e51db08efad70b63076/dist/bundle.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.249 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.210.4 /
Resource Hash: cc97afe5e5a8af01acdf4b1fcb68f86cdc7c6296a7cf15f9f5ddf1539a0c42a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 27 Dec 2021 01:26:29 GMT
Content-Encoding: gzip
x-mm-bid-request-time: 1640568388
Last-Modified: Mon, 27 Dec 2021 01:26:28 GMT
Server: MMBD/3.210.4
x-mm-latency: 13 (1)
Content-Type: application/x-javascript; charset=UTF-8
x-mm-dbg: Count
Cache-Control: no-cache
x-mm-host: cdg-router-x39, zrh-bidder-x156
Connection: close
Expires: Mon, 27 Dec 2021 01:26:28 GMT

GET
H2 200 ev1
eb2.3lift.com/ 37 B
139 B 9ms
8ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/ev1?inv_code=UD_desktop_leaderboard&aid=108506165963685801330&rev=c0c4269&ss=12&bc=0.259&pr=%24%7BAUCTION_PRICE%7D&brid=49187&bmid=3690&biid=7265&bcud=259&sid=62334&ts=1640568388&caid=0&unid=0&cepos=0&ceid=0&cb=98808
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:29 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 aop
eb2.3lift.com/ 37 B
139 B 9ms
8ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/aop?inv_code=UD_300x250_ATF&aid=87716900272599027740&rev=c0c4269&ss=12&bc=0.259&pr=un&brid=49187&bmid=3690&biid=7265&bcud=259&sid=62334&ts=1640568388&caid=0&unid=0&domain=www.urbandictionary.com&ref=https%253A%252F%252Fwww.urbandictionary.com%252F&rr=creative&fid=10&rb=0&g=0&cb=44689
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:29 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 sync Show response
eb2.3lift.com/ Frame 2708 1 KB
2 KB 10ms
9ms Document
text/html 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?max=10&cb=59735
Requested by: Host: ib.3lift.com
URL: https://ib.3lift.com/rev/c0c42695359d47a3003f7e51db08efad70b63076/dist/bundle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: c4e1ef5b8a05b1734d1ecf6c8ff1d45746381423aa24ab4220ce6793ce1aa7e0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/

Response headers

date: Mon, 27 Dec 2021 01:26:29 GMT
content-type: text/html; charset=utf-8
content-length: 595
content-encoding: gzip
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control: no-cache, no-store, must-revalidate

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame E02B 5 KB
3 KB 21ms
21ms Script
text/javascript 37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?bn=43157361;rtbwp=YckWRAAAAABDVqoou9VTssznLIqxVh2BBb1zNw;rtbdata=mxYYoVJbhlVd6qv1GaTkk5zZdBcq-OOGEBjkTRK5ePgtKxSXjrg5inVQfQhSZ-tghzFaYIvj4TX9bzpk80h_mFPTq29bgYoQWZ6OcSZRT9mZPhbG2DVR2ExxrfP1JdsnOQdMZMoNmgeORFenOLXVyIYcD1xJ3XZ9gtcW73zADlIVAsxVvZrpaCCHi5trHHMYXFyYKhJRvxquzbUM9_cJogY_XY_D3lCi0;js=1;adfxid=1x;8465;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|0|0;fd=0|2&CREFURL=https%3A%2F%2Fwww.urbandictionary.com%2F

Requested by

Host: clarium.global.ssl.fastly.net
URL: https://clarium.global.ssl.fastly.net/?wrapper=dpDNFqkb5Lc3xut9hGBf3bUycI8&tpid=ZHBETkZxa2I1TGMzeHV0OWhHQmYzYlV5Y0k4LzIzNTA1NDUwMjM6MXgx&v=v2lgcycid&d=eyJ3aCI6IlpIQkVUa1p4YTJJMVRHTXplSFYwT1doSFFtWXpZbFY1WTBrNEx6SXpOVEExTkRVd01qTTZNWGd4Iiwid2QiOnsibyI6MjM1MDU0NTAyMywidyI6IjEiLCJoIjoiMSJ9LCJ3ciI6Mn0=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

f598dbe7a4ca3b66ffca0381976398ed82df1cd93476951fcf31286781ab6bce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:29 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 2318
expires: -1

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 123ms
76ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_pgbrk&pvsid=2967380673806602&vrg=2021120601&nw_id=1031683&nslots=5&eid=31060439%2C31061814%2C31063898%2C676982961&pub_url=https%3A%2F%2Fwww.urbandictionary.com%2F&qid=CKKgvcDpgvUCFYCBgwcd3xUCBA&iu=%2F1031683%2FUD_ROS_728x90_ATF_Flex&e=0&ret=970x90&req=728x90%7C970x90&bm=0&efh=1&stk=0&ifi=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame 9BD1 33 KB
16 KB 24ms
22ms Script
text/javascript 37.157.2.248
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=52094793;rtbwp=0.694;rtbdata=e-4gecWcpwZeEPrn_KTIxrG_5RRah7r5QiS3GKqXqmOC37wfCqGTQAVnUETmH6vVs33byewNVQxLETnJI_K-VNBXbqaWS4fSlfClTA81HMfi5fQe8Hd-3RmcmBPgNF2B-uwhqLb0_kbcrbiWeWGdweq2-AYdKcXDzAC0EYCAYcDFdOM0WuYcCDxdwmKqJ21BkT2YWOlhVtw4tePuzGrQNO52e1q5vkZJhS5EBIRnDWewtRT-rd04K9HepMWUDT0uZPSVCRcBPzE1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 30d2143e5e0ad4af94bf25a55ea17ac1451f5f8b91ff96dc4a32b4791aaeeab8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:30 GMT
content-encoding: gzip
last-modified: Wed, 01 Dec 2021 14:23:05 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Tue, 28 Dec 2021 04:19:39 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame C19C 32 KB
10 KB 12ms
10ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 310ec08f78aca9b36c34a878dc933c8258bcb914800038508419033c2c69e25e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 27 Dec 2021 01:26:30 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Dec 2021 23:04:16 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=61064
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9702
Expires: Mon, 27 Dec 2021 18:24:14 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 1303 32 KB
10 KB 10ms
10ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 310ec08f78aca9b36c34a878dc933c8258bcb914800038508419033c2c69e25e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 27 Dec 2021 01:26:30 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Dec 2021 23:04:16 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=61064
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9702
Expires: Mon, 27 Dec 2021 18:24:14 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame AC80 32 KB
10 KB 10ms
10ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 310ec08f78aca9b36c34a878dc933c8258bcb914800038508419033c2c69e25e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 27 Dec 2021 01:26:30 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Dec 2021 23:04:16 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=61064
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9702
Expires: Mon, 27 Dec 2021 18:24:14 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 1043 32 KB
10 KB 9ms
9ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 310ec08f78aca9b36c34a878dc933c8258bcb914800038508419033c2c69e25e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 27 Dec 2021 01:26:30 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Dec 2021 23:04:16 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=61064
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9702
Expires: Mon, 27 Dec 2021 18:24:14 GMT

GET
H2 200 ev1
eb2.3lift.com/ 37 B
139 B 8ms
8ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/ev1?inv_code=UD_300x250_ATF&aid=87716900272599027740&rev=c0c4269&ss=12&bc=0.259&pr=%24%7BAUCTION_PRICE%7D&brid=49187&bmid=3690&biid=7265&bcud=259&sid=62334&ts=1640568388&caid=0&unid=0&cepos=0&ceid=0&cb=90429
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:30 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2

200

xuid
eb2.3lift.com/ Frame D3C0
Redirect Chain

https://ad.turn.com/r/cs?pid=49&gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=4771&xuid=7962868175624140480&dongle=d407

37 B
352 B

11ms
10ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=4771&xuid=7962868175624140480&dongle=d407
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=55043
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:30 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://eb2.3lift.com/xuid?mid=4771&xuid=7962868175624140480&dongle=d407
pragma: no-cache
date: Mon, 27 Dec 2021 01:26:30 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1 400
Request failed due to privacy signals setuid
ib.adnxs.com/prebid/ Frame D3C0 0
0 13ms
13ms Image
text/html 185.33.221.15
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=1&gdpr_consent=&uid=9634054160953369579
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=55043
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H/1.1 400
Request failed due to privacy signals setuid
ib.adnxs.com/prebid/ Frame D3C0 0
0 15ms
14ms Image
text/html 185.33.221.15
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=1&gdpr_consent=&uid=9634054160953369579
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=55043
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H2

200

xuid
eb2.3lift.com/ Frame D3C0
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=62&redir=%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3690%26xuid%3D%5BMM_UUID%5D%26dongle%3D3995%26gdpr=1%26gdpr_consent=
https://eb2.3lift.com/xuid?mid=3690&xuid=d07061c9-1645-4a00-b232-e2ae32532fe8&dongle=3995&gdpr=1&gdpr_consent=

37 B
352 B

9ms
8ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=3690&xuid=d07061c9-1645-4a00-b232-e2ae32532fe8&dongle=3995&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=55043
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:30 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Date: Mon, 27 Dec 2021 01:26:30 GMT
Server: MT3 4133 baa842e master cdg-pixel-x29 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://eb2.3lift.com/xuid?mid=3690&xuid=d07061c9-1645-4a00-b232-e2ae32532fe8&dongle=3995&gdpr=1&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 27 Dec 2021 01:26:29 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame D3C0
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/RVF22VSl?redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3657%26xuid%3D%24%7BTM_USER_ID%7D%26dongle%3D3c0a%26gdpr=1%26gdpr_consent=
https://eb2.3lift.com/xuid?mid=3657&xuid=YckWRQAA749dnQAF&dongle=3c0a&gdpr=1&gdpr_consent=

37 B
352 B

10ms
10ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=3657&xuid=YckWRQAA749dnQAF&dongle=3c0a&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=55043
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:30 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:30 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1640568390.080566,VS0,VE89
x-served-by: cache-hhn4077-HHN
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location: https://eb2.3lift.com/xuid?mid=3657&xuid=YckWRQAA749dnQAF&dongle=3c0a&gdpr=1&gdpr_consent=
cache-control: no-cache
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
x-cache-hits: 0

GET
H2

200

xuid
eb2.3lift.com/ Frame D3C0
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent=
https://eb2.3lift.com/xuid?mid=3335&xuid=7851095513005621819&dongle=4d58&gdpr=1&gdpr_consent=

37 B
352 B

11ms
11ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=3335&xuid=7851095513005621819&dongle=4d58&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=55043
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:30 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma: no-cache
Date: Mon, 27 Dec 2021 01:26:30 GMT
X-Proxy-Origin: 185.213.155.166; 185.213.155.166; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: edf6666f-1efd-4419-b8f9-760ba167766d
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://eb2.3lift.com/xuid?mid=3335&xuid=7851095513005621819&dongle=4d58&gdpr=1&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK 1c1wx3ge11rm Show response
hal9000.redintelligence.net/zone/ Frame 1921 10 KB
3 KB 61ms
17ms Script
text/html 138.201.63.116
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/1c1wx3ge11rm?subid=&gdpr=0&gdpr_consent=&rnd=1624633177335014892&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:ss6&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D1624633177335014892%26mt_id%3D9690035%26mt_adid%3D215543%26mt_sid%3D9955993%26mt_exid%3D62%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dd07061c9-1645-4a00-b232-e2ae32532fe8%26mt_cid%3Dd07061c9-1645-4a00-b232-e2ae32532fe8%26redirect%3D
Requested by: Host: www.urbandictionary.com
URL: https://www.urbandictionary.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.116 Hockenheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.116.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 59a9fd5d93c0b214c527cbc7d807c444f3cde5f6ffe12e5dd7d9ccda75c9fd3e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 27 Dec 2021 01:26:30 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 2849
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK img
pixel.mathtag.com/event/ Frame 1921 43 B
404 B 73ms
26ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=62&v2=1624633177335014892&v3=1040879&v4=9955993&v5=9690035&mt_nsync=1&no_attr=1
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=gor&s_exch=ss6&id=5aW95q2jLzIzLyAvTkRsa05HUTRNRGt0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzE2MjQ2MzMxNzczMzUwMTQ4OTIvOTY5MDAzNS85OTU1OTkzLzYyL2JRcmVaV2xuS2YwaTV3dUhxeU40VE1FeU9GZTVUV1RiVkhyV05FalViNFkvMS82Mi8wLzAvMTczNDk0NS8zMTE3NzgzOTc0LzIxNTU0My8xMDQwODc5LzEvMC8wL01EQXdNREF3TURBdE1EQXdNQzB3TURBd0xUQXdNREF0TURBd01EQXdNREF3TURBdy8wLzAvMC8wLzAvMTYyNDYzMzE3NzMzNTAxNDg5Mi96cmgvMC8xMDAxMC80NC85OTkvMjU4LzE4NS4yMTMuMTU1LjAvMC4wMDAvMTY0MDU2ODM4OC8xNjQwNTgwOTg4LzYyLzMwMzAv/004Hrfog4dH1MhjVeIvIXUvZM60&nodeid=2801&group=zrh&auctionid=1624633177335014892&shardkey=1624633177335014892&sid=9955993&cid=9690035&price=0.259&bp=a_cfjjig&nfy_act=LD5wfnw&type=adm&client=c2s&bfip=185.29.133.161
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 4133 baa842e master cdg-pixel-x1 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 27 Dec 2021 01:26:30 GMT
Server: MT3 4133 baa842e master cdg-pixel-x1 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 27 Dec 2021 01:26:29 GMT

GET
H/1.1 200
OK img
tags.mathtag.com/event/ Frame 1921 49 B
330 B 56ms
25ms Image
image/gif 185.29.134.249
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/event/img?type=mmImpTrack&exch=ss6&bid=1624633177335014892&st=9955993&time=1640568389&nodeid=2801
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=gor&s_exch=ss6&id=5aW95q2jLzIzLyAvTkRsa05HUTRNRGt0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzE2MjQ2MzMxNzczMzUwMTQ4OTIvOTY5MDAzNS85OTU1OTkzLzYyL2JRcmVaV2xuS2YwaTV3dUhxeU40VE1FeU9GZTVUV1RiVkhyV05FalViNFkvMS82Mi8wLzAvMTczNDk0NS8zMTE3NzgzOTc0LzIxNTU0My8xMDQwODc5LzEvMC8wL01EQXdNREF3TURBdE1EQXdNQzB3TURBd0xUQXdNREF0TURBd01EQXdNREF3TURBdy8wLzAvMC8wLzAvMTYyNDYzMzE3NzMzNTAxNDg5Mi96cmgvMC8xMDAxMC80NC85OTkvMjU4LzE4NS4yMTMuMTU1LjAvMC4wMDAvMTY0MDU2ODM4OC8xNjQwNTgwOTg4LzYyLzMwMzAv/004Hrfog4dH1MhjVeIvIXUvZM60&nodeid=2801&group=zrh&auctionid=1624633177335014892&shardkey=1624633177335014892&sid=9955993&cid=9690035&price=0.259&bp=a_cfjjig&nfy_act=LD5wfnw&type=adm&client=c2s&bfip=185.29.133.161
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.249 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.210.4 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 27 Dec 2021 01:26:30 GMT
Server: MMBD/3.210.4
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: cdg-router-x86, zrh-bidder-x156
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Mon, 27 Dec 2021 01:26:29 GMT

GET
H/1.1 200
OK js Show response
sync.mathtag.com/sync/ Frame 1921 1 KB
1021 B 18ms
16ms Script
text/javascript 185.29.134.244
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.mathtag.com/sync/js?sync=auto&source=bidder&mt_lim=2&type=1,2
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=gor&s_exch=ss6&id=5aW95q2jLzIzLyAvTkRsa05HUTRNRGt0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzE2MjQ2MzMxNzczMzUwMTQ4OTIvOTY5MDAzNS85OTU1OTkzLzYyL2JRcmVaV2xuS2YwaTV3dUhxeU40VE1FeU9GZTVUV1RiVkhyV05FalViNFkvMS82Mi8wLzAvMTczNDk0NS8zMTE3NzgzOTc0LzIxNTU0My8xMDQwODc5LzEvMC8wL01EQXdNREF3TURBdE1EQXdNQzB3TURBd0xUQXdNREF0TURBd01EQXdNREF3TURBdy8wLzAvMC8wLzAvMTYyNDYzMzE3NzMzNTAxNDg5Mi96cmgvMC8xMDAxMC80NC85OTkvMjU4LzE4NS4yMTMuMTU1LjAvMC4wMDAvMTY0MDU2ODM4OC8xNjQwNTgwOTg4LzYyLzMwMzAv/004Hrfog4dH1MhjVeIvIXUvZM60&nodeid=2801&group=zrh&auctionid=1624633177335014892&shardkey=1624633177335014892&sid=9955993&cid=9690035&price=0.259&bp=a_cfjjig&nfy_act=LD5wfnw&type=adm&client=c2s&bfip=185.29.133.161
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.244 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MT3 4133 baa842e master cdg-pixel-x26 config:1.0.0 /
Resource Hash: bab2c4f074cec2704d21d736d3bbb3837e39bc38cfc2db07ec7966c68f1b88b6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 27 Dec 2021 01:26:30 GMT
Content-Encoding: gzip
Server: MT3 4133 baa842e master cdg-pixel-x26 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: close
Content-Type: text/javascript
Expires: Mon, 27 Dec 2021 01:26:29 GMT

GET
DATA 200
OK truncated
/ Frame E02B 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d96b28f40ec76b63ec65ef0e1a28bd714c82391efc4c968ea0d6561f8ac20c66

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E02B 0
0 125ms
76ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstWiea98AFKDzLEhG_Z2D3GBCOPWNq6Som9IX7BN4YPCUSOQ_QIamiP6DFpk95JLEOMxf52je5k8LmsBMuUR5w62DJmPvGBDOX-50dqDZb5nr8KCTH30KRCxYqTrIZgpT686wMeP2AuNg7Nk8JmThvdej_U1hZY-SUcGiRlJiS1kr9WJJCKMWa58WCZ5ILzWX-9cHU0UbEuGXDHZioTeKr84qXTxDYATBb9_c2TaurK9JjYMc8fISLqOEJYpv2FXEWCRMaXDfj3vUmo7_KnP0wv2PXDcvC7zShpCrwoJYoFXTAarv2wENpMLATlCBVKuJ9UtwqRHqr_ThxnDQ&sai=AMfl-YQYTLyf1Z1eQ8T0fcjzJd7ZYiaebO6_jgAIja8GaueQK-RzCNOiAOsHMON0DrqZGqaGF1UZyNz1ifWhgxNOFXVlN9Wf8PYC5_8bo4QpeBQmHKyLHEsTJ5mor-Ll0oix&sig=Cg0ArKJSzHoviOdM464HEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Dec 2021 01:26:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 27 Dec 2021 01:26:30 GMT

GET
H/1.1 200
OK s013g5sbr739 Show response
hal9000.redintelligence.net/zone/ Frame F67A 10 KB
3 KB 47ms
17ms Script
text/html 138.201.63.116
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/s013g5sbr739?subid=&gdpr=0&gdpr_consent=&rnd=471711672728167935&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:ss6&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D471711672728167935%26mt_id%3D9690033%26mt_adid%3D215543%26mt_sid%3D9955993%26mt_exid%3D62%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dd07061c9-1645-4a00-b232-e2ae32532fe8%26mt_cid%3Dd07061c9-1645-4a00-b232-e2ae32532fe8%26redirect%3D
Requested by: Host: www.urbandictionary.com
URL: https://www.urbandictionary.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.116 Hockenheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.116.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 856fb62eb0cec024187dafc2edcd7097c9c74633f4de9444660c6b0e19119b98

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 27 Dec 2021 01:26:30 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 2851
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK img
pixel.mathtag.com/event/ Frame F67A 43 B
404 B 47ms
27ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=62&v2=471711672728167935&v3=1040879&v4=9955993&v5=9690033&mt_nsync=1&no_attr=1
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=gor&s_exch=ss6&id=5aW95q2jLzIzLyAvTkRsa05HUTRNRGt0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzQ3MTcxMTY3MjcyODE2NzkzNS85NjkwMDMzLzk5NTU5OTMvNjIvYlFyZVpXbG5LZjBpNXd1SHF5TjRUTFBBcUlOZzZvdXR0MzZReHBjcEVENC8xLzYyLzAvMC8xNzM0OTQ1LzMxMTc3ODM5NzQvMjE1NTQzLzEwNDA4NzkvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC80NzE3MTE2NzI3MjgxNjc5MzUvenJoLzAvMTAwMTAvNDQvOTk5LzI1OC8xODUuMjEzLjE1NS4wLzAuMDAwLzE2NDA1NjgzODgvMTY0MDU4MDk4OC82Mi8zMDMwLw/PHvuCZ7DJktQDzS9Y2ZVB2UIeJM&nodeid=2801&group=zrh&auctionid=471711672728167935&shardkey=471711672728167935&sid=9955993&cid=9690033&price=0.259&bp=a_cfjjig&nfy_act=LD5wfnw&type=adm&client=c2s&bfip=185.29.135.136
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 4133 baa842e master zrh-pixel-x8 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 27 Dec 2021 01:26:30 GMT
Server: MT3 4133 baa842e master zrh-pixel-x8 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 27 Dec 2021 01:26:29 GMT

GET
H/1.1 200
OK img
tags.mathtag.com/event/ Frame F67A 49 B
330 B 64ms
35ms Image
image/gif 185.29.134.249
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/event/img?type=mmImpTrack&exch=ss6&bid=471711672728167935&st=9955993&time=1640568389&nodeid=2801
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=gor&s_exch=ss6&id=5aW95q2jLzIzLyAvTkRsa05HUTRNRGt0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzQ3MTcxMTY3MjcyODE2NzkzNS85NjkwMDMzLzk5NTU5OTMvNjIvYlFyZVpXbG5LZjBpNXd1SHF5TjRUTFBBcUlOZzZvdXR0MzZReHBjcEVENC8xLzYyLzAvMC8xNzM0OTQ1LzMxMTc3ODM5NzQvMjE1NTQzLzEwNDA4NzkvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC80NzE3MTE2NzI3MjgxNjc5MzUvenJoLzAvMTAwMTAvNDQvOTk5LzI1OC8xODUuMjEzLjE1NS4wLzAuMDAwLzE2NDA1NjgzODgvMTY0MDU4MDk4OC82Mi8zMDMwLw/PHvuCZ7DJktQDzS9Y2ZVB2UIeJM&nodeid=2801&group=zrh&auctionid=471711672728167935&shardkey=471711672728167935&sid=9955993&cid=9690033&price=0.259&bp=a_cfjjig&nfy_act=LD5wfnw&type=adm&client=c2s&bfip=185.29.135.136
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.249 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.210.4 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 27 Dec 2021 01:26:30 GMT
Server: MMBD/3.210.4
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: cdg-router-x87, zrh-bidder-x156
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Mon, 27 Dec 2021 01:26:29 GMT

GET
H/1.1 200
OK js Show response
sync.mathtag.com/sync/ Frame F67A 1 KB
1021 B 18ms
17ms Script
text/javascript 185.29.134.244
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.mathtag.com/sync/js?sync=auto&source=bidder&mt_lim=2&type=1,2
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=gor&s_exch=ss6&id=5aW95q2jLzIzLyAvTkRsa05HUTRNRGt0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzQ3MTcxMTY3MjcyODE2NzkzNS85NjkwMDMzLzk5NTU5OTMvNjIvYlFyZVpXbG5LZjBpNXd1SHF5TjRUTFBBcUlOZzZvdXR0MzZReHBjcEVENC8xLzYyLzAvMC8xNzM0OTQ1LzMxMTc3ODM5NzQvMjE1NTQzLzEwNDA4NzkvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC80NzE3MTE2NzI3MjgxNjc5MzUvenJoLzAvMTAwMTAvNDQvOTk5LzI1OC8xODUuMjEzLjE1NS4wLzAuMDAwLzE2NDA1NjgzODgvMTY0MDU4MDk4OC82Mi8zMDMwLw/PHvuCZ7DJktQDzS9Y2ZVB2UIeJM&nodeid=2801&group=zrh&auctionid=471711672728167935&shardkey=471711672728167935&sid=9955993&cid=9690033&price=0.259&bp=a_cfjjig&nfy_act=LD5wfnw&type=adm&client=c2s&bfip=185.29.135.136
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.244 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MT3 4133 baa842e master cdg-pixel-x27 config:1.0.0 /
Resource Hash: bab2c4f074cec2704d21d736d3bbb3837e39bc38cfc2db07ec7966c68f1b88b6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 27 Dec 2021 01:26:30 GMT
Content-Encoding: gzip
Server: MT3 4133 baa842e master cdg-pixel-x27 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: close
Content-Type: text/javascript
Expires: Mon, 27 Dec 2021 01:26:29 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame F4A0 624 B
733 B 136ms
49ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYiKbFlQEwAQ&v=APEucNXqUVt1RY39mE5Nj1HQAo7OMWJepP0hx5i90DbqM8B_FRvN5V70ONzJNtnnGZKhMs-RluAdm1YU7KiZbGRb3oFRADVOPSDRsqz5G_doLgtSA_msVDK970VwrwRyFnxfj8OHzeZs0-6qpl5KAAnn5S9ShNe8QzCB9SL3mL7E8mZFF-xpDmA

Requested by

Host: cf946a16b6dc5b3b3a7f8207ac7c9a78.safeframe.googlesyndication.com
URL: https://cf946a16b6dc5b3b3a7f8207ac7c9a78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cf946a16b6dc5b3b3a7f8207ac7c9a78.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 27 Dec 2021 01:26:30 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame C341 24 KB
14 KB 154ms
68ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BX9jRIWJSVtUakgVuaPbvZFeyD_iiPnxrL09Q5UqEboB_k6GFRTyFoqeiklZ8qpgpSR6QWNoD-NQjC5fWpcwQf1pfXEC8t8L4WxkdVW7hsD5fifEXrle-kiIVFF-_FO5eOs2FPr6h9b1TtrTdoOUHHwYPAQw&cry=1&dbm_d=AKAmf-Byj7jCgYXDUZLEIThXt5PdqpE9CMRFwN0x1dgheORVGMnkhD0BixYhpkWY0DDwz5J9258g8GHAg5I46aiKe5yZjfrqBUPZRSzsmF6WHje6a0VyHjFvzbalJohQdShEwejEJb7amNe6LKUZCZLW4pCCgg_2BRIgdWrzPwIQqtHVGtkf0qWP0TcfpD9D5HN793q36GrfhtDvC8EEf0uVVUpZZGRyk7YHkEuhXJBEB-hx7v4mP2VfyhKc1hGxEqv4KkCTdbjL74S1UV_LwzORv19-zWZMQUp12JiuwW-lop4RdNNgQAqJCbHYvjRnbmGX1edGhXsUApUw3A8Wdm9eZCc_Us5epDS_p0YWMltdKkn3AQu0E7uiitFahC80KXnnL_WRElkpow-wFezGKhXzIiG_5e5ErdbLKo60_QLNUIeweRJ-TtjadOztWbfI0ADoA-X5BECZBshVANDO1Y5pxxB0dB6Pz4_8kg2yiqDtMc5y-2Se3Mu5yZhR6EDtt1EU2wqO7BQjCIf18jejb6gAZpGUhyIP61tUCxGZDgkeXqju5P7JHa18uFalE4wGWmrCGaptruuaQJR0Elip11OGu1taSgy3m9BwUhWzSZtWDgzI3tGtOMKCtnDsjMuXy4QvB4Cs5GrV0GCNCQsz9oIQZAld0JcO4L8P6wT3iR20PofqMCbe2_CrRvY9uAnyFrWB4xY8OLjtfGBLGz_nNZvW7jE-cCfxiPM2hNMQ61Gaz9tOXZLTYk47D8ys6INOEFXmslLl89zeALwTf9tGR3puJAb8_vhrW_h62WeVoLWXYaMhdP7PhN1n200I9ikro5xnE4-kk5BRhq6qiW2SbhmpF1DYYfysQz4OBpw7KQ4TqOeMyN_iJIjXR-_nuQO0f58o8crJPVe2nwp-04jmBQScRLZrurVFa7kSCgeuBpDtKxnRqDa3SQOYfFfhCpFfmSdB3Tr8FeFpOJEW8NuIhfZlAid0sPHj1U8XqOhiK4Ivz_KA_er8rsX1p5iuN9UpBNclczKfx6b4lETxh_H8RV_E4S9xGQOrN7KaZi4u0_0YU7uUIxXDqlPpekdru2s5siGHSDzjEdPej1xH7fOCnqExBYj9x4sUpmzwSboELo1x7RTaLyxWt_QE2n7uxteGm1Me8i4spmwoCgXtTQvCoEvq8GeHxBB4-uNhWyvAqeOeXVvtp75l1QpT5MBLkADtPQyFYGrWml8fFTGRSaYUcsBz--0Z_z1k5LUXlDJRulBWRUwtfNiCKwpezbOmaJCnA2rLSmhT_M3gZK6G1rKiJQm9adZNYPuRMV2oSvMMXzOkuXoAcC98PzEI0aeaSXRI6iSDv9RcZfa9p4laLxZCug3MVkuKvekq5zoNVqAcU7kX3orFYC5j2t5aw_xH7TeH97EVdCfMZe0aw8bIZId9ZZcbvVMz8ijgZoZmTsKmCuysQBukZjMLBRqGOqhYCzqXuZ4W9Bq_HbMiOhyYKfc0HO96KRkZldSvXNNSlui1x1YIfNtmBLp9eZ2w86LdwW1LOaBP7YFOoBzIeCfSeeTH0KcBo_aK4pRyWgoSpF2e21xA2y2DsEtyk3xuQ0IwRVl3NbsBvnIkyTFdZVAVteaqboJUrHLvbyAyaUTVJMkpeCYXGHz9B537_ngO0lcu6WcFXGWKzjMxUPGvi-joBX3KWORjeqA3Yybn6VuwKqp-eESYI2oYke8cWuWIyFYoTymTjCV5BSAQEZHKQ6Sd07QOVjgYzr0QliF4PKftK5jNREYqjAyqAMmYlHOPxgwvHupnQYD0oNWDOIz5l-r5plp7iMo_TyOiB4txUis9SVJ7M3K7eiRU9gMkvnLzb6f0g--jW-iRAFnw5LVIgxa0jD1LA5pnyM9Q0loipidDuQBm8okhPpu43aM_Kc3vP3_VsMUQlzPfdiGGMjA-8IzthbqbEQYUxz-cxckrOSi_-S0M2OxcU2cqRXVfIsQ6Qk3on5_kRZjnCj11l2YAXTMjxEK0PglQUcW6WVnbTvu_pRTqiewTk9spWn4-PNoyyGiY8qfbZaxe8MXVVFDyLlOz7GFnTretLYDgoJ_zVsuprUlbm0vVI9J4s0NQq5bxZt1aZQK8RR5X1ZK5BDxsmUBZmU00Fsw1UtmBup8ADr0s55mDFEZ-ebM8S8SckYdg2GHH1LRJhj_hT-VWCBmpkAhyf_oMCDdMXnCryhzVqhw_kLQSZa3F6wVa7orQYqeyNK7GGoivmEDhuOOw2wTh9TaENW35zvCeNDfqDqCcrwaKT1CIDaWYEs9SYcza9lTxoxtdC4xlO3CoVLQGYWupqSdFd2Och0I5XzeEKimuUfSbXOVsWIdeA7grckRQysOW_OmzD6_s9NOnjcCdQ9ywq80ERfqWyCXAOBqFjsR2rNvmsUERVW6DVLY5qDzNOCUMtUOpW9WV7kOKmvwNcVe3DtFrGE8XSfQiDBy1Z68Rb4StW1lREgU8LA3vqQF61J2mlbXbptSsQ63Om1-U_w0EvuWh25vFAlnHKVXDE14H_-poszYJDc0EDJel6Vehb4mUP2_VG6prDayKITtM-h9aVrM4wW_iUmmUWFkknj9KDGxgwnbuaDcUlvb-0hYt1Q-uHoYy0MAkHBCiw__wkNqMpl0Xl6am2p_XrKhrHzFkxMLRgYOWKZWTMUmaHpnrGtz4zAeNqXTmdZUS_0X7nYtcBi9bp8WFTj_iVLR09XAVNyO_9FVOjJAb_mi4wdQO25JvzhhsTlHWeqOBHtMYlfbSTLz3R6mqwa9PLQp2Au10MZKchK_eWmH5iIsxRYWYCiVX2nJCHRrJSEfxYvtXjR3-mFW8rtE4xGl2mBe7yiva50sWlWORVjirsPuvXmtiuEuPLv3kSMjVitJ4avAvyOMN8xbE6Zaqx-iHieJ1BxUmfrLunBi6tkiVjGQwY6UUHKif810looMPieugDMc5yJcbqSZxq1TYNE4m4audpXG2cU63twPnVecJG05ga71YH-ypomHo5OqilnsktCA_nOfSHjSjKmIE5T_p6iL0-jmg58PEop0iAf8RORMiatWHkC80eAgPKsvKLD0BHUJwJGfYp5VVU9aMw8LUd7F15VSh6iH_0XZBB8shRU2cxzleF4j8MFQfACjQOqVZlqusPF-Bm_ees05Wjq6WJM7yZV6hg4ELqpYNwzx6pwkOTjeiIVUys-6mpCU2TmK6r6BznOo6tPmTSrQmdNW8XlwJreVpL1XSImdzE7udDqxoZHcq1EE&cid=CAASEuRolIWys_dDHTE1ZmVMr0mpCA&rfl=1%2Chttps%253A%252F%252Fwww.urbandictionary.com%252F%240

Requested by

Host: www.urbandictionary.com
URL: https://www.urbandictionary.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8f1fcb43e1d166a76248462ef363e20e96044c8e4b565553a84e873724b7b4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cf946a16b6dc5b3b3a7f8207ac7c9a78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:30 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14025
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame C341 42 B
63 B 73ms
72ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Da4MN4OelzkNkXePSnWkxWBcPUOT1vJTVCcYaA258Lr77_VJOsnrHVN_ZJc3GGC82XT5TmtnatVin6F-HJlKyDnzGZT85i06rq75nrFaQx2u-NNN0

Requested by

Host: cf946a16b6dc5b3b3a7f8207ac7c9a78.safeframe.googlesyndication.com
URL: https://cf946a16b6dc5b3b3a7f8207ac7c9a78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cf946a16b6dc5b3b3a7f8207ac7c9a78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame C341 2 KB
1 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js

Requested by

Host: cf946a16b6dc5b3b3a7f8207ac7c9a78.safeframe.googlesyndication.com
URL: https://cf946a16b6dc5b3b3a7f8207ac7c9a78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cf946a16b6dc5b3b3a7f8207ac7c9a78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 00:58:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1658
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 Jan 2022 00:58:52 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame C341 15 KB
6 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: cf946a16b6dc5b3b3a7f8207ac7c9a78.safeframe.googlesyndication.com
URL: https://cf946a16b6dc5b3b3a7f8207ac7c9a78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cf946a16b6dc5b3b3a7f8207ac7c9a78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:03:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1383
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6464
x-xss-protection: 0
server: cafe
etag: 15715955993838318253
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 Jan 2022 01:03:27 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C341 119 KB
36 KB 50ms
49ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: cf946a16b6dc5b3b3a7f8207ac7c9a78.safeframe.googlesyndication.com
URL: https://cf946a16b6dc5b3b3a7f8207ac7c9a78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cf946a16b6dc5b3b3a7f8207ac7c9a78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 27 Dec 2021 01:26:30 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame 44E1
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent=
https://eb2.3lift.com/xuid?mid=3335&xuid=7851095513005621819&dongle=4d58&gdpr=1&gdpr_consent=

37 B
352 B

15ms
9ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=3335&xuid=7851095513005621819&dongle=4d58&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=60499
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:30 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma: no-cache
Date: Mon, 27 Dec 2021 01:26:30 GMT
X-Proxy-Origin: 185.213.155.166; 185.213.155.166; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: c386d192-614a-4671-9037-266215c9d48c
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://eb2.3lift.com/xuid?mid=3335&xuid=7851095513005621819&dongle=4d58&gdpr=1&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

ebda
eb2.3lift.com/ Frame 44E1
Redirect Chain

https://eb2.3lift.com/ebda?sync=1
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTYzNDA1NDE2MDk1MzM2OTU3OQ%3D%3D
https://eb2.3lift.com/ebda?gdpr=1&gdpr_consent=

37 B
139 B

8ms
8ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/ebda?gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=60499
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:30 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:30 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://eb2.3lift.com/ebda?gdpr=1&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 248
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame 44E1
Redirect Chain

https://match.prod.bidr.io/cookie-sync/trl
https://match.prod.bidr.io/cookie-sync/trl?_bee_ppp=1
https://eb2.3lift.com/xuid?mid=7255&xuid=AAJ9cE7Dki0AAEGbwiCDSw&dongle=bzwx

37 B
352 B

9ms
9ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=7255&xuid=AAJ9cE7Dki0AAEGbwiCDSw&dongle=bzwx
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=60499
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:30 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://eb2.3lift.com/xuid?mid=7255&xuid=AAJ9cE7Dki0AAEGbwiCDSw&dongle=bzwx
Date: Mon, 27 Dec 2021 01:26:30 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

GET
H2 204 current
triplelift-match.dotomi.com/match/bounce/ Frame 44E1 0
104 B 127ms
25ms Image
text/plain 2a02:fa8:8806:13::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://triplelift-match.dotomi.com/match/bounce/current?networkId=74572&version=1&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=60499
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:30 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame 44E1 43 B
220 B 10ms
9ms Image
image/gif 18.197.42.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=triplelift&user_id=9634054160953369579&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=60499
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.197.42.49 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-42-49.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 27 Dec 2021 01:26:30 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2

200

xuid
eb2.3lift.com/ Frame 44E1
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=83&gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=3646&xuid=no-consent&dongle=1fa5&gdpr=1&gdpr_consent=

37 B
352 B

10ms
10ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=3646&xuid=no-consent&dongle=1fa5&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=60499
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:30 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:29 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://eb2.3lift.com/xuid?mid=3646&xuid=no-consent&dongle=1fa5&gdpr=1&gdpr_consent=
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET triplelift
sync.hgrtb.com/ Frame 44E1 0
0

GET
H2

200

xuid
eb2.3lift.com/ Frame 44E1
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=triplelift&gdpr=1&gdpr_consent=
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=triplelift&gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=4945&xuid=4046931d-97d2-47b7-83b5-8b82791855f9&dongle=31ac

37 B
352 B

10ms
9ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=4945&xuid=4046931d-97d2-47b7-83b5-8b82791855f9&dongle=31ac
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=60499
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:30 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location: //eb2.3lift.com/xuid?mid=4945&xuid=4046931d-97d2-47b7-83b5-8b82791855f9&dongle=31ac
Date: Mon, 27 Dec 2021 01:26:30 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2

200

xuid
eb2.3lift.com/ Frame 44E1
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=13&gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2319&xuid=0-d202834d-822c-4223-75f8-feb98a0023fe$ip$185.213.155.166&dongle=4430

37 B
352 B

10ms
10ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2319&xuid=0-d202834d-822c-4223-75f8-feb98a0023fe$ip$185.213.155.166&dongle=4430
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=60499
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:30 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location: https://eb2.3lift.com/xuid?mid=2319&xuid=0-d202834d-822c-4223-75f8-feb98a0023fe$ip$185.213.155.166&dongle=4430
Date: Mon, 27 Dec 2021 01:26:30 GMT
Connection: keep-alive
Content-Length: 141
Content-Type: text/html; charset=utf-8

GET
H2

200

xuid
eb2.3lift.com/ Frame 2708
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?https://eb2.3lift.com/xuid?mid=3702&xuid=${ADELPHIC_CUID}&dongle=d54f&gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=3702&xuid=04edea56-66b4-11ec-b373-216702a4ec2c&dongle=d54f&gdpr=1&gdpr_consent=

37 B
352 B

10ms
10ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=3702&xuid=04edea56-66b4-11ec-b373-216702a4ec2c&dongle=d54f&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=59735
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:30 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location: https://eb2.3lift.com/xuid?mid=3702&xuid=04edea56-66b4-11ec-b373-216702a4ec2c&dongle=d54f&gdpr=1&gdpr_consent=
Date: Mon, 27 Dec 2021 01:26:30 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Content-Length: 0
X-CI-RTID: 04edea57-66b4-11ec-b373-216702a4ec2c

GET
H/1.1 200
OK cookiesync
bttrack.com/pixel/ Frame 2708 35 B
380 B 101ms
101ms Image
image/gif 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bttrack.com/pixel/cookiesync?source=3a66d299-1ebd-4293-884e-8e6f36dc1a6a&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=59735
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

X-ServerName: Track004-dc3
Pragma: no-cache
Date: Mon, 27 Dec 2021 01:26:29 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control: private,no-cache
Content-Type: image/gif
Content-Length: 35
Expires: -1

GET
H2

200

xuid
eb2.3lift.com/ Frame 2708
Redirect Chain

https://um.simpli.fi/triplelift
https://eb2.3lift.com/xuid?mid=7969&xuid=F0773C369512422CA412DB672A018B81&dongle=yf3

37 B
352 B

10ms
10ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=7969&xuid=F0773C369512422CA412DB672A018B81&dongle=yf3
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=59735
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:30 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date: Mon, 27 Dec 2021 01:26:30 GMT
x-content-type-options: nosniff
server: nginx
location: https://eb2.3lift.com/xuid?mid=7969&xuid=F0773C369512422CA412DB672A018B81&dongle=yf3
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Sun, 26 Dec 2021 01:26:30 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame 2708
Redirect Chain

https://cms.quantserve.com/pixel/p-VtN-a_yLd-GB-.gif?idmatch=0&gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?gdpr=1&mid=5316&dongle=fa68&xuid=4z0b0-Q6TNn4NBrf5DtVjLNtQNn4PEzf4jSzfPUc

37 B
352 B

10ms
10ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?gdpr=1&mid=5316&dongle=fa68&xuid=4z0b0-Q6TNn4NBrf5DtVjLNtQNn4PEzf4jSzfPUc
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=59735
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:30 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:30 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://eb2.3lift.com/xuid?gdpr=1&mid=5316&dongle=fa68&xuid=4z0b0-Q6TNn4NBrf5DtVjLNtQNn4PEzf4jSzfPUc
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame 2708
Redirect Chain

https://pm.w55c.net/ping_match.gif?st=TRIPLELIFT&rurl=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D6019%26xuid%3D_wfivefivec_%26dongle%3D465e%26gdpr=1%26gdpr_consent=
https://pm.w55c.net/ping_match.gif?scc=1&st=TRIPLELIFT&rurl=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D6019%26xuid%3D_wfivefivec_%26dongle%3D465e%26gdpr=1%26gdpr_consent=
https://eb2.3lift.com/xuid?mid=6019&xuid=oF0iMr0b1N1EMu5&dongle=465e&gdpr=1&gdpr_consent=

37 B
352 B

9ms
8ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=6019&xuid=oF0iMr0b1N1EMu5&dongle=465e&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=59735
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:30 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma: no-cache
Date: Mon, 27 Dec 2021 01:26:29 GMT
Server: PingMatch/v2.0.30-693-g87a8e09#rel-ec2-master i-007d40ea11cf721ba@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Location: https://eb2.3lift.com/xuid?mid=6019&xuid=oF0iMr0b1N1EMu5&dongle=465e&gdpr=1&gdpr_consent=
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

iu3
aax-eu.amazon-adsystem.com/s/ Frame 2708
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=9634054160953369579
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=9634054160953369579&dcc=t

0
0

31ms
31ms

Image
text/html

52.95.119.178
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=9634054160953369579&dcc=t
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=59735
Protocol: HTTP/1.1
Server: 52.95.119.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Redirect headers

Pragma: no-cache
Date: Mon, 27 Dec 2021 01:26:30 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: JJRXASWWBZXTEEEB45FW
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=9634054160953369579&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK CookieSyncTripleLift&gdpr=1&gdpr_consent=
rtb.adentifi.com/ Frame 2708 0
88 B 392ms
95ms Image
text/plain 54.172.254.117
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.adentifi.com/CookieSyncTripleLift&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=59735
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.172.254.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-172-254-117.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 0
Content-Type: text/plain

GET
H2

200

value=9634054160953369579
sasinator.realestate.com.au/rea/lserver/setid/external=TRIPLELIFT/ Frame 2708
Redirect Chain

https://sasinator.realestate.com.au/rea/setid/external=TRIPLELIFT/value=9634054160953369579
https://sasinator.realestate.com.au/rea/lserver/setid/external=TRIPLELIFT/value=9634054160953369579

43 B
520 B

284ms
284ms

Image
image/gif

13.55.197.144
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sasinator.realestate.com.au/rea/lserver/setid/external=TRIPLELIFT/value=9634054160953369579
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=59735
Protocol: H2
Server: 13.55.197.144 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-55-197-144.ap-southeast-2.compute.amazonaws.com
Software: Match/6746.951ce71a0a35ad7e2d494abcb2967a645bc00ccb (i-02247cdb681267c68) /
Resource Hash: 82e400c090fb5260267fa339b115e8fe2cb3171303e252844d9756f252f39099

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:31 GMT
server: Match/6746.951ce71a0a35ad7e2d494abcb2967a645bc00ccb (i-02247cdb681267c68)
p3p: CP="NOI NID ADMa PSAa OUR BUS COM NAV"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: image/gif
content-length: 43
expires: -1

Redirect headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:30 GMT
server: Match/6746.951ce71a0a35ad7e2d494abcb2967a645bc00ccb (i-00921a310b4c21ba5)
p3p: CP="NOI NID ADMa PSAa OUR BUS COM NAV"
location: https://sasinator.realestate.com.au/rea/lserver/setid/external=TRIPLELIFT/value=9634054160953369579
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
expires: -1

GET
H2 403 match
c1.adform.net/serving/cookie/ Frame 2708 0
330 B 22ms
20ms Image
text/plain 37.157.4.24
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1245&gdpr=1&gdpr_consent=

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=59735

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:30 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

xuid
eb2.3lift.com/ Frame 2708
Redirect Chain

https://us.creativecdn.com/cm-notify?pi=triplelift&gdpr=1&gdpr_consent=
https://us.creativecdn.com/cm-notify?pi=triplelift&gdpr=1&gdpr_consent=&tc=1
https://eb2.3lift.com/xuid?mid=6547&xuid=kbsWX51QyvTzy9vu2Kyx&dongle=45fg&pi=triplelift&gdpr_consent=&gdpr=1&tc=1

37 B
352 B

9ms
9ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=6547&xuid=kbsWX51QyvTzy9vu2Kyx&dongle=45fg&pi=triplelift&gdpr_consent=&gdpr=1&tc=1
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=59735
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:30 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://eb2.3lift.com/xuid?mid=6547&xuid=kbsWX51QyvTzy9vu2Kyx&dongle=45fg&pi=triplelift&gdpr_consent=&gdpr=1&tc=1
pragma: no-cache
date: Mon, 27 Dec 2021 01:26:30 GMT, Mon, 27 Dec 2021 01:26:30 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 Standard Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/.gSBgiDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/ Frame E02B 86 KB
37 KB 28ms
28ms Script
text/javascript 37.157.2.248
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/.gSBgiDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 4e1e3534cd3dc977db196bf47b9c20924218aa39a5db8181261b4429f40b56bb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:30 GMT
content-encoding: gzip
last-modified: Wed, 01 Dec 2021 14:23:05 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Tue, 28 Dec 2021 04:26:57 GMT

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame 9BD1 6 KB
3 KB 21ms
20ms Script
text/javascript 37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?bn=52094793;rtbwp=0.694;rtbdata=e-4gecWcpwZeEPrn_KTIxrG_5RRah7r5QiS3GKqXqmOC37wfCqGTQAVnUETmH6vVs33byewNVQxLETnJI_K-VNBXbqaWS4fSlfClTA81HMfi5fQe8Hd-3RmcmBPgNF2B-uwhqLb0_kbcrbiWeWGdweq2-AYdKcXDzAC0EYCAYcDFdOM0WuYcCDxdwmKqJ21BkT2YWOlhVtw4tePuzGrQNO52e1q5vkZJhS5EBIRnDWewtRT-rd04K9HepMWUDT0uZPSVCRcBPzE1;js=1;adfxid=2x;7520;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|0|0;fd=0|2&CREFURL=https%3A%2F%2Fwww.urbandictionary.com%2F

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

d8625de52840994c5e58be87bf9c157829c5689dc054ec6a2402e89d7b7a39f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:30 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 2536
expires: -1

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 694B 0
0 83ms
83ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2021120601&jk=2967380673806602&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H/1.1 204
No Content sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 1303 0
239 B 432ms
105ms Image
image/gif 8.43.72.98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=17632&us_privacy=1---&khaos=KXO026D2-15-3AUY
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/1032790.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 1c34e56f66d325760e494cbb7a93f50f
Content-Type: image/gif

GET
H/1.1

200
OK

request.php Show response
hal900021.redintelligence.net/ Frame 1921
Redirect Chain

https://hal900021.redintelligence.net/request.php?zone=1c1wx3ge11rm&nw=20&renderingType=javascript&namespace=9b4f9ee5cd&subid=&uid=dd908737cc3e8d32&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900021.redintelligence.net/request.php?zone=1c1wx3ge11rm&nw=20&renderingType=javascript&namespace=9b4f9ee5cd&subid=&uid=dd908737cc3e8d32&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

609 B
936 B

83ms
60ms

Script
application/x-javascript

144.76.238.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900021.redintelligence.net/request.php?zone=1c1wx3ge11rm&nw=20&renderingType=javascript&namespace=9b4f9ee5cd&subid=&uid=dd908737cc3e8d32&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Ass6&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D1624633177335014892%26mt_id%3D9690035%26mt_adid%3D215543%26mt_sid%3D9955993%26mt_exid%3D62%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dd07061c9-1645-4a00-b232-e2ae32532fe8%26mt_cid%3Dd07061c9-1645-4a00-b232-e2ae32532fe8%26redirect%3D&documentReferer=https%3A%2F%2Fwww.urbandictionary.com%2F&ancestorOrigins=https%3A%2F%2Fwww.urbandictionary.com%2Chttps%3A%2F%2Fwww.urbandictionary.com&random=3330225055849&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: www.urbandictionary.com
URL: https://www.urbandictionary.com/
Protocol: HTTP/1.1
Server: 144.76.238.55 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.55.238.76.144.clients.your-server.de
Software: Apache /
Resource Hash: fedb03c2e9347c6968d1a7e54d6dbdefbf2adbdc6bcc3d7b37522a370cdac968

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Dec 2021 01:26:30 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 15062700016109403891606011821021
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 330
Expires: Mon, 27 Dec 2021 01:26:30 +0100

Redirect headers

Pragma: no-cache
Date: Mon, 27 Dec 2021 01:26:30 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=1c1wx3ge11rm&nw=20&renderingType=javascript&namespace=9b4f9ee5cd&subid=&uid=dd908737cc3e8d32&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Ass6&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D1624633177335014892%26mt_id%3D9690035%26mt_adid%3D215543%26mt_sid%3D9955993%26mt_exid%3D62%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dd07061c9-1645-4a00-b232-e2ae32532fe8%26mt_cid%3Dd07061c9-1645-4a00-b232-e2ae32532fe8%26redirect%3D&documentReferer=https%3A%2F%2Fwww.urbandictionary.com%2F&ancestorOrigins=https%3A%2F%2Fwww.urbandictionary.com%2Chttps%3A%2F%2Fwww.urbandictionary.com&random=3330225055849&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Mon, 27 Dec 2021 01:26:30 +0100

GET
H3 200 f8gou5y2Dfq0zn72-W9hYw99gWviw2ua4IRi-orcC78.js Show response
pagead2.googlesyndication.com/bg/ Frame E7EA 35 KB
13 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/f8gou5y2Dfq0zn72-W9hYw99gWviw2ua4IRi-orcC78.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7fc828bb9cb60dfab4ce7ef6f96f61630f7d816be2c36b9ae08462fa8adc0bbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 22:19:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11213
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13559
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 26 Dec 2022 22:19:37 GMT

GET
H/1.1

200
OK

request.php Show response
hal900027.redintelligence.net/ Frame F67A
Redirect Chain

https://hal900027.redintelligence.net/request.php?zone=s013g5sbr739&nw=20&renderingType=javascript&namespace=c6d4b05393&subid=&uid=0d15e349801bac13&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900027.redintelligence.net/request.php?zone=s013g5sbr739&nw=20&renderingType=javascript&namespace=c6d4b05393&subid=&uid=0d15e349801bac13&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

613 B
938 B

378ms
355ms

Script
application/x-javascript

78.46.111.106
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900027.redintelligence.net/request.php?zone=s013g5sbr739&nw=20&renderingType=javascript&namespace=c6d4b05393&subid=&uid=0d15e349801bac13&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Ass6&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D471711672728167935%26mt_id%3D9690033%26mt_adid%3D215543%26mt_sid%3D9955993%26mt_exid%3D62%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dd07061c9-1645-4a00-b232-e2ae32532fe8%26mt_cid%3Dd07061c9-1645-4a00-b232-e2ae32532fe8%26redirect%3D&documentReferer=https%3A%2F%2Fwww.urbandictionary.com%2F&ancestorOrigins=https%3A%2F%2Fwww.urbandictionary.com%2Chttps%3A%2F%2Fwww.urbandictionary.com&random=6905593376757&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: www.urbandictionary.com
URL: https://www.urbandictionary.com/
Protocol: HTTP/1.1
Server: 78.46.111.106 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.106.111.46.78.clients.your-server.de
Software: Apache /
Resource Hash: b41186bb7937c339619e3598cdda08866874dc40627689f7526954effce24f63

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Dec 2021 01:26:30 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 25895100015161403891620011821027
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 332
Expires: Mon, 27 Dec 2021 01:26:30 +0100

Redirect headers

Pragma: no-cache
Date: Mon, 27 Dec 2021 01:26:30 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=s013g5sbr739&nw=20&renderingType=javascript&namespace=c6d4b05393&subid=&uid=0d15e349801bac13&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Ass6&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D471711672728167935%26mt_id%3D9690033%26mt_adid%3D215543%26mt_sid%3D9955993%26mt_exid%3D62%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dd07061c9-1645-4a00-b232-e2ae32532fe8%26mt_cid%3Dd07061c9-1645-4a00-b232-e2ae32532fe8%26redirect%3D&documentReferer=https%3A%2F%2Fwww.urbandictionary.com%2F&ancestorOrigins=https%3A%2F%2Fwww.urbandictionary.com%2Chttps%3A%2F%2Fwww.urbandictionary.com&random=6905593376757&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Mon, 27 Dec 2021 01:26:30 +0100

GET
H2 200 aut.js Show response
imagesrv.adition.com/js/ Frame 9BD1 9 KB
4 KB 39ms
10ms Script
application/javascript 217.79.188.60
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/js/aut.js
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.60 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 3efa652802615e33622d9ee6eee31f63db17602f1ef0f8a533ce0c58b3fb8114

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:30 GMT
content-encoding: br
last-modified: Thu, 21 Oct 2021 11:59:21 GMT
etag: "2308545366-br"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 3487

GET
H2 200 adition.js Show response
imagesrv.adition.com/js/ Frame 9BD1 32 KB
8 KB 47ms
18ms Script
application/javascript 217.79.188.60
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/js/adition.js
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.60 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 70e0a3b2c82384039a2e4b31c305c9ef1f72a59b585acad421c54a6101a25237

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:30 GMT
content-encoding: br
last-modified: Thu, 21 Oct 2021 06:32:42 GMT
etag: "4043560335-br"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 8355

GET
H2 200 js Show response
ad13.adfarm1.adition.com/ Frame 9BD1 2 KB
1 KB 42ms
11ms Script
application/x-javascript 217.79.188.54
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad13.adfarm1.adition.com/js?wp_id=4713001&gdpr=&gdpr_consent=&kid=4971351&clickurl=https://track.adform.net/C/?bn=52094793;crtbwp=0.694;crtbdata=e-4gecWcpwZeEPrn_KTIxrG_5RRah7r5QiS3GKqXqmOC37wfCqGTQAVnUETmH6vVs33byewNVQxLETnJI_K-VNBXbqaWS4fSlfClTA81HMfi5fQe8Hd-3RmcmBPgNF2B-uwhqLb0_kbcrbiWeWGdweq2-AYdKcXDzAC0EYCAYcDFdOM0WuYcCDxdwmKqJ21BkT2YWOlhVtw4tePuzGrQNO52e1q5vkZJhS5EBIRnDWewtRT-rd04K9HepMWUDT0uZPSVCRcBPzE1;adfibeg=0;cdata=k8RZDKIHzMOAzCcEJCVnPlPTq29bgYoQWZ6OcSZRT9kHIiXhqat0hDI-K8aJdCSIPV_QgTQskEIQV3Iizs7Oo2gk91XkE_TLrhasITyi8afMhAiEZ2xUQmGiVNrjNtDZnbng0rjgFhgRdhfRhLPxfzwZfX2relgQO46IurjIINI1;;CREFURL=https%3a%2f%2fwww.urbandictionary.com%2f;C=1;cpdir=
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.54 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: aa.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: aaa760d81f2d3f708d8b28f8e26254a137133de6c51a8439242f2403e4e3fd3e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 02:26:30 +0100
content-encoding: gzip
content-type: application/x-javascript
server: ADITIONSERVER v1.0
cache-control: max-age=600
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame 9BD1 35 B
475 B 20ms
19ms Ping
image/gif 37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=52094793&csi=lZwm5rwghFjsdA6p3O1kEiBObpg1aFQmzuExcUM4YeIJDwKV3Zer3CHs6_G4l2s8IyA4jdwEJWgePLMow_pV3GQBbo50IEXs0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.urbandictionary.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:30 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://www.urbandictionary.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/csimpr/ Frame E02B 35 B
475 B 20ms
20ms Ping
image/gif 37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=43157361&csi=G8RZuHXtK2DJj9IZ9sSsbOVda4PY_doOhwHH51jfHAoJDwKV3Zer3CHs6_G4l2s8ztExemRHhtGFWeC4J9LKlmQBbo50IEXs0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.urbandictionary.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:30 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://www.urbandictionary.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 42934056.png
s1.adform.net/Banners/42934056/ Frame E02B 98 KB
98 KB 21ms
21ms Image
image/png 37.157.2.248
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/42934056/42934056.png?bv=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

2faab8affbe7463d637cec1087e0ce8d721338678132fc82f3cfe7d9cc31062a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:30 GMT
last-modified: Fri, 08 Jan 2021 09:15:35 GMT
server: nginx
etag: "5ff822b7-1879b"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 100251

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame A6A0 0
735 B 40ms
39ms Script
text/html 185.33.221.15
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Dec 2021 01:26:30 GMT
X-Proxy-Origin: 185.213.155.166; 185.213.155.166; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 60b7637e-4f37-4bfb-8a6d-da2581b15081
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame BC4E 0
735 B 14ms
13ms Script
text/html 185.33.221.15
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Dec 2021 01:26:30 GMT
X-Proxy-Origin: 185.213.155.166; 185.213.155.166; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: c7de3127-b004-4eb6-97cf-e02ccd0ce052
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 ThirdParty Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/.gSBgiDQ/i/vCAv.IAAAAAoAA/r:types/ Frame 9BD1 34 KB
15 KB 21ms
19ms Script
text/javascript 37.157.2.248
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/.gSBgiDQ/i/vCAv.IAAAAAoAA/r:types/ThirdParty
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 8b13335b5f44be68fee7ea4003e3ba58badaba5c822d8f34d5b463cb74fea8c4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:30 GMT
content-encoding: gzip
last-modified: Wed, 01 Dec 2021 14:23:05 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Tue, 28 Dec 2021 04:21:52 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 43E6 0
735 B 14ms
13ms Script
text/html 185.33.221.15
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Dec 2021 01:26:30 GMT
X-Proxy-Origin: 185.213.155.166; 185.213.155.166; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 17077c0c-f1c3-47a6-a942-8ba22d171a34
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 312A 0
735 B 14ms
13ms Script
text/html 185.33.221.15
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Dec 2021 01:26:30 GMT
X-Proxy-Origin: 185.213.155.166; 185.213.155.166; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: c58cf324-bb31-4f21-b1cd-1c4701d6ee0f
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 banner Show response
ad13.adfarm1.adition.com/ Frame 9BD1 3 KB
2 KB 14ms
14ms Script
text/javascript 217.79.188.54
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad13.adfarm1.adition.com/banner?sid=4713001&adjsver=3&fvers=&iframe=1&ref=&ro=https%3A//www.urbandictionary.com/&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/96.0.4664.93%20Safari/537.36&os=17&browser=11&userid=7046187581903144168&kid=4971351&screen_res=6&wpt=J&clickurl=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D52094793%3Bcrtbwp%3D0.694%3Bcrtbdata%3De%2D4gecWcpwZeEPrn%5FKTIxrG%5F5RRah7r5QiS3GKqXqmOC37wfCqGTQAVnUETmH6vVs33byewNVQxLETnJI%5FK%2DVNBXbqaWS4fSlfClTA81HMfi5fQe8Hd%2D3RmcmBPgNF2B%2DuwhqLb0%5FkbcrbiWeWGdweq2%2DAYdKcXDzAC0EYCAYcDFdOM0WuYcCDxdwmKqJ21BkT2YWOlhVtw4tePuzGrQNO52e1q5vkZJhS5EBIRnDWewtRT%2Drd04K9HepMWUDT0uZPSVCRcBPzE1%3Badfibeg%3D0%3Bcdata%3Dk8RZDKIHzMOAzCcEJCVnPlPTq29bgYoQWZ6OcSZRT9kHIiXhqat0hDI%2DK8aJdCSIPV%5FQgTQskEIQV3Iizs7Oo2gk91XkE%5FTLrhasITyi8afMhAiEZ2xUQmGiVNrjNtDZnbng0rjgFhgRdhfRhLPxfzwZfX2relgQO46IurjIINI1%3B%3BCREFURL%3Dhttps%3A%2F%2Fwww.urbandictionary.com%2F%3BC%3D1%3Bcpdir%3D
Requested by: Host: ad13.adfarm1.adition.com
URL: https://ad13.adfarm1.adition.com/js?wp_id=4713001&gdpr=&gdpr_consent=&kid=4971351&clickurl=https://track.adform.net/C/?bn=52094793;crtbwp=0.694;crtbdata=e-4gecWcpwZeEPrn_KTIxrG_5RRah7r5QiS3GKqXqmOC37wfCqGTQAVnUETmH6vVs33byewNVQxLETnJI_K-VNBXbqaWS4fSlfClTA81HMfi5fQe8Hd-3RmcmBPgNF2B-uwhqLb0_kbcrbiWeWGdweq2-AYdKcXDzAC0EYCAYcDFdOM0WuYcCDxdwmKqJ21BkT2YWOlhVtw4tePuzGrQNO52e1q5vkZJhS5EBIRnDWewtRT-rd04K9HepMWUDT0uZPSVCRcBPzE1;adfibeg=0;cdata=k8RZDKIHzMOAzCcEJCVnPlPTq29bgYoQWZ6OcSZRT9kHIiXhqat0hDI-K8aJdCSIPV_QgTQskEIQV3Iizs7Oo2gk91XkE_TLrhasITyi8afMhAiEZ2xUQmGiVNrjNtDZnbng0rjgFhgRdhfRhLPxfzwZfX2relgQO46IurjIINI1;;CREFURL=https%3a%2f%2fwww.urbandictionary.com%2f;C=1;cpdir=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.54 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: aa.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: 5fb81d5d6ba2272f4f3dcc86348a859920be63199f98f082a073144cdbfdf725

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 02:26:30 +0100
content-encoding: gzip
server: ADITIONSERVER v1.0
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
cache-control: no-cache
content-type: text/javascript
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 75BA 0
735 B 13ms
13ms Script
text/html 185.33.221.15
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Dec 2021 01:26:30 GMT
X-Proxy-Origin: 185.213.155.166; 185.213.155.166; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: dea8abf0-3fe1-4628-b35b-ffdbcb4501aa
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame F4A0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGlXq2n2yFpRj0Ljf-58hT4&google_cver=1

43 B
1 KB

18ms
18ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGlXq2n2yFpRj0Ljf-58hT4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYiKbFlQEwAQ&v=APEucNXqUVt1RY39mE5Nj1HQAo7OMWJepP0hx5i90DbqM8B_FRvN5V70ONzJNtnnGZKhMs-RluAdm1YU7KiZbGRb3oFRADVOPSDRsqz5G_doLgtSA_msVDK970VwrwRyFnxfj8OHzeZs0-6qpl5KAAnn5S9ShNe8QzCB9SL3mL7E8mZFF-xpDmA
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Dec 2021 01:26:30 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 27 Dec 2021 01:26:30 GMT

Redirect headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:30 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGlXq2n2yFpRj0Ljf-58hT4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame F4A0
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YckWRZwlS.tA.TVA2RnE-gAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGlXq2n2yFpRj0Ljf-58hT4&google_cver=1&google_hm=2

43 B
1 KB

17ms
16ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGlXq2n2yFpRj0Ljf-58hT4&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYiKbFlQEwAQ&v=APEucNXqUVt1RY39mE5Nj1HQAo7OMWJepP0hx5i90DbqM8B_FRvN5V70ONzJNtnnGZKhMs-RluAdm1YU7KiZbGRb3oFRADVOPSDRsqz5G_doLgtSA_msVDK970VwrwRyFnxfj8OHzeZs0-6qpl5KAAnn5S9ShNe8QzCB9SL3mL7E8mZFF-xpDmA
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Dec 2021 01:26:30 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 27 Dec 2021 01:26:30 GMT

Redirect headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:30 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGlXq2n2yFpRj0Ljf-58hT4&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame F4A0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEBOZEax9Us_Ok55V-SAGPpg&google_cver=1

43 B
1008 B

13ms
13ms

Image
image/gif

185.33.221.15
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEBOZEax9Us_Ok55V-SAGPpg&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYiKbFlQEwAQ&v=APEucNXqUVt1RY39mE5Nj1HQAo7OMWJepP0hx5i90DbqM8B_FRvN5V70ONzJNtnnGZKhMs-RluAdm1YU7KiZbGRb3oFRADVOPSDRsqz5G_doLgtSA_msVDK970VwrwRyFnxfj8OHzeZs0-6qpl5KAAnn5S9ShNe8QzCB9SL3mL7E8mZFF-xpDmA

Protocol

HTTP/1.1

Server

185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Dec 2021 01:26:30 GMT
X-Proxy-Origin: 185.213.155.166; 185.213.155.166; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: d0ee8443-42e0-4d9f-a9f4-88be3c1a5be7
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:30 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEBOZEax9Us_Ok55V-SAGPpg&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F4A0
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzg1MTA5NTUxMzAwNTYyMTgxOQ%3D%3D

170 B
188 B

49ms
49ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzg1MTA5NTUxMzAwNTYyMTgxOQ%3D%3D

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 27 Dec 2021 01:26:30 GMT
X-Proxy-Origin: 185.213.155.166; 185.213.155.166; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: a1c2867e-725f-4d61-b988-53afd2d61c1e
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzg1MTA5NTUxMzAwNTYyMTgxOQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame C341 24 KB
9 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BX9jRIWJSVtUakgVuaPbvZFeyD_iiPnxrL09Q5UqEboB_k6GFRTyFoqeiklZ8qpgpSR6QWNoD-NQjC5fWpcwQf1pfXEC8t8L4WxkdVW7hsD5fifEXrle-kiIVFF-_FO5eOs2FPr6h9b1TtrTdoOUHHwYPAQw&cry=1&dbm_d=AKAmf-Byj7jCgYXDUZLEIThXt5PdqpE9CMRFwN0x1dgheORVGMnkhD0BixYhpkWY0DDwz5J9258g8GHAg5I46aiKe5yZjfrqBUPZRSzsmF6WHje6a0VyHjFvzbalJohQdShEwejEJb7amNe6LKUZCZLW4pCCgg_2BRIgdWrzPwIQqtHVGtkf0qWP0TcfpD9D5HN793q36GrfhtDvC8EEf0uVVUpZZGRyk7YHkEuhXJBEB-hx7v4mP2VfyhKc1hGxEqv4KkCTdbjL74S1UV_LwzORv19-zWZMQUp12JiuwW-lop4RdNNgQAqJCbHYvjRnbmGX1edGhXsUApUw3A8Wdm9eZCc_Us5epDS_p0YWMltdKkn3AQu0E7uiitFahC80KXnnL_WRElkpow-wFezGKhXzIiG_5e5ErdbLKo60_QLNUIeweRJ-TtjadOztWbfI0ADoA-X5BECZBshVANDO1Y5pxxB0dB6Pz4_8kg2yiqDtMc5y-2Se3Mu5yZhR6EDtt1EU2wqO7BQjCIf18jejb6gAZpGUhyIP61tUCxGZDgkeXqju5P7JHa18uFalE4wGWmrCGaptruuaQJR0Elip11OGu1taSgy3m9BwUhWzSZtWDgzI3tGtOMKCtnDsjMuXy4QvB4Cs5GrV0GCNCQsz9oIQZAld0JcO4L8P6wT3iR20PofqMCbe2_CrRvY9uAnyFrWB4xY8OLjtfGBLGz_nNZvW7jE-cCfxiPM2hNMQ61Gaz9tOXZLTYk47D8ys6INOEFXmslLl89zeALwTf9tGR3puJAb8_vhrW_h62WeVoLWXYaMhdP7PhN1n200I9ikro5xnE4-kk5BRhq6qiW2SbhmpF1DYYfysQz4OBpw7KQ4TqOeMyN_iJIjXR-_nuQO0f58o8crJPVe2nwp-04jmBQScRLZrurVFa7kSCgeuBpDtKxnRqDa3SQOYfFfhCpFfmSdB3Tr8FeFpOJEW8NuIhfZlAid0sPHj1U8XqOhiK4Ivz_KA_er8rsX1p5iuN9UpBNclczKfx6b4lETxh_H8RV_E4S9xGQOrN7KaZi4u0_0YU7uUIxXDqlPpekdru2s5siGHSDzjEdPej1xH7fOCnqExBYj9x4sUpmzwSboELo1x7RTaLyxWt_QE2n7uxteGm1Me8i4spmwoCgXtTQvCoEvq8GeHxBB4-uNhWyvAqeOeXVvtp75l1QpT5MBLkADtPQyFYGrWml8fFTGRSaYUcsBz--0Z_z1k5LUXlDJRulBWRUwtfNiCKwpezbOmaJCnA2rLSmhT_M3gZK6G1rKiJQm9adZNYPuRMV2oSvMMXzOkuXoAcC98PzEI0aeaSXRI6iSDv9RcZfa9p4laLxZCug3MVkuKvekq5zoNVqAcU7kX3orFYC5j2t5aw_xH7TeH97EVdCfMZe0aw8bIZId9ZZcbvVMz8ijgZoZmTsKmCuysQBukZjMLBRqGOqhYCzqXuZ4W9Bq_HbMiOhyYKfc0HO96KRkZldSvXNNSlui1x1YIfNtmBLp9eZ2w86LdwW1LOaBP7YFOoBzIeCfSeeTH0KcBo_aK4pRyWgoSpF2e21xA2y2DsEtyk3xuQ0IwRVl3NbsBvnIkyTFdZVAVteaqboJUrHLvbyAyaUTVJMkpeCYXGHz9B537_ngO0lcu6WcFXGWKzjMxUPGvi-joBX3KWORjeqA3Yybn6VuwKqp-eESYI2oYke8cWuWIyFYoTymTjCV5BSAQEZHKQ6Sd07QOVjgYzr0QliF4PKftK5jNREYqjAyqAMmYlHOPxgwvHupnQYD0oNWDOIz5l-r5plp7iMo_TyOiB4txUis9SVJ7M3K7eiRU9gMkvnLzb6f0g--jW-iRAFnw5LVIgxa0jD1LA5pnyM9Q0loipidDuQBm8okhPpu43aM_Kc3vP3_VsMUQlzPfdiGGMjA-8IzthbqbEQYUxz-cxckrOSi_-S0M2OxcU2cqRXVfIsQ6Qk3on5_kRZjnCj11l2YAXTMjxEK0PglQUcW6WVnbTvu_pRTqiewTk9spWn4-PNoyyGiY8qfbZaxe8MXVVFDyLlOz7GFnTretLYDgoJ_zVsuprUlbm0vVI9J4s0NQq5bxZt1aZQK8RR5X1ZK5BDxsmUBZmU00Fsw1UtmBup8ADr0s55mDFEZ-ebM8S8SckYdg2GHH1LRJhj_hT-VWCBmpkAhyf_oMCDdMXnCryhzVqhw_kLQSZa3F6wVa7orQYqeyNK7GGoivmEDhuOOw2wTh9TaENW35zvCeNDfqDqCcrwaKT1CIDaWYEs9SYcza9lTxoxtdC4xlO3CoVLQGYWupqSdFd2Och0I5XzeEKimuUfSbXOVsWIdeA7grckRQysOW_OmzD6_s9NOnjcCdQ9ywq80ERfqWyCXAOBqFjsR2rNvmsUERVW6DVLY5qDzNOCUMtUOpW9WV7kOKmvwNcVe3DtFrGE8XSfQiDBy1Z68Rb4StW1lREgU8LA3vqQF61J2mlbXbptSsQ63Om1-U_w0EvuWh25vFAlnHKVXDE14H_-poszYJDc0EDJel6Vehb4mUP2_VG6prDayKITtM-h9aVrM4wW_iUmmUWFkknj9KDGxgwnbuaDcUlvb-0hYt1Q-uHoYy0MAkHBCiw__wkNqMpl0Xl6am2p_XrKhrHzFkxMLRgYOWKZWTMUmaHpnrGtz4zAeNqXTmdZUS_0X7nYtcBi9bp8WFTj_iVLR09XAVNyO_9FVOjJAb_mi4wdQO25JvzhhsTlHWeqOBHtMYlfbSTLz3R6mqwa9PLQp2Au10MZKchK_eWmH5iIsxRYWYCiVX2nJCHRrJSEfxYvtXjR3-mFW8rtE4xGl2mBe7yiva50sWlWORVjirsPuvXmtiuEuPLv3kSMjVitJ4avAvyOMN8xbE6Zaqx-iHieJ1BxUmfrLunBi6tkiVjGQwY6UUHKif810looMPieugDMc5yJcbqSZxq1TYNE4m4audpXG2cU63twPnVecJG05ga71YH-ypomHo5OqilnsktCA_nOfSHjSjKmIE5T_p6iL0-jmg58PEop0iAf8RORMiatWHkC80eAgPKsvKLD0BHUJwJGfYp5VVU9aMw8LUd7F15VSh6iH_0XZBB8shRU2cxzleF4j8MFQfACjQOqVZlqusPF-Bm_ees05Wjq6WJM7yZV6hg4ELqpYNwzx6pwkOTjeiIVUys-6mpCU2TmK6r6BznOo6tPmTSrQmdNW8XlwJreVpL1XSImdzE7udDqxoZHcq1EE&cid=CAASEuRolIWys_dDHTE1ZmVMr0mpCA&rfl=1%2Chttps%253A%252F%252Fwww.urbandictionary.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a1b000b433199bfd60632e61b74bb2c4abd074dce072784e7acd55b1e4158cee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cf946a16b6dc5b3b3a7f8207ac7c9a78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:22:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 270
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9516
x-xss-protection: 0
server: cafe
etag: 14328493792227503680
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 Jan 2022 01:22:00 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame C341 41 KB
15 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cf946a16b6dc5b3b3a7f8207ac7c9a78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 12:54:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 304293
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 Dec 2022 12:54:57 GMT

GET
H2 200 000002237043.jpg
imagesrv.adition.com/banners/3137/files/00/22/22/73/ Frame 9BD1 22 KB
22 KB 11ms
11ms Image
image/jpeg 217.79.188.60
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/banners/3137/files/00/22/22/73/000002237043.jpg
Requested by: Host: www.urbandictionary.com
URL: https://www.urbandictionary.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.60 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 643957ecf716a2bcba9104704e5ab7423fe1dbcf892bae2aa6036db40f11f738

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 27 Dec 2021 01:26:30 GMT
last-modified: Tue, 21 Dec 2021 14:06:23 GMT
accept-ranges: bytes
etag: "1333055144"
content-length: 22540
content-type: image/jpeg

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 16E9 0
0 78ms
78ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuWpxPlgFT7CDoNJsWuoCWj7icx0Ikt4-_g1TtOQsq8xw6m2h2xcAsaTicFsUJKwyaCKuR2DmyceluW4shJS3OEH1rmwBGCnwLdEWMgIzGYy-1F8nwKibS_mpBAyYnL4EYkRF3MZniT5YAxBcL_dFnmVNSCIDeV1W78216eT0eO1Bu5f-4vGxTVusqJvTzVCWtpxiwTG5gl4uxcEzCkUcFZ9k-KVD3lEvtucKrk9GD8AAaX5BBbOkAjdwNssMMANMqj6rd2a2D0VKVeRNTdqICWDJAeGFAvXbTgLBlh4JqRrRPacRQQj2Jjz4I9o9lOJvvQYFLliN7AtoExam4&sai=AMfl-YT2vdxNulXTTofddDvz8i9b4ShbGU_Dl8OYSo9Mu-uM1xqC3IlPbNKv63MZ2b_ur-2f20hqtNertQiAo3L_hHv77f09OtCuBuIuUtsdtJcq-zvp_Vxlbj9_ihXsUqk&sig=Cg0ArKJSzHkWP-gPTIpsEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Dec 2021 01:26:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 27 Dec 2021 01:26:30 GMT

GET
H/1.1 200
OK request_content.php Show response
hal900021.redintelligence.net/ Frame 886D 4 KB
2 KB 35ms
12ms Document
text/html 144.76.238.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900021.redintelligence.net/request_content.php?s=15062700016109403891606011821021&a=3294d48a
Requested by: Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request.php?zone=1c1wx3ge11rm&nw=20&renderingType=javascript&namespace=9b4f9ee5cd&subid=&uid=dd908737cc3e8d32&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Ass6&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D1624633177335014892%26mt_id%3D9690035%26mt_adid%3D215543%26mt_sid%3D9955993%26mt_exid%3D62%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dd07061c9-1645-4a00-b232-e2ae32532fe8%26mt_cid%3Dd07061c9-1645-4a00-b232-e2ae32532fe8%26redirect%3D&documentReferer=https%3A%2F%2Fwww.urbandictionary.com%2F&ancestorOrigins=https%3A%2F%2Fwww.urbandictionary.com%2Chttps%3A%2F%2Fwww.urbandictionary.com&random=3330225055849&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.238.55 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.55.238.76.144.clients.your-server.de
Software: Apache /
Resource Hash: 36273c33da1748d907aa37106ef3086062f648a466d0f2a807ae5163e8f3a823

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/

Response headers

Date: Mon, 27 Dec 2021 01:26:30 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Mon, 27 Dec 2021 01:26:30 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1536
Connection: close
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK iframe Show response
sync.mathtag.com/sync/ Frame F4D4 629 B
747 B 19ms
17ms Document
text/html 185.29.134.244
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.mathtag.com/sync/iframe?mt_uuid=d07061c9-1645-4a00-b232-e2ae32532fe8&no_iframe=1&mt_lim=2&type=1,2&source=bidder
Requested by: Host: sync.mathtag.com
URL: https://sync.mathtag.com/sync/js?sync=auto&source=bidder&mt_lim=2&type=1,2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.244 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MT3 4133 baa842e master cdg-pixel-x5 config:1.0.0 /
Resource Hash: 048675b5bae1d7dada511b7b02c60f3fb7a02e891a3931ab3afe3ab36033ca6f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/

Response headers

Date: Mon, 27 Dec 2021 01:26:30 GMT
Content-Type: text/html
Connection: close
Access-Control-Allow-Origin: *
Server: MT3 4133 baa842e master cdg-pixel-x5 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Expires: Mon, 27 Dec 2021 01:26:29 GMT
Content-Encoding: gzip

GET
H/1.1 200
OK img
sync.mathtag.com/misc/ Frame 1921 43 B
550 B 49ms
16ms Image
image/gif 185.29.134.244
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by: Host: www.urbandictionary.com
URL: https://www.urbandictionary.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.244 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MT3 4133 baa842e master cdg-pixel-x29 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 27 Dec 2021 01:26:30 GMT
Server: MT3 4133 baa842e master cdg-pixel-x29 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 43
Expires: Mon, 27 Dec 2021 01:26:29 GMT

GET
H/1.1 200
OK vydnfpw7kpbp Show response
hal9000.redintelligence.net/zone/ Frame C341 11 KB
4 KB 35ms
13ms Script
text/html 138.201.63.116
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/vydnfpw7kpbp?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCSwT5RRbJYfGjF9S03gOTh63IDY_g-IZT3aaLpMoM8C4QASDziMAYYJXikIKgB8gBCakCPVGexJX9sj6oAwGqBP4BT9Cippg2PhPVhd1e08aB4Bed-gwn-dmw2vNSN3daY6ZqtGtDBI7ZWpohk9Kv2WtD1XtwtWL5CNkskmktvfrgbQQkQSYozAVeW3HJjL5LcihdZrzOtwbWWhWbZydiazH81Fpr4DAOEeBjK5KFy7OdP2Y33SLHKl3sWf7zXZ-YN-F-Mi-LyH6jCiyzQ4nJwOVrEQwbJevToXHE-HlSECICj58EV19I37A_MB6njdzzMazxYLiNkOuzo7Zh295eLkpQJI-rfWM3xXkCr-qv_PViDxXdLfe1WE7Dg1wRNv7yoqlVh3ng-HnQBpCstuu4thrQyclN38ZnPDMclR1U6ofABLvxqMDPAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYH4AKA5gLAcgLAYAMAbATwpraCtATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRolIWys_dDHTE1ZmVMr0mpCA%26sig%3DAOD64_1EXg1tCZW7DS9y2vTyvkjScQnYsQ%26client%3Dca-pub-7408911124015802%26dbm_c%3DAKAmf-CI1QBGiYM0QUWaFzs8jnozIcoVMu9XTOieUYFsYkemspoTKBOIZ56S1j5HCQajyU90zw1WtA4kCZad_Rg5QJEm0MZa0ieqLV0GeHlET1w8wChYIwKl2VHMPqTMmrmwlC12HJfcCkfO-ZBS5ciYVtnqJCEihQ%26cry%3D1%26dbm_d%3DAKAmf-BsV7AYsaTTl51ZuMv8iExqOIoH9ui6BAOQP0SbYDsEFrsUxfY7rLdifIpxdSCTxg1jZkB460kaCFHstqy4i8BWASd4ldsMUWjqki-txLHgPDkyeuGxVJrIlfTOBuPcmnEnuX4OftHjZNqcXG5RE0-QvZ4BVEa6xzHxtFTnLJ6QkDI8-C4qdLUiJxE1XoWdbMtktc3Vb5IqoJxL_7hh9tBTO_33MX8a5r14zaJRX5gmr9EyV4Ezfr3dJaX-k3zdmdoekSc9BlohiVvhPxbUmrh_GsGJASIbd9EPx_TNrpzFSNUsX6t0CUcvqbVJkERMf6ni3pdXIKQiwXLGnGX2oPXVNn0D_wOm8rZKlwsrqsrtSBzhySMCWcjk18ByFoXfqUTqSPzRuC9-5RbizCWkpUyn1E-Jx90zJanJrmkMHAyyyHn1F8zE6tjzxBvvmIE--WWgXoc42NplZJ04IQkyegTVwSknWw%26adurl%3D
Requested by: Host: cf946a16b6dc5b3b3a7f8207ac7c9a78.safeframe.googlesyndication.com
URL: https://cf946a16b6dc5b3b3a7f8207ac7c9a78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.116 Hockenheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.116.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 08823bb640a139685b7adf52d8041883aa4004a6cf890eafc2f65605dff2ef92

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cf946a16b6dc5b3b3a7f8207ac7c9a78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 27 Dec 2021 01:26:30 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3931
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 208E 22 KB
8 KB 39ms
39ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cf946a16b6dc5b3b3a7f8207ac7c9a78.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Thu, 23 Dec 2021 12:54:57 GMT
expires: Fri, 23 Dec 2022 12:54:57 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 304293
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame 886D 764 B
874 B 20ms
19ms Script
text/javascript 37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=51990297;gdpr=0;gdpr_consent=;click=https%3A%2F%2Fhal900021.redintelligence.net%2Fc%2Fpg1i1kv29fbsl65%3Ftprde%3D

Requested by

Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request_content.php?s=15062700016109403891606011821021&a=3294d48a

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

a21998523667aa9d043e52cc2b6de4db33f4a37adc32ed85a73f219615609a30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:30 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 560
expires: -1

GET
H/1.1 200
OK request.php Show response
hal900017.redintelligence.net/ Frame C341 3 KB
2 KB 136ms
96ms Script
application/x-javascript 159.69.70.9
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900017.redintelligence.net/request.php?zone=vydnfpw7kpbp&nw=20&renderingType=javascript&namespace=a3c1c58834&subid=&uid=8dd7b6700982d1a0&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCSwT5RRbJYfGjF9S03gOTh63IDY_g-IZT3aaLpMoM8C4QASDziMAYYJXikIKgB8gBCakCPVGexJX9sj6oAwGqBP4BT9Cippg2PhPVhd1e08aB4Bed-gwn-dmw2vNSN3daY6ZqtGtDBI7ZWpohk9Kv2WtD1XtwtWL5CNkskmktvfrgbQQkQSYozAVeW3HJjL5LcihdZrzOtwbWWhWbZydiazH81Fpr4DAOEeBjK5KFy7OdP2Y33SLHKl3sWf7zXZ-YN-F-Mi-LyH6jCiyzQ4nJwOVrEQwbJevToXHE-HlSECICj58EV19I37A_MB6njdzzMazxYLiNkOuzo7Zh295eLkpQJI-rfWM3xXkCr-qv_PViDxXdLfe1WE7Dg1wRNv7yoqlVh3ng-HnQBpCstuu4thrQyclN38ZnPDMclR1U6ofABLvxqMDPAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYH4AKA5gLAcgLAYAMAbATwpraCtATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRolIWys_dDHTE1ZmVMr0mpCA%26sig%3DAOD64_1EXg1tCZW7DS9y2vTyvkjScQnYsQ%26client%3Dca-pub-7408911124015802%26dbm_c%3DAKAmf-CI1QBGiYM0QUWaFzs8jnozIcoVMu9XTOieUYFsYkemspoTKBOIZ56S1j5HCQajyU90zw1WtA4kCZad_Rg5QJEm0MZa0ieqLV0GeHlET1w8wChYIwKl2VHMPqTMmrmwlC12HJfcCkfO-ZBS5ciYVtnqJCEihQ%26cry%3D1%26dbm_d%3DAKAmf-BsV7AYsaTTl51ZuMv8iExqOIoH9ui6BAOQP0SbYDsEFrsUxfY7rLdifIpxdSCTxg1jZkB460kaCFHstqy4i8BWASd4ldsMUWjqki-txLHgPDkyeuGxVJrIlfTOBuPcmnEnuX4OftHjZNqcXG5RE0-QvZ4BVEa6xzHxtFTnLJ6QkDI8-C4qdLUiJxE1XoWdbMtktc3Vb5IqoJxL_7hh9tBTO_33MX8a5r14zaJRX5gmr9EyV4Ezfr3dJaX-k3zdmdoekSc9BlohiVvhPxbUmrh_GsGJASIbd9EPx_TNrpzFSNUsX6t0CUcvqbVJkERMf6ni3pdXIKQiwXLGnGX2oPXVNn0D_wOm8rZKlwsrqsrtSBzhySMCWcjk18ByFoXfqUTqSPzRuC9-5RbizCWkpUyn1E-Jx90zJanJrmkMHAyyyHn1F8zE6tjzxBvvmIE--WWgXoc42NplZJ04IQkyegTVwSknWw%26adurl%3D&documentReferer=https%3A%2F%2Fwww.urbandictionary.com%2F&ancestorOrigins=https%3A%2F%2Fwww.urbandictionary.com&random=6389336628534&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/vydnfpw7kpbp?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCSwT5RRbJYfGjF9S03gOTh63IDY_g-IZT3aaLpMoM8C4QASDziMAYYJXikIKgB8gBCakCPVGexJX9sj6oAwGqBP4BT9Cippg2PhPVhd1e08aB4Bed-gwn-dmw2vNSN3daY6ZqtGtDBI7ZWpohk9Kv2WtD1XtwtWL5CNkskmktvfrgbQQkQSYozAVeW3HJjL5LcihdZrzOtwbWWhWbZydiazH81Fpr4DAOEeBjK5KFy7OdP2Y33SLHKl3sWf7zXZ-YN-F-Mi-LyH6jCiyzQ4nJwOVrEQwbJevToXHE-HlSECICj58EV19I37A_MB6njdzzMazxYLiNkOuzo7Zh295eLkpQJI-rfWM3xXkCr-qv_PViDxXdLfe1WE7Dg1wRNv7yoqlVh3ng-HnQBpCstuu4thrQyclN38ZnPDMclR1U6ofABLvxqMDPAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYH4AKA5gLAcgLAYAMAbATwpraCtATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRolIWys_dDHTE1ZmVMr0mpCA%26sig%3DAOD64_1EXg1tCZW7DS9y2vTyvkjScQnYsQ%26client%3Dca-pub-7408911124015802%26dbm_c%3DAKAmf-CI1QBGiYM0QUWaFzs8jnozIcoVMu9XTOieUYFsYkemspoTKBOIZ56S1j5HCQajyU90zw1WtA4kCZad_Rg5QJEm0MZa0ieqLV0GeHlET1w8wChYIwKl2VHMPqTMmrmwlC12HJfcCkfO-ZBS5ciYVtnqJCEihQ%26cry%3D1%26dbm_d%3DAKAmf-BsV7AYsaTTl51ZuMv8iExqOIoH9ui6BAOQP0SbYDsEFrsUxfY7rLdifIpxdSCTxg1jZkB460kaCFHstqy4i8BWASd4ldsMUWjqki-txLHgPDkyeuGxVJrIlfTOBuPcmnEnuX4OftHjZNqcXG5RE0-QvZ4BVEa6xzHxtFTnLJ6QkDI8-C4qdLUiJxE1XoWdbMtktc3Vb5IqoJxL_7hh9tBTO_33MX8a5r14zaJRX5gmr9EyV4Ezfr3dJaX-k3zdmdoekSc9BlohiVvhPxbUmrh_GsGJASIbd9EPx_TNrpzFSNUsX6t0CUcvqbVJkERMf6ni3pdXIKQiwXLGnGX2oPXVNn0D_wOm8rZKlwsrqsrtSBzhySMCWcjk18ByFoXfqUTqSPzRuC9-5RbizCWkpUyn1E-Jx90zJanJrmkMHAyyyHn1F8zE6tjzxBvvmIE--WWgXoc42NplZJ04IQkyegTVwSknWw%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.70.9 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.9.70.69.159.clients.your-server.de
Software: Apache /
Resource Hash: 4a9feaf0a180486f3fa92e50aefb98ad100b3453efbc98170b88cef56efe2d02

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cf946a16b6dc5b3b3a7f8207ac7c9a78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Dec 2021 01:26:30 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 47735300012161100710592011821017
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 1055
Expires: Mon, 27 Dec 2021 01:26:30 +0100

GET
H/1.1 200
OK viewability Show response
hal900021.redintelligence.net/ Frame 886D 0
150 B 40ms
12ms Script
text/html 144.76.238.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900021.redintelligence.net/viewability?s=15062700016109403891606011821021&a=18c9d1e0&vb=m
Requested by: Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request_content.php?s=15062700016109403891606011821021&a=3294d48a
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.238.55 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.55.238.76.144.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/request_content.php?s=15062700016109403891606011821021&a=3294d48a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 27 Dec 2021 01:26:30 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK img
sync.mathtag.com/misc/ Frame F4D4 43 B
550 B 18ms
17ms Image
image/gif 185.29.134.244
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by: Host: sync.mathtag.com
URL: https://sync.mathtag.com/sync/iframe?mt_uuid=d07061c9-1645-4a00-b232-e2ae32532fe8&no_iframe=1&mt_lim=2&type=1,2&source=bidder
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.244 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MT3 4133 baa842e master cdg-pixel-x29 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.mathtag.com/sync/iframe?mt_uuid=d07061c9-1645-4a00-b232-e2ae32532fe8&no_iframe=1&mt_lim=2&type=1,2&source=bidder
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 27 Dec 2021 01:26:30 GMT
Server: MT3 4133 baa842e master cdg-pixel-x29 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 43
Expires: Mon, 27 Dec 2021 01:26:29 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame 886D 33 KB
16 KB 20ms
20ms Script
text/javascript 37.157.2.248
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=51990297;gdpr=0;gdpr_consent=;click=https%3A%2F%2Fhal900021.redintelligence.net%2Fc%2Fpg1i1kv29fbsl65%3Ftprde%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 30d2143e5e0ad4af94bf25a55ea17ac1451f5f8b91ff96dc4a32b4791aaeeab8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:30 GMT
content-encoding: gzip
last-modified: Wed, 01 Dec 2021 14:23:05 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Tue, 28 Dec 2021 04:19:39 GMT

GET
H3 200 f8gou5y2Dfq0zn72-W9hYw99gWviw2ua4IRi-orcC78.js Show response
pagead2.googlesyndication.com/bg/ Frame 208E 35 KB
13 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/f8gou5y2Dfq0zn72-W9hYw99gWviw2ua4IRi-orcC78.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7fc828bb9cb60dfab4ce7ef6f96f61630f7d816be2c36b9ae08462fa8adc0bbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 22:19:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11213
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13559
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 26 Dec 2022 22:19:37 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 75ms
74ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2021120601&jk=2967380673806602&bg=!x8SlxIDNAAZKWFskSlg7ACkAdvg8Wuk4l5y-7LRO91Q7cRvxsGE7s7VkpU9D4GZqsbpMgmKJl8oPEwIAAACKUgAAABFoAQcKAGqSZ1nhrkDUcg7xxL4TA8PnD1wkIHWhIodlIrCpB_pAjGXQt2qrv5CXOtOwXeyAWWOtq7O4TpEdI8nPJk0nO4Segdz5J1nCMPs_Qjtiz8YGr6rRXYIKhMlbivXu2LGSIbqnXBB-XfFl4secmQKzLPbMMg2ozLkvJ5-B9XwVv6s_TpUB6Pb0n0sgcAc2sZj9xZQJgb2DjUnN3PrO3YJdmTPkkc7Fts62U8B2oKl3C9fzBJD806NHMTr44b3Pvps6eyvbYIbmNnjlNUm3t4V-zQvdgdmwwh3gmsrylOrUmNtWuIG99JPLeb3gzHqYbIcXv665o_TyyME9SzAL0EannUQaF6hPfzaMYZag4qgaqDx62BsZF-rJbKeWaHx1QPgISIDjV3IkOvL7EfJQxRHDDg5Z1uBujssnrEjDZd1mNULyCLQVaw-VLtpNXWhoIYoq9USbxS-76C5JM9FyfkhIBKMmYT7nsdocSsPElGhlmYhH7h6lkqyRT_r_RngdOy5oW1DY_4fFZtjCRcN8fqbpWshODRDiUCbvSZbDsPPFre9JckxLF4wnTDUd75M9WMEhRy27zxsi4642Jba9A84cnALAT_RgIfib05hYCZAzfSC1trftItJy_1YnCUKNsG1RBHz397dO2pvpT7ZxDjFouHEvOxmcKbMZfrjmv1yN90K0uu_VMcUmPwxdkIj7YS3TGc42OHtGOOpMWO8E-UfKEry3DGhJ89W9EaRnyjZdNphc4lmyyBKG5CM4DpmCiIr8gL-pJz7Fa9O6HCZGjVeFbWSO8ioIt1p4RPYg1HL8j5_NqHKA5hCTpTSNr-1AkxY-H78ME2ZMBra4uDFeJmh9JTsQyY89F4c3TKmYc0z12t7exuH_LUYdtq-xcyZv6Uq5TWBV2kpIKImo1BLZL9bOpAZOcI3CnFxSna9GkLiyL2fhabL5B_AzSlxGxLFcdDXtKd7VSim9sea9PD3d4ZJqbjfXpLwbaqoLx_B5h4UQAMtHW4j19rgcHeCmGuBPQH1WY8me4mFpXy3LHlsask-sst8xjt2AMnblnf9rHdsDZy5InQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame 886D 4 KB
2 KB 20ms
20ms Script
text/javascript 37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?bn=51990297;gdpr=0;gdpr_consent=;click=https%3A%2F%2Fhal900021.redintelligence.net%2Fc%2Fpg1i1kv29fbsl65%3Ftprde%3D;js=1;adfxid=1x;10836;set=en-US|en-US|1600X1200|0|750|100|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fwww.urbandictionary.com

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

a84e0b2e52705c216f3a7b4c08da32f3b8abeed4948c4813fb0716c3c93a941c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:30 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 2035
expires: -1

GET
DATA 200
OK truncated
/ Frame 886D 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK addDoubleBorder.js Show response
cdn.contentspread.net/24i/tools/js/ Frame 886D 851 B
1 KB 77ms
12ms Script
application/javascript 88.99.69.161
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.contentspread.net/24i/tools/js/addDoubleBorder.js
Requested by: Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request_content.php?s=15062700016109403891606011821021&a=3294d48a
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.69.161 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.161.69.99.88.clients.your-server.de
Software: nginx /
Resource Hash: abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 27 Dec 2021 01:26:30 GMT
Last-Modified: Tue, 03 May 2016 20:54:50 GMT
Server: nginx
ETag: "5729101a-353"
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 851

GET
H2

200

view.aspx Show response
pb.media01.eu/ Frame 9EC7
Redirect Chain

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=47735300012161100710592011821017&t=htlp
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=47735300012161100710592011821017&actionid=879111&produktid=ratenkredit&dt_url=

0
630 B

117ms
78ms

Document
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=47735300012161100710592011821017&actionid=879111&produktid=ratenkredit&dt_url=

Requested by

Host: hal900017.redintelligence.net
URL: https://hal900017.redintelligence.net/request.php?zone=vydnfpw7kpbp&nw=20&renderingType=javascript&namespace=a3c1c58834&subid=&uid=8dd7b6700982d1a0&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCSwT5RRbJYfGjF9S03gOTh63IDY_g-IZT3aaLpMoM8C4QASDziMAYYJXikIKgB8gBCakCPVGexJX9sj6oAwGqBP4BT9Cippg2PhPVhd1e08aB4Bed-gwn-dmw2vNSN3daY6ZqtGtDBI7ZWpohk9Kv2WtD1XtwtWL5CNkskmktvfrgbQQkQSYozAVeW3HJjL5LcihdZrzOtwbWWhWbZydiazH81Fpr4DAOEeBjK5KFy7OdP2Y33SLHKl3sWf7zXZ-YN-F-Mi-LyH6jCiyzQ4nJwOVrEQwbJevToXHE-HlSECICj58EV19I37A_MB6njdzzMazxYLiNkOuzo7Zh295eLkpQJI-rfWM3xXkCr-qv_PViDxXdLfe1WE7Dg1wRNv7yoqlVh3ng-HnQBpCstuu4thrQyclN38ZnPDMclR1U6ofABLvxqMDPAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYH4AKA5gLAcgLAYAMAbATwpraCtATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRolIWys_dDHTE1ZmVMr0mpCA%26sig%3DAOD64_1EXg1tCZW7DS9y2vTyvkjScQnYsQ%26client%3Dca-pub-7408911124015802%26dbm_c%3DAKAmf-CI1QBGiYM0QUWaFzs8jnozIcoVMu9XTOieUYFsYkemspoTKBOIZ56S1j5HCQajyU90zw1WtA4kCZad_Rg5QJEm0MZa0ieqLV0GeHlET1w8wChYIwKl2VHMPqTMmrmwlC12HJfcCkfO-ZBS5ciYVtnqJCEihQ%26cry%3D1%26dbm_d%3DAKAmf-BsV7AYsaTTl51ZuMv8iExqOIoH9ui6BAOQP0SbYDsEFrsUxfY7rLdifIpxdSCTxg1jZkB460kaCFHstqy4i8BWASd4ldsMUWjqki-txLHgPDkyeuGxVJrIlfTOBuPcmnEnuX4OftHjZNqcXG5RE0-QvZ4BVEa6xzHxtFTnLJ6QkDI8-C4qdLUiJxE1XoWdbMtktc3Vb5IqoJxL_7hh9tBTO_33MX8a5r14zaJRX5gmr9EyV4Ezfr3dJaX-k3zdmdoekSc9BlohiVvhPxbUmrh_GsGJASIbd9EPx_TNrpzFSNUsX6t0CUcvqbVJkERMf6ni3pdXIKQiwXLGnGX2oPXVNn0D_wOm8rZKlwsrqsrtSBzhySMCWcjk18ByFoXfqUTqSPzRuC9-5RbizCWkpUyn1E-Jx90zJanJrmkMHAyyyHn1F8zE6tjzxBvvmIE--WWgXoc42NplZJ04IQkyegTVwSknWw%26adurl%3D&documentReferer=https%3A%2F%2Fwww.urbandictionary.com%2F&ancestorOrigins=https%3A%2F%2Fwww.urbandictionary.com&random=6389336628534&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.198.250.30 Mannheim, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cf946a16b6dc5b3b3a7f8207ac7c9a78.safeframe.googlesyndication.com/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Mon, 27 Dec 2021 02:26:30 GMT
server: Microsoft-IIS/10.0
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
access-control-allow-origin: *
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
access-control-allow-methods: GET,POST
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
date: Mon, 27 Dec 2021 01:26:29 GMT
content-length: 0

Redirect headers

Server: nginx/1.19.7
Date: Mon, 27 Dec 2021 01:26:30 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Keep-Alive: timeout=20
X-Powered-By: PHP/7.2.34
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,OPTIONS
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Range, Content-Disposition, Content-Type, Authorization
Access-Control-Allow-Credentials: true
Location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=47735300012161100710592011821017&actionid=879111&produktid=ratenkredit&dt_url=
Strict-Transport-Security: max-age=63072000;includeSubdomains;preload max-age=15768000
X-IPLB-Request-ID: B9D59BA6:B302_91EFC182:01BB_61C91646_238EFB3:4418
X-IPLB-Instance: 40027
Cache-control: private

GET
H/1.1 200
OK link.html Show response
track.webgains.com/ Frame C341 1 KB
2 KB 228ms
129ms Script
text/html 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3392345&wgcampaignid=99582&viewref=47735300012161100710592011821017&js=1&nw=1
Requested by: Host: www.urbandictionary.com
URL: https://www.urbandictionary.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: f456cb90811b3ce528e781c6f05450cf60a9c157335ea081996727601627c1d1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cf946a16b6dc5b3b3a7f8207ac7c9a78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Dec 2021 01:26:30 GMT
Last-Modified: Mon, 27 Dec 2021 01:26:30 GMT
Server: Apache
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html;charset=utf-8
Content-Length: 1239
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK request_content.php Show response
hal900017.redintelligence.net/ Frame 501F 7 KB
2 KB 34ms
12ms Document
text/html 159.69.70.9
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900017.redintelligence.net/request_content.php?s=47735300012161100710592011821017&a=c6f725af
Requested by: Host: hal900017.redintelligence.net
URL: https://hal900017.redintelligence.net/request.php?zone=vydnfpw7kpbp&nw=20&renderingType=javascript&namespace=a3c1c58834&subid=&uid=8dd7b6700982d1a0&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCSwT5RRbJYfGjF9S03gOTh63IDY_g-IZT3aaLpMoM8C4QASDziMAYYJXikIKgB8gBCakCPVGexJX9sj6oAwGqBP4BT9Cippg2PhPVhd1e08aB4Bed-gwn-dmw2vNSN3daY6ZqtGtDBI7ZWpohk9Kv2WtD1XtwtWL5CNkskmktvfrgbQQkQSYozAVeW3HJjL5LcihdZrzOtwbWWhWbZydiazH81Fpr4DAOEeBjK5KFy7OdP2Y33SLHKl3sWf7zXZ-YN-F-Mi-LyH6jCiyzQ4nJwOVrEQwbJevToXHE-HlSECICj58EV19I37A_MB6njdzzMazxYLiNkOuzo7Zh295eLkpQJI-rfWM3xXkCr-qv_PViDxXdLfe1WE7Dg1wRNv7yoqlVh3ng-HnQBpCstuu4thrQyclN38ZnPDMclR1U6ofABLvxqMDPAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYH4AKA5gLAcgLAYAMAbATwpraCtATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRolIWys_dDHTE1ZmVMr0mpCA%26sig%3DAOD64_1EXg1tCZW7DS9y2vTyvkjScQnYsQ%26client%3Dca-pub-7408911124015802%26dbm_c%3DAKAmf-CI1QBGiYM0QUWaFzs8jnozIcoVMu9XTOieUYFsYkemspoTKBOIZ56S1j5HCQajyU90zw1WtA4kCZad_Rg5QJEm0MZa0ieqLV0GeHlET1w8wChYIwKl2VHMPqTMmrmwlC12HJfcCkfO-ZBS5ciYVtnqJCEihQ%26cry%3D1%26dbm_d%3DAKAmf-BsV7AYsaTTl51ZuMv8iExqOIoH9ui6BAOQP0SbYDsEFrsUxfY7rLdifIpxdSCTxg1jZkB460kaCFHstqy4i8BWASd4ldsMUWjqki-txLHgPDkyeuGxVJrIlfTOBuPcmnEnuX4OftHjZNqcXG5RE0-QvZ4BVEa6xzHxtFTnLJ6QkDI8-C4qdLUiJxE1XoWdbMtktc3Vb5IqoJxL_7hh9tBTO_33MX8a5r14zaJRX5gmr9EyV4Ezfr3dJaX-k3zdmdoekSc9BlohiVvhPxbUmrh_GsGJASIbd9EPx_TNrpzFSNUsX6t0CUcvqbVJkERMf6ni3pdXIKQiwXLGnGX2oPXVNn0D_wOm8rZKlwsrqsrtSBzhySMCWcjk18ByFoXfqUTqSPzRuC9-5RbizCWkpUyn1E-Jx90zJanJrmkMHAyyyHn1F8zE6tjzxBvvmIE--WWgXoc42NplZJ04IQkyegTVwSknWw%26adurl%3D&documentReferer=https%3A%2F%2Fwww.urbandictionary.com%2F&ancestorOrigins=https%3A%2F%2Fwww.urbandictionary.com&random=6389336628534&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.70.9 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.9.70.69.159.clients.your-server.de
Software: Apache /
Resource Hash: 9d2f264b8c8fb7285328fae69dab5ddb6a6e96b602891ea275e6adcc415359f4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cf946a16b6dc5b3b3a7f8207ac7c9a78.safeframe.googlesyndication.com/

Response headers

Date: Mon, 27 Dec 2021 01:26:30 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Mon, 27 Dec 2021 01:26:30 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2068
Connection: close
Content-Type: text/html; charset=utf-8

GET
H/1.1

200
OK

native.png
ad-server.eu/wm/pb/ Frame C341
Redirect Chain

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=47735300012161100710592011821017
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=47735300012161100710592011821017
https://ad-server.eu/wm/pb/native.png

68 B
312 B

154ms
29ms

Image
image/png

54.76.176.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-server.eu/wm/pb/native.png
Requested by: Host: cf946a16b6dc5b3b3a7f8207ac7c9a78.safeframe.googlesyndication.com
URL: https://cf946a16b6dc5b3b3a7f8207ac7c9a78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cf946a16b6dc5b3b3a7f8207ac7c9a78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 27 Dec 2021 01:31:23 GMT
Last-Modified: Sat, 21 Dec 2019 23:06:59 GMT
Server: nginx/1.4.6 (Ubuntu)
ETag: "5dfea593-44"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 68

Redirect headers

Date: Mon, 27 Dec 2021 01:26:30 GMT
Server: nginx/1.17.5
X-IPLB-Request-ID: B9D59BA6:B302_91EFC182:01BB_61C91646_238EFB4:4418
X-Powered-By: PHP/7.2.21
X-IPLB-Instance: 40027
Strict-Transport-Security: max-age=63072000;includeSubdomains;preload, max-age=15768000
Content-Type: text/html; charset=UTF-8
Location: https://ad-server.eu/wm/pb/native.png
Cache-control: private
Transfer-Encoding: chunked
Keep-Alive: timeout=20

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame C341 43 B
702 B 56ms
12ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2519595&v=14098&q=379097&r=296283&pref1=47735300012161100710592011821017&pv=1

Requested by

Host: cf946a16b6dc5b3b3a7f8207ac7c9a78.safeframe.googlesyndication.com
URL: https://cf946a16b6dc5b3b3a7f8207ac7c9a78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cf946a16b6dc5b3b3a7f8207ac7c9a78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Dec 2021 01:26:30 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 02C1 1 KB
749 B 40ms
39ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: cf946a16b6dc5b3b3a7f8207ac7c9a78.safeframe.googlesyndication.com
URL: https://cf946a16b6dc5b3b3a7f8207ac7c9a78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cf946a16b6dc5b3b3a7f8207ac7c9a78.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 26 Dec 2021 13:26:12 GMT
expires: Mon, 27 Dec 2021 13:26:12 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 43218
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame C341 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9f0d42fa5021590be879fc17d3cb58b1768cc8d45919f82bea63eff24b5796f8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 Standard Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/ Frame 886D 90 KB
39 KB 22ms
21ms Script
text/javascript 37.157.2.248
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 81ec37f2f154f27cfde29aa4ea92e319fde0efec6444e6d053b76eb12828afc7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:30 GMT
content-encoding: gzip
last-modified: Wed, 01 Dec 2021 14:23:05 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Tue, 28 Dec 2021 04:20:01 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 501F 4 KB
649 B 97ms
50ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal900017.redintelligence.net
URL: https://hal900017.redintelligence.net/request_content.php?s=47735300012161100710592011821017&a=c6f725af

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ad246d47536dacf0256646042ec184678bfc630fcb638d9199bd66cf8cb5e457

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900017.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 27 Dec 2021 00:00:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 27 Dec 2021 01:26:30 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 27 Dec 2021 01:26:30 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 501F 92 KB
92 KB 37ms
14ms Image
image/png 138.201.63.116
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=300&height=150&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/postbank_pool_privatkredit_1200x627.jpg
Requested by: Host: hal900017.redintelligence.net
URL: https://hal900017.redintelligence.net/request_content.php?s=47735300012161100710592011821017&a=c6f725af
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.116 Hockenheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.116.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: f90c11bb02739ecefdace8febb1bf28b08f5aca32729727722c36963a0f36954

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900017.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 27 Dec 2021 01:26:30 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Apache
Connection: close
Transfer-Encoding: chunked
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 501F 79 KB
79 KB 37ms
15ms Image
image/png 138.201.63.116
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=300&height=150&url=https://cdn.contentspread.net/24i/advertiser/3839/creativesup/father_daughter_1200x627.jpg
Requested by: Host: hal900017.redintelligence.net
URL: https://hal900017.redintelligence.net/request_content.php?s=47735300012161100710592011821017&a=c6f725af
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.116 Hockenheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.116.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: d68932ece8eb0d862ad487b7494ed099ea690dcaf6f0cf5a599ab8994d3f7ef6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900017.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 27 Dec 2021 01:26:30 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Apache
Connection: close
Transfer-Encoding: chunked
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 501F 81 KB
81 KB 38ms
15ms Image
image/png 138.201.63.116
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=300&height=150&url=https://cdn.contentspread.net/24i/advertiser/52085/creativesup/affiliate-panini-familienzeit-banner-1200x627.jpg
Requested by: Host: hal900017.redintelligence.net
URL: https://hal900017.redintelligence.net/request_content.php?s=47735300012161100710592011821017&a=c6f725af
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.116 Hockenheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.116.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 260039b6e6461a5069054c7d945d6421f59f2d8d50158f12adf68cae6625293d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900017.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 27 Dec 2021 01:26:30 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Apache
Connection: close
Transfer-Encoding: chunked
Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 02C1
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEKGs5AB7imcjzQFK7UNMqD8&google_cver=1&google_push=AYg5qPLOe1Qw08UJXUZGLon1tZ0QrxXGPXSOc6tsi0tGSkk6JkAKO7zCPB...
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPLOe1Qw08UJXUZGLon1tZ0QrxXGPXSOc6tsi0tGSkk6JkAKO7zCPBY6cuGeE_8ccxKL3sIQZMEJOpPTlsaJg8U9nhIJBpFe&google_hm=DDp7RX...

170 B
188 B

50ms
49ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPLOe1Qw08UJXUZGLon1tZ0QrxXGPXSOc6tsi0tGSkk6JkAKO7zCPBY6cuGeE_8ccxKL3sIQZMEJOpPTlsaJg8U9nhIJBpFe&google_hm=DDp7RXKT_d7iFq9ZE86TKg

Requested by

Host: cf946a16b6dc5b3b3a7f8207ac7c9a78.safeframe.googlesyndication.com
URL: https://cf946a16b6dc5b3b3a7f8207ac7c9a78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:30 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPLOe1Qw08UJXUZGLon1tZ0QrxXGPXSOc6tsi0tGSkk6JkAKO7zCPBY6cuGeE_8ccxKL3sIQZMEJOpPTlsaJg8U9nhIJBpFe&google_hm=DDp7RXKT_d7iFq9ZE86TKg
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 02C1
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEEBXFBz4ka0pepwHCCjBH4g&google_cve...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=b0YwaU1yMGIxTjFFTXU1&google_gid=CAESEEBXFBz4ka0pepwHCCjBH4g&google_cver=1&google_push=AYg5qPL0pSzjj8qjkmL8Z-U-QbarWs7koono4xgmKkIj-q4...

170 B
188 B

49ms
49ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=b0YwaU1yMGIxTjFFTXU1&google_gid=CAESEEBXFBz4ka0pepwHCCjBH4g&google_cver=1&google_push=AYg5qPL0pSzjj8qjkmL8Z-U-QbarWs7koono4xgmKkIj-q4QGnZjG7Uy-KR8OGQplNJLpXNWCFuE5Ye9se0k7yzpWIqLavxm8WS2

Requested by

Host: cf946a16b6dc5b3b3a7f8207ac7c9a78.safeframe.googlesyndication.com
URL: https://cf946a16b6dc5b3b3a7f8207ac7c9a78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 27 Dec 2021 01:26:29 GMT
Server: PingMatch/v2.0.30-693-g87a8e09#rel-ec2-master i-0f57142fe7121e10b@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=b0YwaU1yMGIxTjFFTXU1&google_gid=CAESEEBXFBz4ka0pepwHCCjBH4g&google_cver=1&google_push=AYg5qPL0pSzjj8qjkmL8Z-U-QbarWs7koono4xgmKkIj-q4QGnZjG7Uy-KR8OGQplNJLpXNWCFuE5Ye9se0k7yzpWIqLavxm8WS2
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 02C1
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEKBxoBdRXPG4h5q6SJrg_oI&google_cver=1&google_push=AYg5qPLi3P-FkLvREgNf5B7JINUbrZXRx_0OoqriM8tM8SIIhW9hFHfhHW62H-72SL-YVvaI7OiMrBST3U7MjuMgjw8ft5b_j1gW
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F0773C369512422CA412DB672A018B81&google_push=AYg5qPLi3P-FkLvREgNf5B7JINUbrZXRx_0OoqriM8tM8SIIhW9hFHfhHW62H-72SL-YVvaI7OiMrBST3U7MjuM...

170 B
188 B

50ms
50ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F0773C369512422CA412DB672A018B81&google_push=AYg5qPLi3P-FkLvREgNf5B7JINUbrZXRx_0OoqriM8tM8SIIhW9hFHfhHW62H-72SL-YVvaI7OiMrBST3U7MjuMgjw8ft5b_j1gW

Requested by

Host: cf946a16b6dc5b3b3a7f8207ac7c9a78.safeframe.googlesyndication.com
URL: https://cf946a16b6dc5b3b3a7f8207ac7c9a78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 27 Dec 2021 01:26:30 GMT
x-content-type-options: nosniff
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F0773C369512422CA412DB672A018B81&google_push=AYg5qPLi3P-FkLvREgNf5B7JINUbrZXRx_0OoqriM8tM8SIIhW9hFHfhHW62H-72SL-YVvaI7OiMrBST3U7MjuMgjw8ft5b_j1gW
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Sun, 26 Dec 2021 01:26:30 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 02C1
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEGOq8GlSEC6FJNSsRzKelmA&google_cver=1&google_push=AYg5qPJl7z0oaJQ0STFsazbD3O4JxDIwP4SVpetq1PiN_WFOhq7-ViZpiV7Gp46CaBIHapB1Kxkbt9MC6V82LsEe...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=TOUJlC4QQNu2eYNuEt1J2Q2&google_push=AYg5qPJl7z0oaJQ0STFsazbD3O4JxDIwP4SVpetq1PiN_WFOhq7-ViZpiV7Gp46CaBIHapB1Kxkbt9MC6V82LsEe5OAyYZVQLOOF

170 B
188 B

49ms
49ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=TOUJlC4QQNu2eYNuEt1J2Q2&google_push=AYg5qPJl7z0oaJQ0STFsazbD3O4JxDIwP4SVpetq1PiN_WFOhq7-ViZpiV7Gp46CaBIHapB1Kxkbt9MC6V82LsEe5OAyYZVQLOOF

Requested by

Host: cf946a16b6dc5b3b3a7f8207ac7c9a78.safeframe.googlesyndication.com
URL: https://cf946a16b6dc5b3b3a7f8207ac7c9a78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 27 Dec 2021 01:26:30 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.15.12
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=TOUJlC4QQNu2eYNuEt1J2Q2&google_push=AYg5qPJl7z0oaJQ0STFsazbD3O4JxDIwP4SVpetq1PiN_WFOhq7-ViZpiV7Gp46CaBIHapB1Kxkbt9MC6V82LsEe5OAyYZVQLOOF
x-host: tde-deliveryengine-production-584bdf445-wpt9j
alt-svc: clear
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 02C1
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEIfTMwEsUmAYOzDWaH38ssk&google_cver=1&google_push=AYg5qPKK4J3g23GBHFW0R28APV6XACt6XuBmPxe-o3SB1dTzxF1M2vW9R4rCbLjXWRLOROq28jUUcSVy_15jtmrAk...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEIfTMwEsUmAYOzDWaH38ssk&google_cver=1&google_push=AYg5qPKK4J3g23GBHFW0R28APV6XACt6XuBmPxe-o3SB1dTzxF1M2vW9R4rCbLjXWRLOROq28jUUcSVy_15jtmrAk...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPKK4J3g23GBHFW0R28APV6XACt6XuBmPxe-o3SB1dTzxF1M2vW9R4rCbLjXWRLOROq28jUUcSVy_15jtmrAkTmSKmEgXP7d&google_hm=93256ffb12fdf780af6aa9cd

170 B
188 B

50ms
49ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPKK4J3g23GBHFW0R28APV6XACt6XuBmPxe-o3SB1dTzxF1M2vW9R4rCbLjXWRLOROq28jUUcSVy_15jtmrAkTmSKmEgXP7d&google_hm=93256ffb12fdf780af6aa9cd

Requested by

Host: cf946a16b6dc5b3b3a7f8207ac7c9a78.safeframe.googlesyndication.com
URL: https://cf946a16b6dc5b3b3a7f8207ac7c9a78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 27 Dec 2021 01:26:30 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPKK4J3g23GBHFW0R28APV6XACt6XuBmPxe-o3SB1dTzxF1M2vW9R4rCbLjXWRLOROq28jUUcSVy_15jtmrAkTmSKmEgXP7d&google_hm=93256ffb12fdf780af6aa9cd
Access-Control-Allow-Credentials: true
Connection: close
X-Sovrn-Pod: ad_ap4ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET

pixel
cm.g.doubleclick.net/ Frame 02C1
Redirect Chain

https://onetag-sys.com/sync/i,19/?google_gid=CAESENpoePLpgN5by0it2xl7NdU&google_cver=1&google_push=AYg5qPLROo30Xf8L0Rxf_SJaQEhCmLu-35nCIHSZhAyPbNVhpcHyJhCR9-eGV90VhQ4aDSwUK_9dWHbnGi8dojPlyJRxTW7OX4Q
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLROo30Xf8L0Rxf_SJaQEhCmLu-35nCIHSZhAyPbNVhpcHyJhCR9-eGV90VhQ4aDSwUK_9dWHbnGi8dojPlyJRxTW7OX4Q
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLROo30Xf8L0Rxf_SJaQEhCmLu-35nCIHSZhAyPbNVhpcHyJhCR9-eGV90VhQ4aDSwUK_9dWHbnGi8dojPlyJRxTW7OX4Q
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLROo30Xf8L0Rxf_SJaQEhCmLu-35nCIHSZhAyPbNVhpcHyJhCR9-eGV90VhQ4aDSwUK_9dWHbnGi8dojPlyJRxTW7OX4Q
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLROo30Xf8L0Rxf_SJaQEhCmLu-35nCIHSZhAyPbNVhpcHyJhCR9-eGV90VhQ4aDSwUK_9dWHbnGi8dojPlyJRxTW7OX4Q
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLROo30Xf8L0Rxf_SJaQEhCmLu-35nCIHSZhAyPbNVhpcHyJhCR9-eGV90VhQ4aDSwUK_9dWHbnGi8dojPlyJRxTW7OX4Q
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLROo30Xf8L0Rxf_SJaQEhCmLu-35nCIHSZhAyPbNVhpcHyJhCR9-eGV90VhQ4aDSwUK_9dWHbnGi8dojPlyJRxTW7OX4Q
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLROo30Xf8L0Rxf_SJaQEhCmLu-35nCIHSZhAyPbNVhpcHyJhCR9-eGV90VhQ4aDSwUK_9dWHbnGi8dojPlyJRxTW7OX4Q
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLROo30Xf8L0Rxf_SJaQEhCmLu-35nCIHSZhAyPbNVhpcHyJhCR9-eGV90VhQ4aDSwUK_9dWHbnGi8dojPlyJRxTW7OX4Q
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLROo30Xf8L0Rxf_SJaQEhCmLu-35nCIHSZhAyPbNVhpcHyJhCR9-eGV90VhQ4aDSwUK_9dWHbnGi8dojPlyJRxTW7OX4Q
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLROo30Xf8L0Rxf_SJaQEhCmLu-35nCIHSZhAyPbNVhpcHyJhCR9-eGV90VhQ4aDSwUK_9dWHbnGi8dojPlyJRxTW7OX4Q
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLROo30Xf8L0Rxf_SJaQEhCmLu-35nCIHSZhAyPbNVhpcHyJhCR9-eGV90VhQ4aDSwUK_9dWHbnGi8dojPlyJRxTW7OX4Q
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLROo30Xf8L0Rxf_SJaQEhCmLu-35nCIHSZhAyPbNVhpcHyJhCR9-eGV90VhQ4aDSwUK_9dWHbnGi8dojPlyJRxTW7OX4Q
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLROo30Xf8L0Rxf_SJaQEhCmLu-35nCIHSZhAyPbNVhpcHyJhCR9-eGV90VhQ4aDSwUK_9dWHbnGi8dojPlyJRxTW7OX4Q
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLROo30Xf8L0Rxf_SJaQEhCmLu-35nCIHSZhAyPbNVhpcHyJhCR9-eGV90VhQ4aDSwUK_9dWHbnGi8dojPlyJRxTW7OX4Q
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLROo30Xf8L0Rxf_SJaQEhCmLu-35nCIHSZhAyPbNVhpcHyJhCR9-eGV90VhQ4aDSwUK_9dWHbnGi8dojPlyJRxTW7OX4Q
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLROo30Xf8L0Rxf_SJaQEhCmLu-35nCIHSZhAyPbNVhpcHyJhCR9-eGV90VhQ4aDSwUK_9dWHbnGi8dojPlyJRxTW7OX4Q
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLROo30Xf8L0Rxf_SJaQEhCmLu-35nCIHSZhAyPbNVhpcHyJhCR9-eGV90VhQ4aDSwUK_9dWHbnGi8dojPlyJRxTW7OX4Q
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLROo30Xf8L0Rxf_SJaQEhCmLu-35nCIHSZhAyPbNVhpcHyJhCR9-eGV90VhQ4aDSwUK_9dWHbnGi8dojPlyJRxTW7OX4Q
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLROo30Xf8L0Rxf_SJaQEhCmLu-35nCIHSZhAyPbNVhpcHyJhCR9-eGV90VhQ4aDSwUK_9dWHbnGi8dojPlyJRxTW7OX4Q
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLROo30Xf8L0Rxf_SJaQEhCmLu-35nCIHSZhAyPbNVhpcHyJhCR9-eGV90VhQ4aDSwUK_9dWHbnGi8dojPlyJRxTW7OX4Q

0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 02C1
Redirect Chain

https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEBC5bVmaLKDZylbR2aXGrrQ&google_cver=1&google_push=AYg5qPKDG81knL4lVTtdUjxiZyVcAszkhwure5WDoCRbbA0g-LT4jcEF...
https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEBC5bVmaLKDZylbR2aXGrrQ&google_cver=1&google_push=AYg5qPKDG81knL4lVTtdUjxiZyVcAszkhwure5WDoCRbbA0g-LT4jc...
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVAwNDcxZGM5NC02NmI0LTExZWMtYTgyZC0wMjAzMzE0ZWYwOTQ%3D&google_push=AYg5qPKDG81knL4lVTtdUjxiZyVcAszkhwure5WDoCRbbA0g-LT4jcEFqgjFtXeCKj...

170 B
188 B

55ms
55ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVAwNDcxZGM5NC02NmI0LTExZWMtYTgyZC0wMjAzMzE0ZWYwOTQ%3D&google_push=AYg5qPKDG81knL4lVTtdUjxiZyVcAszkhwure5WDoCRbbA0g-LT4jcEFqgjFtXeCKjZoHqoAhihnc_p-SHVmpKfjBht7UN5I2XfW_w

Requested by

Host: cf946a16b6dc5b3b3a7f8207ac7c9a78.safeframe.googlesyndication.com
URL: https://cf946a16b6dc5b3b3a7f8207ac7c9a78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVAwNDcxZGM5NC02NmI0LTExZWMtYTgyZC0wMjAzMzE0ZWYwOTQ%3D&google_push=AYg5qPKDG81knL4lVTtdUjxiZyVcAszkhwure5WDoCRbbA0g-LT4jcEFqgjFtXeCKjZoHqoAhihnc_p-SHVmpKfjBht7UN5I2XfW_w
date: Mon, 27 Dec 2021 01:26:30 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 02C1 0
12 B 50ms
49ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IvFcCF4NhooipbQJhjOWOUbx0gU2jDcCA2u5-kT8kh-eyxZvJFbjCjGpDSgHIqWW5D0a_5ew

Requested by

Host: cf946a16b6dc5b3b3a7f8207ac7c9a78.safeframe.googlesyndication.com
URL: https://cf946a16b6dc5b3b3a7f8207ac7c9a78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:30 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 208E 0
20 B 74ms
74ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BGVgtRhbJYZbaC9H43gP8xKWADwAAAAA4AeAEAg&bg=!JSalJmLNAAZKWFskSlg7ACkAdvg8WlaFVzkd52L5g7zbQEArnmiIKamv8a5KQ1WxfR40UKEIS8j50AIAAABfUgAAAA9oAQeZAwJE0oGiS8C9vSIQxK5T4mqYsz_A9QAXuiTTauQkL753bv24b3Vb3lsqK0qU-g9yUdwz5MruKmBI2Xd0fx27gj9pdu3llRzDM0oELW6x5TR58ry9DsIRUJr0E1bh1bh0IopVsrPt2c2v_UNw60drwHKp1O_oGCTCvXG_naJSO2T7jmHcxVpak3Jxnh7XJtUkOk1y2-aI_K7OxxAOL1mgeVNWWTQtMksAzk16XIHL7P_sd42DZqvCZ-ch7KpFVzibyGTspXnQuhdW_q3kOwJF128k8ea2pDDK02klt2zEGc3GT7Ae1j7Y92LVHUsKPMjQVQkRxOrrrp1MzbQyAhAdfwAgpBs6BqpQ10tIEIojVxQQuQw3S7ktxmeCTfoYp2s35uIHlH8bxRHP8englk0i2iHUodW44LmmOJrZMKTZad3jPEbScC_g2aNMSnx1Edhrl_bFY9wFEWGvw0X5GwQTe59h-vzCIlIgaMgiM3D1slgQrbb8xZl8xMRIyhJHMXnoij-oRwIshOs9DDgsqFz_IBjOCZ2ImtVZk4-aTOEeRQPa16A_aDj0K8YfhEovlaYEjVLA8gZh9VVMpFJlm9ZrSjuuX43Ecu6NyGEWhPAlmRQIy7YvxWBWiXNlKvzxRcKOQ6FJmp5R_nI5s-FYeuDe_kqxYPq4huDSFey015EdZ_efnCK2K2GXLkIhIYIOlUZ53kfodWwX97o_pNqwzJ-993haqjKJv3SgRZ4igoSifHMUWE1PpVfmO19cZ2S_moFtAhEm2AgriPd-waiI5VN3yF7bey06ClOKZqvN23-qxzH13gMFOLhcoMnqteQ4Q_ceGBthwEJX5-bYZHXkgGidd9IuWu_Fj-hLTFHxqu1z4MR7_FHQ0Hl80ncI_gxKZn0WqShQFJSvPEGzEQ4DNQLy7_2ts7LI9Ohzq40W5av5he5hu75HFFbvXqtwNnA1AqkumJhYOZYR26BeH4VKIkndOSDzVtCW-ytWywNfHs-ObjO5xA-nXFEiyo2MK9UhAwb6NyIwJg

Requested by

Host: cf946a16b6dc5b3b3a7f8207ac7c9a78.safeframe.googlesyndication.com
URL: https://cf946a16b6dc5b3b3a7f8207ac7c9a78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame 886D 35 B
478 B 23ms
22ms Ping
image/gif 37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=51990297&csi=RD6jL0xlwnUnDmDUwIguz9ZVgfTbcrxN9kimuRGMDckJDwKV3Zer3CHs6_G4l2s8IE1Uum4fwoOtjToFRwcEe96vWmW1dlSa0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://hal900021.redintelligence.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:30 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://hal900021.redintelligence.net
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame BFB2 0
0 75ms
74ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst9e1Ro77ZgFW9A6Oj631o4p9WE8jlOZ1h0xWTrKDgWU4wbvFOpMjKSb_vtIbi3HNXiCnXCowg7ckR1SexBWQ03T0cUH_gFeqYSYJk8MMAeG7fvLZN1DdPoAtPkYTv987hdNCWT_5OBQjVdkt2WA0FEyqdJPND3v-uTKa3cTqbzlWWcS32_Isp45ZjSG_jBq44q-J-fuoiwYSMrfQx6fjKQ0HXdvM7Q63hi1sn63DLdDJQt1jDu1c5V7GasJ131xHceG-3pi6unMqGObLg_lwlQkCZdXBFBl14ouSzT4V_4hB0Uwhbx46qRbn50IVN5ogX00DxaqS3BWQK-JnrkAQ&sai=AMfl-YSJU7CQ3cmV0xaR29rgs4pqqe2CTiK8C--4OjqBoXzLRxuMNjmwLrjUWYcezJTEv6re-kqCi6ufuIL4j_70pUDhsVQZYz__yHMH95xL-b2plTS-1Rr--3vfeCRY4EDY&sig=Cg0ArKJSzFyg43oudDBZEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Dec 2021 01:26:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 27 Dec 2021 01:26:30 GMT

GET
H2 200 10664486.js Show response
s1.adform.net/Banners/Elements/Files/160090/10664486/ Frame B91D 3 KB
1 KB 22ms
22ms Script
application/x-javascript 37.157.2.248
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.adform.net/Banners/Elements/Files/160090/10664486/10664486.js?ADFassetID=10664486&bv=258

Requested by

Host: www.urbandictionary.com
URL: https://www.urbandictionary.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

11f4d896d828c6a497b25b5c6bb3eff64e6fb9de8a60c4f2bf1f3739ffc16118

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:30 GMT
content-encoding: gzip
last-modified: Mon, 13 Dec 2021 09:09:38 GMT
server: nginx
etag: W/"61b70dd2-c74"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

GET
H2 200 screen.css
s1.adform.net/Banners/Elements/Files/160090/10664486/bvpath_258/ Frame B91D 1 KB
871 B 21ms
16ms Stylesheet
text/css 37.157.2.248
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.adform.net/Banners/Elements/Files/160090/10664486/bvpath_258/screen.css

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

0176ce1f70de495ed4e8f40af8b6263f104c6796b1c25af7d9a169955a8b9d5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:30 GMT
content-encoding: gzip
last-modified: Mon, 13 Dec 2021 09:09:38 GMT
server: nginx
etag: W/"61b70dd2-561"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: text/css

GET
H2 200 Adform.DHTML.js Show response
s1.adform.net/banners/scripts/rmb/ Frame B91D 30 KB
13 KB 24ms
18ms Script
application/x-javascript 37.157.2.248
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=626
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:30 GMT
content-encoding: gzip
last-modified: Fri, 14 May 2021 12:35:29 GMT
server: nginx
etag: W/"609e6e91-76d9"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

GET
H2 200 introfill.png
s1.adform.net/Banners/Elements/Files/160090/10664486/bvpath_258/ Frame B91D 117 B
413 B 23ms
18ms Image
image/png 37.157.2.248
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/160090/10664486/bvpath_258/introfill.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

9e9b34f0817548b428e128d5a7551fbc499d01fee0a12d016c323f65b9d4e2fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:30 GMT
last-modified: Mon, 13 Dec 2021 09:09:38 GMT
server: nginx
etag: "61b70dd2-75"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 117

GET
H2 200 stoerer.png
s1.adform.net/Banners/Elements/Files/160090/10664486/bvpath_258/ Frame B91D 4 KB
4 KB 23ms
18ms Image
image/png 37.157.2.248
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/160090/10664486/bvpath_258/stoerer.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

632dbf79906663d624f02e07c694aea26ea7af45d693cc1391dbbd679512e0f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:30 GMT
last-modified: Mon, 13 Dec 2021 09:09:41 GMT
server: nginx
etag: "61b70dd5-1011"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 4113

GET
H2 200 text1.png
s1.adform.net/Banners/Elements/Files/160090/10664486/bvpath_258/ Frame B91D 15 KB
15 KB 24ms
20ms Image
image/png 37.157.2.248
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/160090/10664486/bvpath_258/text1.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

40a0f5dd67c3872993adfee2988cbe160cad5c07631da96b4a5bc6ca7f4a2eea

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:30 GMT
last-modified: Mon, 13 Dec 2021 09:09:41 GMT
server: nginx
etag: "61b70dd5-3c68"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 15464

GET
H2 200 text2.png
s1.adform.net/Banners/Elements/Files/160090/10664486/bvpath_258/ Frame B91D 6 KB
6 KB 25ms
20ms Image
image/png 37.157.2.248
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/160090/10664486/bvpath_258/text2.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

73eb8d310f0e297aec595be28406cedaf20e9243b8ac5fdcabd3139450f5d53f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:30 GMT
last-modified: Mon, 13 Dec 2021 09:09:38 GMT
server: nginx
etag: "61b70dd2-16ea"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 5866

GET
H2 200 text3.png
s1.adform.net/Banners/Elements/Files/160090/10664486/bvpath_258/ Frame B91D 11 KB
11 KB 25ms
21ms Image
image/png 37.157.2.248
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/160090/10664486/bvpath_258/text3.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

597493b4a8767f74b1392b10e164426ffe9c11949b209bfecb3596a03ad00e09

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:30 GMT
last-modified: Mon, 13 Dec 2021 09:09:40 GMT
server: nginx
etag: "61b70dd4-2a2b"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 10795

GET
H2 200 disclaimer.png
s1.adform.net/Banners/Elements/Files/160090/10664486/bvpath_258/ Frame B91D 1 KB
1 KB 25ms
22ms Image
image/png 37.157.2.248
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/160090/10664486/bvpath_258/disclaimer.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

298a49884af0d3488fc30e1d88878c7dbe1c0a07d17f6d9d64a15f854cc6cd78

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:30 GMT
last-modified: Mon, 13 Dec 2021 09:09:40 GMT
server: nginx
etag: "61b70dd4-4cf"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 1231

GET
H2 200 date.png
s1.adform.net/Banners/Elements/Files/160090/10664486/bvpath_258/ Frame B91D 3 KB
3 KB 25ms
22ms Image
image/png 37.157.2.248
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/160090/10664486/bvpath_258/date.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

cfeff20b62259ddc3f161bc87acb595b9f565e7a5dcb94e97578d91260224210

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:30 GMT
last-modified: Mon, 13 Dec 2021 09:09:41 GMT
server: nginx
etag: "61b70dd5-aab"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 2731

GET
H2 200 cta.png
s1.adform.net/Banners/Elements/Files/160090/10664486/bvpath_258/ Frame B91D 3 KB
3 KB 33ms
30ms Image
image/png 37.157.2.248
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/160090/10664486/bvpath_258/cta.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

deee94b6bae2b88ae952755415c0bb34a56c29c0da375ce2090ab880ac8df973

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:30 GMT
last-modified: Mon, 13 Dec 2021 09:09:40 GMT
server: nginx
etag: "61b70dd4-a25"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 2597

GET
H2 200 logostart.png
s1.adform.net/Banners/Elements/Files/160090/10664486/bvpath_258/ Frame B91D 4 KB
4 KB 33ms
30ms Image
image/png 37.157.2.248
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/160090/10664486/bvpath_258/logostart.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8801fd6b018fa8b0c6fa01c0e7838c184b64df6557c97baeb0d9041bdf657083

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:30 GMT
last-modified: Mon, 13 Dec 2021 09:09:38 GMT
server: nginx
etag: "61b70dd2-ea3"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 3747

GET
H2 200 logo.png
s1.adform.net/Banners/Elements/Files/160090/10664486/bvpath_258/ Frame B91D 4 KB
4 KB 35ms
32ms Image
image/png 37.157.2.248
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/160090/10664486/bvpath_258/logo.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

d0a0a94ad4f9c90d139c619d2d4db0ee85d63b39d7c856f127d432467b7b365d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:30 GMT
last-modified: Mon, 13 Dec 2021 09:09:41 GMT
server: nginx
etag: "61b70dd5-ea5"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 3749

GET
H2 200 background.jpg
s1.adform.net/Banners/Elements/Files/160090/10664486/bvpath_258/ Frame B91D 5 KB
5 KB 35ms
32ms Image
image/jpeg 37.157.2.248
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/160090/10664486/bvpath_258/background.jpg

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

041743565ed84cfbe2769b21e6498731b3c05678cb51ed8cc8cee208e5f907de

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:30 GMT
last-modified: Mon, 13 Dec 2021 09:09:40 GMT
server: nginx
etag: "61b70dd4-14aa"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/jpeg
content-length: 5290

GET
H2 200 CSSPlugin.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/plugins/ Frame B91D 38 KB
14 KB 33ms
14ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/plugins/CSSPlugin.min.js

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cbf2228ab439f89b83feb79ea549213521a81212fde9ff67f9c73d002d586198

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2958968
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 13669
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e71-9833"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4z1hzq5IyxHqBNm7a7Qo7PApghGzk2g4%2F8964gE%2FifxljupxF%2FA2K5Z38ZBJFiasSgfd1gLY59g6plRMS2ynIVFPV0ejw1THSCRuUaFpVPQI9%2B3PAMHvWApfNBHZSA096wIhV8h774uFQnQHW0ul61ZB"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6c3ec2d97bd2177e-FRA
expires: Sat, 17 Dec 2022 01:26:30 GMT

GET
H2 200 EasePack.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/easing/ Frame B91D 5 KB
2 KB 35ms
16ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/easing/EasePack.min.js

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37bc930c63149650677d732eea9526432bd8494c55737f45c98e7f8ad7c1e7ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 519152
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1730
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e71-146f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t9M78XWTx38iMH0Ubuttu8dbq2WhN%2BosWOvj5ow5nihlf37CXEt%2F9CCIaIqELxQztJnqr%2BMKc1SOIi2TJeLgGjv0KYojeC8ev8RKEvv3ed7SBnVelQ2S%2BMHuvRGP%2F6AFMny0qVLXWexfO7BEwa%2BtofQ9"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6c3ec2d97bd3177e-FRA
expires: Sat, 17 Dec 2022 01:26:30 GMT

GET
H2 200 TweenLite.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/ Frame B91D 26 KB
9 KB 36ms
17ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/TweenLite.min.js

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e5b4dd28e58e76dbe83eb2b357fdad7e54b85a9def9bf953063d5970a91ee6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4164775
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 8578
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e71-697f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k1flab7zdzV5m18Ic7EuhF%2FIaGsdmS5pySCRT%2FD%2FOj43YlIwX8GMZJwGz%2BsPhyVTx3tl4QPIysIRttn6QylTHucSlynWhpJuokhn0%2B6rrIQkwOjlB5F5BjLA0kAdpgsdeNNX0VF70Jk8p8WxY1YedIEk"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6c3ec2d97bd4177e-FRA
expires: Sat, 17 Dec 2022 01:26:30 GMT

GET
H2 200 script.js Show response
s1.adform.net/Banners/Elements/Files/160090/10664486/bvpath_258/ Frame B91D 8 KB
1 KB 23ms
21ms Script
application/x-javascript 37.157.2.248
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.adform.net/Banners/Elements/Files/160090/10664486/bvpath_258/script.js

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

2ea38f80cb6b2d993ea70538532bb5cd116038229cd2f91ec3a038bd2efd92ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:30 GMT
content-encoding: gzip
last-modified: Mon, 13 Dec 2021 09:09:41 GMT
server: nginx
etag: W/"61b70dd5-205d"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

GET
H/1.1 200
OK request_content.php Show response
hal900027.redintelligence.net/ Frame E41C 4 KB
2 KB 36ms
12ms Document
text/html 78.46.111.106
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900027.redintelligence.net/request_content.php?s=25895100015161403891620011821027&a=54fbe38f
Requested by: Host: hal900027.redintelligence.net
URL: https://hal900027.redintelligence.net/request.php?zone=s013g5sbr739&nw=20&renderingType=javascript&namespace=c6d4b05393&subid=&uid=0d15e349801bac13&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Ass6&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D471711672728167935%26mt_id%3D9690033%26mt_adid%3D215543%26mt_sid%3D9955993%26mt_exid%3D62%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dd07061c9-1645-4a00-b232-e2ae32532fe8%26mt_cid%3Dd07061c9-1645-4a00-b232-e2ae32532fe8%26redirect%3D&documentReferer=https%3A%2F%2Fwww.urbandictionary.com%2F&ancestorOrigins=https%3A%2F%2Fwww.urbandictionary.com%2Chttps%3A%2F%2Fwww.urbandictionary.com&random=6905593376757&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.111.106 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.106.111.46.78.clients.your-server.de
Software: Apache /
Resource Hash: 55aee3023dfde97304bc75d49ec863cdaac91659665d1ac08daed95e29d59afa

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/

Response headers

Date: Mon, 27 Dec 2021 01:26:30 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Mon, 27 Dec 2021 01:26:30 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1432
Connection: close
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK iframe Show response
sync.mathtag.com/sync/ Frame 0D4C 629 B
748 B 21ms
20ms Document
text/html 185.29.134.244
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.mathtag.com/sync/iframe?mt_uuid=d07061c9-1645-4a00-b232-e2ae32532fe8&no_iframe=1&mt_lim=2&type=1,2&source=bidder
Requested by: Host: sync.mathtag.com
URL: https://sync.mathtag.com/sync/js?sync=auto&source=bidder&mt_lim=2&type=1,2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.244 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MT3 4133 baa842e master cdg-pixel-x30 config:1.0.0 /
Resource Hash: 048675b5bae1d7dada511b7b02c60f3fb7a02e891a3931ab3afe3ab36033ca6f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/

Response headers

Date: Mon, 27 Dec 2021 01:26:30 GMT
Content-Type: text/html
Connection: close
Access-Control-Allow-Origin: *
Server: MT3 4133 baa842e master cdg-pixel-x30 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Expires: Mon, 27 Dec 2021 01:26:29 GMT
Content-Encoding: gzip

GET
H/1.1 200
OK img
sync.mathtag.com/misc/ Frame F67A 43 B
550 B 48ms
16ms Image
image/gif 185.29.134.244
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by: Host: sync.mathtag.com
URL: https://sync.mathtag.com/sync/js?sync=auto&source=bidder&mt_lim=2&type=1,2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.244 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MT3 4133 baa842e master cdg-pixel-x10 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 27 Dec 2021 01:26:30 GMT
Server: MT3 4133 baa842e master cdg-pixel-x10 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 43
Expires: Mon, 27 Dec 2021 01:26:29 GMT

GET
H/1.1 200
OK viewability Show response
hal900017.redintelligence.net/ Frame 501F 0
150 B 34ms
12ms Script
text/html 159.69.70.9
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900017.redintelligence.net/viewability?s=47735300012161100710592011821017&a=4e1583e5&vb=m
Requested by: Host: hal900017.redintelligence.net
URL: https://hal900017.redintelligence.net/request_content.php?s=47735300012161100710592011821017&a=c6f725af
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.70.9 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.9.70.69.159.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900017.redintelligence.net/request_content.php?s=47735300012161100710592011821017&a=c6f725af
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 27 Dec 2021 01:26:30 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v18/ Frame 501F 13 KB
13 KB 86ms
40ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v18/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72dbd696f7961daf9049faacc868865d959f3d126f40d5271f48d5d9a0ccc652

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900017.redintelligence.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 21:39:33 GMT
x-content-type-options: nosniff
age: 532017
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13072
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 18:17:36 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 20 Dec 2022 21:39:33 GMT

GET
H3 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v18/ Frame 501F 13 KB
13 KB 89ms
43ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v18/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

428f1eb7935944229430ac0fdce0033f05d9b8c1c020b87c681dd7a78ab4dd19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900017.redintelligence.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 14:56:27 GMT
x-content-type-options: nosniff
age: 383403
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13080
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 18:10:26 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 22 Dec 2022 14:56:27 GMT

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame E41C 764 B
873 B 20ms
19ms Script
text/javascript 37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=51990291;gdpr=0;gdpr_consent=;click=https%3A%2F%2Fhal900027.redintelligence.net%2Fc%2Fpall1taks6u0rf6%3Ftprde%3D

Requested by

Host: hal900027.redintelligence.net
URL: https://hal900027.redintelligence.net/request_content.php?s=25895100015161403891620011821027&a=54fbe38f

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

b7bcbe4eeca65d8f0b8de5ca42f38800fe21202fa3387e69ce319b5ccee750ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900027.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:30 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 559
expires: -1

GET
H/1.1 200
OK img
sync.mathtag.com/misc/ Frame 0D4C 43 B
550 B 18ms
17ms Image
image/gif 185.29.134.244
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by: Host: sync.mathtag.com
URL: https://sync.mathtag.com/sync/iframe?mt_uuid=d07061c9-1645-4a00-b232-e2ae32532fe8&no_iframe=1&mt_lim=2&type=1,2&source=bidder
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.244 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MT3 4133 baa842e master cdg-pixel-x27 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.mathtag.com/sync/iframe?mt_uuid=d07061c9-1645-4a00-b232-e2ae32532fe8&no_iframe=1&mt_lim=2&type=1,2&source=bidder
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 27 Dec 2021 01:26:30 GMT
Server: MT3 4133 baa842e master cdg-pixel-x27 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 43
Expires: Mon, 27 Dec 2021 01:26:29 GMT

GET
H/1.1 200
OK viewability Show response
hal900027.redintelligence.net/ Frame E41C 0
150 B 35ms
12ms Script
text/html 78.46.111.106
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900027.redintelligence.net/viewability?s=25895100015161403891620011821027&a=2159d010&vb=m
Requested by: Host: hal900027.redintelligence.net
URL: https://hal900027.redintelligence.net/request_content.php?s=25895100015161403891620011821027&a=54fbe38f
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.111.106 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.106.111.46.78.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900027.redintelligence.net/request_content.php?s=25895100015161403891620011821027&a=54fbe38f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 27 Dec 2021 01:26:30 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame E41C 33 KB
16 KB 20ms
20ms Script
text/javascript 37.157.2.248
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=51990291;gdpr=0;gdpr_consent=;click=https%3A%2F%2Fhal900027.redintelligence.net%2Fc%2Fpall1taks6u0rf6%3Ftprde%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 30d2143e5e0ad4af94bf25a55ea17ac1451f5f8b91ff96dc4a32b4791aaeeab8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900027.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:30 GMT
content-encoding: gzip
last-modified: Wed, 01 Dec 2021 14:23:05 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Tue, 28 Dec 2021 04:19:39 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame C341 51 KB
51 KB 47ms
9ms Script
application/javascript 143.204.209.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3392345&wgcampaignid=99582&viewref=47735300012161100710592011821017&js=1&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.209.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-94.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cf946a16b6dc5b3b3a7f8207ac7c9a78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: wvDglZsFnxZ0eZ1mUErJkFMo1VNidWYJ
via: 1.1 1cc446ef4692d8e752b16c07f2f58a59.cloudfront.net (CloudFront)
last-modified: Tue, 09 Nov 2021 11:05:10 GMT
server: AmazonS3
age: 138986
etag: "ec0ced40cbb5211db06b8a36f209e442"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Sun, 26 Dec 2021 04:28:23 GMT
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 51794
x-amz-cf-id: SeBYit57sBjlobv780a0HNuBAJTiQ4otopc0L-oOXvOPF3PrD53l6g==

GET
H/1.1 200
OK link.html
track.webgains.com/ Frame C341 160 B
618 B 85ms
31ms Image
image/jpeg 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgcampaignid=99582&viewref=55808700016226400710776011821024&wglinkid=3392345
Requested by: Host: cf946a16b6dc5b3b3a7f8207ac7c9a78.safeframe.googlesyndication.com
URL: https://cf946a16b6dc5b3b3a7f8207ac7c9a78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 6b71d2bd27010cbb01e505314423d9c903230bf4182019eb1ca8016bd2b624a0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cf946a16b6dc5b3b3a7f8207ac7c9a78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Dec 2021 01:26:30 GMT
Last-Modified: Mon, 27 Dec 2021 01:26:30 GMT
Server: Apache
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/jpeg
Content-Length: 160
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame E41C 4 KB
2 KB 21ms
20ms Script
text/javascript 37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?bn=51990291;gdpr=0;gdpr_consent=;click=https%3A%2F%2Fhal900027.redintelligence.net%2Fc%2Fpall1taks6u0rf6%3Ftprde%3D;js=1;adfxid=1x;1376;set=en-US|en-US|1600X1200|0|350|300|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fwww.urbandictionary.com

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

9799371c6c23216b2db8bdd20c40dd17518a4987169b0e997753b33563c2cc34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900027.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:30 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 2026
expires: -1

GET
DATA 200
OK truncated
/ Frame E41C 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 Standard Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/ Frame E41C 90 KB
39 KB 21ms
21ms Script
text/javascript 37.157.2.248
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 81ec37f2f154f27cfde29aa4ea92e319fde0efec6444e6d053b76eb12828afc7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900027.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:30 GMT
content-encoding: gzip
last-modified: Wed, 01 Dec 2021 14:23:05 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Tue, 28 Dec 2021 04:20:01 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame E41C 35 B
478 B 20ms
20ms Ping
image/gif 37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=51990291&csi=MehC6QcUBwlzu5uxdrWTdicP_QCPpFIu9kimuRGMDckJDwKV3Zer3CHs6_G4l2s8ropfMOBlu07fLEpc3Pdwjd6vWmW1dlSa0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://hal900027.redintelligence.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:30 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://hal900027.redintelligence.net
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 10664485.js Show response
s1.adform.net/Banners/Elements/Files/160090/10664485/ Frame FF48 3 KB
1 KB 18ms
18ms Script
application/x-javascript 37.157.2.248
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.adform.net/Banners/Elements/Files/160090/10664485/10664485.js?ADFassetID=10664485&bv=258

Requested by

Host: www.urbandictionary.com
URL: https://www.urbandictionary.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

cf89425da46ed27924fc942d16912642c30c8aa09fd1c45980edd049491aedb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900027.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:30 GMT
content-encoding: gzip
last-modified: Mon, 13 Dec 2021 09:09:39 GMT
server: nginx
etag: W/"61b70dd3-c8a"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

GET
H2 200 screen.css
s1.adform.net/Banners/Elements/Files/160090/10664485/bvpath_258/ Frame FF48 1 KB
886 B 19ms
18ms Stylesheet
text/css 37.157.2.248
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.adform.net/Banners/Elements/Files/160090/10664485/bvpath_258/screen.css

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

24df5dd16a5c35013e04387d68e88f912f5d4d2195c02e4f39a204868464f313

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900027.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:30 GMT
content-encoding: gzip
last-modified: Mon, 13 Dec 2021 09:09:37 GMT
server: nginx
etag: W/"61b70dd1-567"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: text/css

GET
H2 200 Adform.DHTML.js Show response
s1.adform.net/banners/scripts/rmb/ Frame FF48 30 KB
13 KB 20ms
19ms Script
application/x-javascript 37.157.2.248
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=626
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900027.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:30 GMT
content-encoding: gzip
last-modified: Fri, 14 May 2021 12:35:29 GMT
server: nginx
etag: W/"609e6e91-76d9"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

GET
H2 200 introfill.png
s1.adform.net/Banners/Elements/Files/160090/10664485/bvpath_258/ Frame FF48 117 B
413 B 21ms
20ms Image
image/png 37.157.2.248
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/160090/10664485/bvpath_258/introfill.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

9e9b34f0817548b428e128d5a7551fbc499d01fee0a12d016c323f65b9d4e2fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900027.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:30 GMT
last-modified: Mon, 13 Dec 2021 09:09:40 GMT
server: nginx
etag: "61b70dd4-75"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 117

GET
H2 200 stoerer.png
s1.adform.net/Banners/Elements/Files/160090/10664485/bvpath_258/ Frame FF48 12 KB
12 KB 21ms
20ms Image
image/png 37.157.2.248
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/160090/10664485/bvpath_258/stoerer.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e5595db09650405bd6fe4cd28e4433abbbd694d6faa84292c353930bdad1a4d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900027.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:30 GMT
last-modified: Mon, 13 Dec 2021 09:09:37 GMT
server: nginx
etag: "61b70dd1-2e15"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 11797

GET
H2 200 text1.png
s1.adform.net/Banners/Elements/Files/160090/10664485/bvpath_258/ Frame FF48 11 KB
11 KB 22ms
21ms Image
image/png 37.157.2.248
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/160090/10664485/bvpath_258/text1.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e6bcb09b72fe4af0a7025a07592c4d798c853a0bc53443bbfaeeb58dbaee58bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900027.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:30 GMT
last-modified: Mon, 13 Dec 2021 09:09:40 GMT
server: nginx
etag: "61b70dd4-2b14"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 11028

GET
H2 200 banderole.png
s1.adform.net/Banners/Elements/Files/160090/10664485/bvpath_258/ Frame FF48 11 KB
11 KB 23ms
21ms Image
image/png 37.157.2.248
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/160090/10664485/bvpath_258/banderole.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

06731437b93851a20c28a961aa9c1d2f5af314103be71640f74d89fac90d8e6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900027.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:30 GMT
last-modified: Mon, 13 Dec 2021 09:09:39 GMT
server: nginx
etag: "61b70dd3-2b56"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 11094

GET
H2 200 disclaimer.png
s1.adform.net/Banners/Elements/Files/160090/10664485/bvpath_258/ Frame FF48 4 KB
4 KB 23ms
22ms Image
image/png 37.157.2.248
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/160090/10664485/bvpath_258/disclaimer.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

339b062715f0fa93bd4509bbd3c7ee6ebb3ce63ef1140c0dbf3aa8935b7aaf7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900027.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:30 GMT
last-modified: Mon, 13 Dec 2021 09:09:37 GMT
server: nginx
etag: "61b70dd1-fe3"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 4067

GET
H2 200 date.png
s1.adform.net/Banners/Elements/Files/160090/10664485/bvpath_258/ Frame FF48 2 KB
3 KB 23ms
22ms Image
image/png 37.157.2.248
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/160090/10664485/bvpath_258/date.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

49a86c59b86563d06a25ecdf34ff617c6b8dff04a81798418d9dc02c77c51314

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900027.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:30 GMT
last-modified: Mon, 13 Dec 2021 09:09:39 GMT
server: nginx
etag: "61b70dd3-91f"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 2335

GET
H2 200 cta.png
s1.adform.net/Banners/Elements/Files/160090/10664485/bvpath_258/ Frame FF48 2 KB
2 KB 23ms
22ms Image
image/png 37.157.2.248
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/160090/10664485/bvpath_258/cta.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

1bda28610742ab75071b05da88f5c6f2366f25085ff90c4d771b3e7814973198

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900027.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:30 GMT
last-modified: Mon, 13 Dec 2021 09:09:40 GMT
server: nginx
etag: "61b70dd4-7ef"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 2031

GET
H2 200 logostart.png
s1.adform.net/Banners/Elements/Files/160090/10664485/bvpath_258/ Frame FF48 7 KB
7 KB 23ms
23ms Image
image/png 37.157.2.248
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/160090/10664485/bvpath_258/logostart.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

411c5cad0d24027c726e52a3903531a2c8348c845e6552932c7698e997a81405

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900027.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:30 GMT
last-modified: Mon, 13 Dec 2021 09:09:37 GMT
server: nginx
etag: "61b70dd1-1a64"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 6756

GET
H2 200 logo.png
s1.adform.net/Banners/Elements/Files/160090/10664485/bvpath_258/ Frame FF48 4 KB
4 KB 23ms
21ms Image
image/png 37.157.2.248
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/160090/10664485/bvpath_258/logo.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

77b3b2c53216ee57263fe847e0bd6f28ae2577a25c2ae00ab470dc164c769096

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900027.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:30 GMT
last-modified: Mon, 13 Dec 2021 09:09:39 GMT
server: nginx
etag: "61b70dd3-108f"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 4239

GET
H2 200 model.jpg
s1.adform.net/Banners/Elements/Files/160090/10664485/bvpath_258/ Frame FF48 36 KB
36 KB 24ms
23ms Image
image/jpeg 37.157.2.248
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/160090/10664485/bvpath_258/model.jpg

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

46fc99f79ddbf8ae97a2d6d4c95d0d9992abfb8caa993efbfddab0cee7a65f08

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900027.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:30 GMT
last-modified: Mon, 13 Dec 2021 09:09:40 GMT
server: nginx
etag: "61b70dd4-8e9b"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/jpeg
content-length: 36507

GET
H2 200 background.jpg
s1.adform.net/Banners/Elements/Files/160090/10664485/bvpath_258/ Frame FF48 10 KB
10 KB 28ms
27ms Image
image/jpeg 37.157.2.248
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/160090/10664485/bvpath_258/background.jpg

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

a7e55552dd1b8c30e6a33515512cda29a22a628d75d6445e6647f6a9124aac2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900027.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:30 GMT
last-modified: Mon, 13 Dec 2021 09:09:39 GMT
server: nginx
etag: "61b70dd3-2755"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/jpeg
content-length: 10069

GET
H3 200 CSSPlugin.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/plugins/ Frame FF48 38 KB
14 KB 27ms
16ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/plugins/CSSPlugin.min.js

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cbf2228ab439f89b83feb79ea549213521a81212fde9ff67f9c73d002d586198

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900027.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2958968
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 13669
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e71-9833"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=46Z1ZuQJabdh%2FiDRZRgCPcUjPBD040KXg4JJBz8NLrLolxgj8U6PYUJxOsb8pQClD4HR4iInGpI8CwOcoP%2Fip67Hg8nTKqCRHQqOE3ZD8umfWQsBJGCEmFOsa0jbYuGuBRdFGhCnqGKD1CnNKpQDBh8e"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6c3ec2db5fbc8ba5-FRA
expires: Sat, 17 Dec 2022 01:26:30 GMT

GET
H3 200 EasePack.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/easing/ Frame FF48 5 KB
2 KB 35ms
24ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/easing/EasePack.min.js

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37bc930c63149650677d732eea9526432bd8494c55737f45c98e7f8ad7c1e7ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900027.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 519152
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1730
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e71-146f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sx7zcoUMOPWpZgqlkJr9TMNYmIfzjH9QU6nWE9AY1wtgg3EZa%2B7EhnoHOczxNRrSwUO0FKTBtx2kLXX9QXEE9cnGBGkZ%2BR7QtsXBp6m0JjdOzujhA6yn7r1USDC7wX7jsqbS6hU%2FmLS2F1uOECyMf9an"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6c3ec2db5fbb8ba5-FRA
expires: Sat, 17 Dec 2022 01:26:30 GMT

GET
H3 200 TweenLite.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/ Frame FF48 26 KB
9 KB 34ms
23ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/TweenLite.min.js

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e5b4dd28e58e76dbe83eb2b357fdad7e54b85a9def9bf953063d5970a91ee6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900027.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4164775
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 8578
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e71-697f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eOg19iqQjuzaET7rWhNAjKEgDS8s7%2FFojh22CVc2v5b2PESDLGf8AmE8ypVy%2Bfp8Bk5GG4mn8P12Tg%2FRL46e5hYldUqYWJlajy0GYSLViAVLS071MNR5gkuC4UjtPNT%2FWFYzelFdtjkZHScBWqwEf608"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6c3ec2db5fba8ba5-FRA
expires: Sat, 17 Dec 2022 01:26:30 GMT

GET
H2 200 script.js Show response
s1.adform.net/Banners/Elements/Files/160090/10664485/bvpath_258/ Frame FF48 7 KB
1 KB 22ms
22ms Script
application/x-javascript 37.157.2.248
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.adform.net/Banners/Elements/Files/160090/10664485/bvpath_258/script.js

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

333a73d1f3e666294912d87eae75efbaeebaa5f67b197a2fff9123c35532733d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900027.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:30 GMT
content-encoding: gzip
last-modified: Mon, 13 Dec 2021 09:09:37 GMT
server: nginx
etag: W/"61b70dd1-1c0e"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
127 B 15ms
14ms XHR
text/plain 185.64.189.226
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=156796
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156796/877/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://www.urbandictionary.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:30 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.urbandictionary.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
100 B 27ms
27ms XHR
text/plain 185.64.189.226
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=156796
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156796/877/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://www.urbandictionary.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:30 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.urbandictionary.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
100 B 28ms
27ms XHR
text/plain 185.64.189.226
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=156796
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156796/877/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://www.urbandictionary.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:30 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.urbandictionary.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
100 B 28ms
27ms XHR
text/plain 185.64.189.226
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=156796
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156796/877/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://www.urbandictionary.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:30 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.urbandictionary.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
100 B 28ms
28ms XHR
text/plain 185.64.189.226
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=156796
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156796/877/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://www.urbandictionary.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:30 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.urbandictionary.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

GET
H2 200 ev
eb2.3lift.com/ 37 B
139 B 8ms
8ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/ev?inv_code=UD_desktop_leaderboard&aid=108506165963685801330&rev=c0c4269&ss=12&bc=0.259&pr=%24%7BAUCTION_PRICE%7D&brid=49187&bmid=3690&biid=7265&bcud=259&sid=62334&ts=1640568388&caid=0&unid=0&cepos=0&ceid=0&cb=48622
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:31 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 ev
eb2.3lift.com/ 37 B
139 B 8ms
8ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/ev?inv_code=UD_300x250_ATF&aid=87716900272599027740&rev=c0c4269&ss=12&bc=0.259&pr=%24%7BAUCTION_PRICE%7D&brid=49187&bmid=3690&biid=7265&bcud=259&sid=62334&ts=1640568388&caid=0&unid=0&cepos=0&ceid=0&cb=50294
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:31 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame D678 0
260 B 65ms
15ms Script
text/plain 198.47.127.20
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=156796&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156796
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 01:26:30 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK viewability Show response
hal900021.redintelligence.net/ Frame 886D 0
150 B 35ms
12ms Script
text/html 144.76.238.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900021.redintelligence.net/viewability?s=15062700016109403891606011821021&a=18c9d1e0&vb=v
Requested by: Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request_content.php?s=15062700016109403891606011821021&a=3294d48a
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.238.55 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.55.238.76.144.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/request_content.php?s=15062700016109403891606011821021&a=3294d48a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 27 Dec 2021 01:26:31 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D5BF 0
0 75ms
75ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv9D_cCSae7Hbqd0fCTHExrFPCXJaW9PqYbfzmWcUwuNB1VyfUEzbmNS6XqEfwhjC9aBw-GUA6RQEyLUoWGvod_zqxmPVhLh7Di016Qbcadt_tnlRcvDztCURDb-QpfNndMMOLvhlK9wtMauNhXkJUuZgUr_FFxVe-Bmu0u6VJgxJ46kcK5ABPcrBn0BGgTlRW2UGATPfGucfQaubMAgIKWg2oKPRaUw7MW9rQ0pXHVduZ-z8YQb7oOW_DIWNHSN_DBTBcvNpiMD27YHEi7Ir09JXV8TFxtD6HhcZoEZjFF26mjeYJaUE212xEiQHApF5Qmv615n3Bk5oNHH-1_wu0&sai=AMfl-YReqj60sbJbDZxEB4X3EefDn3GDtraEkLccjTuViBV6NpWsIMcLwnLjwF24oRIQTlnHdKQ6vHLi5rgenScVEPN_bd7LFRak2ujPTnQn8kEJWdfX31l3E8rOesS3GmY&sig=Cg0ArKJSzIoxINiJE-iOEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Dec 2021 01:26:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 27 Dec 2021 01:26:31 GMT

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame C341 16 B
232 B 93ms
93ms Fetch
application/json 3.248.87.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.248.87.88 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-248-87-88.eu-west-1.compute.amazonaws.com

Software

nginx / PHP/7.4.25

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cf946a16b6dc5b3b3a7f8207ac7c9a78.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 27 Dec 2021 01:26:31 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.25
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 159ms
30ms Preflight 3.248.87.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.248.87.88 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-248-87-88.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://cf946a16b6dc5b3b3a7f8207ac7c9a78.safeframe.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 27 Dec 2021 01:26:31 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C341 42 B
64 B 122ms
75ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvBFdH_wWDGW9iSgxsEnNvq0BRsC_9uJdOnAZHxDoM2jEdT8_rerOkpHgb4-jAhEpoMO196VQS8fzYidU_xSbaonns6IlqqvJYew7Ex&sai=AMfl-YQxam7qd1k6FBkmdf6CWj4Rk1UF_PpC_9u-eO4ZZe9seuDgBb9J89s2g0ObsRoFTO8NOOz5e1dPw2CIrCdTXW2aDn6bKyqit1bCO3SrhejNw5KWNLRaHQbZd98&sig=Cg0ArKJSzDA6blSN8gPxEAE&cid=CAASEuRolIWys_dDHTE1ZmVMr0mpCA&id=lidar2&mcvt=1005&p=593,970,1193,1270&mtos=1005,1005,1005,1005,1005&tos=1005,0,0,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3618066576&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1640568389651&rpt=855&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cf946a16b6dc5b3b3a7f8207ac7c9a78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame BFB2 42 B
64 B 71ms
71ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv7hIt0FQlo_xsZXRdcvTpTo8w-YtcejouTMOzdlJ3b2OF8Ebeq8DyvIHxHTNJnTALFpWdwXtn_75XOWH077iJjVdqvNkcfedtxLWlFhK4CvkTUG3Ed&sig=Cg0ArKJSzH405k8bK436EAE&id=lidar2&mcvt=1000&p=146,436,236,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211202&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=4191665587&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1640568389242&rpt=1333&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK viewability Show response
hal900017.redintelligence.net/ Frame 501F 0
150 B 76ms
27ms Script
text/html 159.69.70.9
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900017.redintelligence.net/viewability?s=47735300012161100710592011821017&a=4e1583e5&vb=v
Requested by: Host: hal900017.redintelligence.net
URL: https://hal900017.redintelligence.net/request_content.php?s=47735300012161100710592011821017&a=c6f725af
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.70.9 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.9.70.69.159.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900017.redintelligence.net/request_content.php?s=47735300012161100710592011821017&a=c6f725af
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 27 Dec 2021 01:26:31 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK viewability Show response
hal900027.redintelligence.net/ Frame E41C 0
150 B 83ms
28ms Script
text/html 78.46.111.106
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900027.redintelligence.net/viewability?s=25895100015161403891620011821027&a=2159d010&vb=v
Requested by: Host: hal900027.redintelligence.net
URL: https://hal900027.redintelligence.net/request_content.php?s=25895100015161403891620011821027&a=54fbe38f
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.111.106 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.106.111.46.78.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900027.redintelligence.net/request_content.php?s=25895100015161403891620011821027&a=54fbe38f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 27 Dec 2021 01:26:31 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

POST
H2 200 /
track.adform.net/serving/unload/ Frame 886D 35 B
478 B 20ms
20ms Ping
image/gif 37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=5955457939755122757@@51990297,2895049327571998130,100|1200|0|0|0|0|0|0|0||41|1|||||1|0|0|eypPjaB-XQ7xBx_RTJEBJ_gqWB5fl8CsqGcK7UBMjC-89yyoNDomJom3nyX34Xgm0|||11||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://hal900021.redintelligence.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:32 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://hal900021.redintelligence.net
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame E41C 35 B
478 B 20ms
19ms Ping
image/gif 37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=5955457939755122757@@51990291,8556078649100090730,83|1200|0|0|0|0|0|0|0||49|1|||||1|0|0|PCC2ogsd-mfxBx_RTJEBJ_gqWB5fl8CsqGcK7UBMjC8tX54uKzs6eom3nyX34Xgm0|||11||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://hal900027.redintelligence.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:32 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://hal900027.redintelligence.net
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D5BF 42 B
64 B 73ms
73ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst40WBdpETEM8GTYPTTc6dqrdEL3ju44yUoczlTBrCz_UTsx_gdF-ipDU5e6SGi-k3UQ48xrT-Z5ocyhXpV9B904kz1ZwpRZtICXTooDGwKLf8ZBnli&sig=Cg0ArKJSzPtkxZLIqoxYEAE&id=lidar2&mcvt=1000&p=967,472,1247,808&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20211202&bin=7&avms=nio&bs=1600,1200&mc=0.83&app=0&itpl=19&adk=1214588104&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1640568389277&rpt=2204&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 /
track.adform.net/serving/unload/ Frame E02B 35 B
475 B 20ms
19ms Ping
image/gif 37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=5955457939755122757@@43157361,4018782274581375505,0|0|0|0|0|0|0|0|0||0|0|1538|e1f6578a-28e8-4d2a-b295-200d3ef2c6fb_1|||1|0|0|KiQXhcPIYQe48M5tcwHHbfgqWB5fl8CsqGcK7UBMjC-EEY8SyejGNMkllzAqADQrA7z_uuw_WOM1|||11|0|0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.urbandictionary.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:35 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://www.urbandictionary.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame 9BD1 35 B
475 B 20ms
19ms Ping
image/gif 37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=5955457939755122757@@52094793,8061444120995427258,0|0|0|0|0|0|0|0|0||0|0|2729|107613134515662448340_1|||1|0|0|GXKqE0QGsB248M5tcwHHbfgqWB5fl8CsqGcK7UBMjC8ml40dJnaABskllzAqADQrA7z_uuw_WOM1|||11|0|0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.urbandictionary.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:35 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://www.urbandictionary.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame 886D 35 B
478 B 21ms
21ms Ping
image/gif 37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=5955457939755122757@@51990297,2895049327571998130,100|4700|0|0|0|0|0|0|0||160|1|||||1|0|0|eypPjaB-XQ7xBx_RTJEBJ_gqWB5fl8CsqGcK7UBMjC-89yyoNDomJom3nyX34Xgm0|||01||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://hal900021.redintelligence.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:35 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://hal900021.redintelligence.net
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame E41C 35 B
478 B 20ms
20ms Ping
image/gif 37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=5955457939755122757@@51990291,8556078649100090730,83|4700|0|0|0|0|0|0|0||192|1|||||1|0|0|PCC2ogsd-mfxBx_RTJEBJ_gqWB5fl8CsqGcK7UBMjC8tX54uKzs6eom3nyX34Xgm0|||01||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://hal900027.redintelligence.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 01:26:35 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://hal900027.redintelligence.net
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H/1.1 200
OK img
sync.mathtag.com/misc/ Frame 1921 43 B
559 B 18ms
16ms Image
image/gif 185.29.134.244
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.mathtag.com/misc/img?mm_bnc&bcdv=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.244 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MT3 4133 baa842e master cdg-pixel-x25 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 27 Dec 2021 01:26:40 GMT
Server: MT3 4133 baa842e master cdg-pixel-x25 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 43
Expires: Mon, 27 Dec 2021 01:26:39 GMT

GET
H/1.1 200
OK img
sync.mathtag.com/misc/ Frame F4D4 43 B
559 B 17ms
16ms Image
image/gif 185.29.134.244
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.mathtag.com/misc/img?mm_bnc&bcdv=1
Requested by: Host: sync.mathtag.com
URL: https://sync.mathtag.com/sync/iframe?mt_uuid=d07061c9-1645-4a00-b232-e2ae32532fe8&no_iframe=1&mt_lim=2&type=1,2&source=bidder
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.244 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MT3 4133 baa842e master cdg-pixel-x27 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.mathtag.com/sync/iframe?mt_uuid=d07061c9-1645-4a00-b232-e2ae32532fe8&no_iframe=1&mt_lim=2&type=1,2&source=bidder
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 27 Dec 2021 01:26:40 GMT
Server: MT3 4133 baa842e master cdg-pixel-x27 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 43
Expires: Mon, 27 Dec 2021 01:26:39 GMT

GET
H/1.1 200
OK img
sync.mathtag.com/misc/ Frame F67A 43 B
559 B 18ms
17ms Image
image/gif 185.29.134.244
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.mathtag.com/misc/img?mm_bnc&bcdv=1
Requested by: Host: sync.mathtag.com
URL: https://sync.mathtag.com/sync/js?sync=auto&source=bidder&mt_lim=2&type=1,2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.244 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MT3 4133 baa842e master cdg-pixel-x24 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urbandictionary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 27 Dec 2021 01:26:40 GMT
Server: MT3 4133 baa842e master cdg-pixel-x24 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 43
Expires: Mon, 27 Dec 2021 01:26:39 GMT

GET
H/1.1 200
OK img
sync.mathtag.com/misc/ Frame 0D4C 43 B
559 B 18ms
18ms Image
image/gif 185.29.134.244
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.mathtag.com/misc/img?mm_bnc&bcdv=1
Requested by: Host: sync.mathtag.com
URL: https://sync.mathtag.com/sync/iframe?mt_uuid=d07061c9-1645-4a00-b232-e2ae32532fe8&no_iframe=1&mt_lim=2&type=1,2&source=bidder
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.244 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MT3 4133 baa842e master cdg-pixel-x25 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.mathtag.com/sync/iframe?mt_uuid=d07061c9-1645-4a00-b232-e2ae32532fe8&no_iframe=1&mt_lim=2&type=1,2&source=bidder
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 27 Dec 2021 01:26:40 GMT
Server: MT3 4133 baa842e master cdg-pixel-x25 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 43
Expires: Mon, 27 Dec 2021 01:26:39 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api.britepool.com
URL: https://api.britepool.com/v1/britepool/id

Domain: api.britepool.com
URL: https://api.britepool.com/v1/britepool/id

Domain: sync.hgrtb.com
URL: https://sync.hgrtb.com/triplelift?redir=http%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D7666%26xuid%3Dmy_external_user_id%26dongle%3D8f7

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLROo30Xf8L0Rxf_SJaQEhCmLu-35nCIHSZhAyPbNVhpcHyJhCR9-eGV90VhQ4aDSwUK_9dWHbnGi8dojPlyJRxTW7OX4Q

Verdicts & Comments Add Verdict or Comment

188 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

119 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mrtnsvr.com/sync	1970-01-20 08:29:50	Name: userId Value: nNrabkOfM
.3lift.com/sync	1970-01-20 01:52:24	Name: sync Value: CgoIgAIQ_YH8y98vCgoIgQIQyPv7y98vCgoIggIQqYL8y98vCgoIhwIQyPv7y98vCgkICRDI-_vL3y8KCgiJAhD9gfzL3y8KCQhJEKmC_MvfLwoJCAsQyPv7y98vCgoIiwIQqYL8y98vCgoIjAIQyPv7y98vCgoIzgEQ4YD8y98vCgoIjgEQ4YD8y98vCgoIjwIQqYL8y98vCgoIkAIQqYL8y98vCgoIkQIQ4YD8y98vCgoIkgIQ4YD8y98vCgoIlAIQ_YH8y98vCgoIlgIQ_YH8y98vCgoI1gEQ_YH8y98vCgoIlwIQ_YH8y98vCgoImAIQ4YD8y98vCgoImQIQ4YD8y98vCgoImgIQ_YH8y98vCgoImwIQ4YD8y98vCgkIGxD9gfzL3y8KCgicAhDhgPzL3y8KCgidAhCpgvzL3y8KCgieAhDI-_vL3y8KCgjeARD9gfzL3y8KCQhfEMj7-8vfLwoJCB8Q4YD8y98vCgoIoQEQ_YH8y98vCgoI4gEQyPv7y98vCgoI4wEQqYL8y98vCgoI5gEQyPv7y98vCgoI5wEQqYL8y98vCgkIcxCpgvzL3y8KCQg5EOGA_MvfLwoJCDoQyPv7y98vCgoI_wEQqYL8y98v
www.urbandictionary.com/	1970-01-20 08:28:24	Name: usprivacy Value: 1---
www.urbandictionary.com/	1970-01-19 23:42:50	Name: session_depth Value: www.urbandictionary.com%3D1%7C327825625%3D1
www.urbandictionary.com/	1969-12-31 23:59:59	Name: mnjs_session_depth Value: 1%7C1640568387498
www.urbandictionary.com/	1970-01-19 23:42:50	Name: _sp_ses.5c9c Value: *
www.urbandictionary.com/	1970-01-20 17:14:00	Name: _sp_id.5c9c Value: 60125986-da15-4564-b5c6-e0ba5868bab5.1640568388.1.1640568388.1640568388.9c23d488-653d-482a-b796-6ea07512cca3
.quantserve.com/	1970-01-20 09:13:02	Name: mc Value: 61c91643-8b517-ffa83-04578
.urbandictionary.com/	1970-01-20 17:14:00	Name: _ga Value: GA1.2.1599655245.1640568388
.urbandictionary.com/	1970-01-19 23:44:14	Name: _gid Value: GA1.2.761068952.1640568388
www.urbandictionary.com/	1970-01-20 00:26:00	Name: _pbjs_userid_consent_data Value: 3524755945110770
.urbandictionary.com/	1969-12-31 23:59:59	Name: _li_dcdm_c Value: .urbandictionary.com
.urbandictionary.com/	1970-01-20 17:14:00	Name: _lc2_fpi Value: 7b1bfe6a19f7--01fqwqxy2w38z9mjq37dmtjmcx
.urbandictionary.com/	1970-01-20 00:26:00	Name: _pubcid Value: 78e57d15-dd1e-46ae-98a1-7869c20eb5ce
.urbandictionary.com/	1970-01-20 09:07:17	Name: __qca Value: P0-1198160337-1640568387534
.scorecardresearch.com/	1970-01-20 16:59:36	Name: UID Value: 1YPRJSIBY4GPBUAMHDRNKRg1640568388
.www.urbandictionary.com/	1970-01-20 08:28:24	Name: OptanonConsent Value: isIABGlobal=false&datestamp=Mon+Dec+27+2021+01%3A26%3A27+GMT%2B0000+(GMT)&version=6.2.0&landingPath=https%3A%2F%2Fwww.urbandictionary.com%2F&groups=C0001%3A1%2CC0002%3A1%2CC0003%3A1%2CC0004%3A1&hosts=&legInt=
www.urbandictionary.com/	1970-01-20 09:04:24	Name: cto_bidid Value: oVBKu19GU1BMJTJGaGpzN0l2NnNucWFuMUg1dU1QbFFUejVsTyUyQkFKb1UxdTYlMkJZR0JhUjVqQ1JXQmtkMyUyQm9lOG1DbFZQWlBmQTVNNjlQamclMkJ3Z1hyJTJGR1BQeWxwQSUzRCUzRA
www.urbandictionary.com/	1970-01-20 09:04:24	Name: cto_bundle Value: -1FXa19OdHp1T01ZWUhVNElxcWlxOUc4Qm9FVE5veiUyRjNrZ0VYQ0NTcGtoY3RTZnNnRFZJdSUyQlBub294VWs5OEpWUGc5dDlPR0hPOFNBdUIwTFRTRnpNQUpHQWFJV1lmVXJjdk96MDVDckZQS3ZVVE5kYXpWSWlWJTJCYm5NMWtsaE5jVzJDaQ
.liadm.com/	1970-01-20 17:14:00	Name: lidid Value: bbd7a7c9-b321-405b-a26f-7e9a8e10bc84
.britepool.com/	1970-01-20 00:47:36	Name: _temp_bpid_ Value: bbb932dd-b0ad-4c3c-8c11-07739ec9e8e0
e.serverbid.com/	1970-01-20 08:28:24	Name: azk Value: ue1-sb1-f75d3932-d4c9-4bd9-ad42-f88769652671
.rubiconproject.com/	1969-12-31 23:59:59	Name: rsid Value: 1\|XoTpdAZC/OrCXi+t2tt8Mx7c5rJaP5uXhxptHvrzPAh1r4P5O2ziQ6qdYLyMi4/FKQattD3GB2TGFkanCXKRK1XEokALhlcJ9R8vVZqNCxgmzGqqEKVXU66THvScWV7/AA==
.rubiconproject.com/	1970-01-20 08:28:24	Name: khaos Value: KXO026D2-15-3AUY
.rubiconproject.com/	1970-01-20 08:28:24	Name: audit Value: 1\|vAET2ryzqEFCCs/Q/2ZTkD5APvdogVCbaTd6KyMQnat7y9GyzaExIVdKRJYRbBLuXBDlsd//l3ul+Bh5uqkXJBYvK+dfzFwRJhsHlJbldDcubovSvF9uuw==
.3lift.com/	1970-01-20 01:52:24	Name: tluid Value: 9634054160953369579
.pubmatic.com/	1970-01-20 01:52:24	Name: KADUSERCOOKIE Value: 350B745B-C7AE-4497-937B-9CBD22D89551
.pubmatic.com/	1970-01-20 01:52:24	Name: chkChromeAb67Sec Value: 1
.pubmatic.com/	1970-01-19 23:44:14	Name: pi Value: 156796:2
.pubmatic.com/	1970-01-20 01:52:24	Name: DPSync3 Value: 1641772800%3A201_197_219%7C1640649600%3A174
.pubmatic.com/	1970-01-20 01:52:24	Name: SyncRTB3 Value: 1641772800%3A56_220_21_13_7_161
.casalemedia.com/	1970-01-20 01:52:24	Name: CMPS Value: 3271
.casalemedia.com/	1970-01-20 08:28:24	Name: CMID Value: YckWRZwlS.tA.TVA2RnE-gAA
.adnxs.com/	1970-01-20 01:52:24	Name: uuid2 Value: 7851095513005621819
.casalemedia.com/	1970-01-20 01:52:24	Name: CMPRO Value: 1204
.bing.com/	1970-01-20 09:04:24	Name: MUID Value: 1869BAC3B4E2620F28E1ABD9B53063B3
.simpli.fi/	1970-01-20 08:29:50	Name: suid Value: F0773C369512422CA412DB672A018B81
.mathtag.com/	1970-01-20 09:08:43	Name: uuid Value: d07061c9-1645-4a00-b232-e2ae32532fe8
.adform.net/	1970-01-20 00:27:26	Name: C Value: 1
.onaudience.com/	1970-01-20 08:28:24	Name: cookie Value: 2e600e5c7dd14c06
.onaudience.com/	1970-01-19 23:44:14	Name: done_redirects104 Value: 1
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-19 23:44:14	Name: lidc Value: "b=VGST04:s=V:r=V:a=V:p=V:g=2523:u=1:x=1:i=1640568389:t=1640654789:v=2:sig=AQEMbscMVXZZetuCFjVawjZVBwGXkPEn"
.de17a.com/	1970-01-20 08:21:12	Name: guid2 Value: 1.3341311249734111238
.adform.net/	1970-01-20 01:09:12	Name: uid Value: 5955457939755122757
.linkedin.com/	1970-01-20 17:14:42	Name: bcookie Value: "v=2&4794b91b-d2e1-468f-827b-2a7c0eef02d9"
.linkedin.com/	1970-01-20 17:01:17	Name: li_gc Value: MTswOzE2NDA1NjgzODk7MjswMjEr8dh4ZEVb+Xo17KfVLpJvZAQhshf1DvjN58b6X3WFZg==
.doubleclick.net/	1970-01-20 09:04:24	Name: IDE Value: AHWqTUkchfLtO-WXM_cCrplnQnWDXg2Frwu84HYfm0OwG3YE59KVwg8JBaJslWrP_UU
.pubmatic.com/	1970-01-20 00:26:00	Name: KRTBCOOKIE_336 Value: 5844-3341311249734111238
.pubmatic.com/	1970-01-20 01:52:24	Name: PUBMDCID Value: 3
.pubmatic.com/	1970-01-20 00:26:00	Name: KRTBCOOKIE_80 Value: 22987-CAESEA3iksR9QnR7BWWBqUCQTeY&KRTB&16514-CAESEA3iksR9QnR7BWWBqUCQTeY&KRTB&23025-CAESEA3iksR9QnR7BWWBqUCQTeY
.pubmatic.com/	1970-01-20 00:26:00	Name: KRTBCOOKIE_27 Value: 16735-uid:d07061c9-1645-4a00-b232-e2ae32532fe8&KRTB&16736-uid:d07061c9-1645-4a00-b232-e2ae32532fe8&KRTB&23019-uid:d07061c9-1645-4a00-b232-e2ae32532fe8&KRTB&23114-uid:d07061c9-1645-4a00-b232-e2ae32532fe8
.pubmatic.com/	1970-01-20 00:26:00	Name: KRTBCOOKIE_391 Value: 22924-5955457939755122757&KRTB&23263-5955457939755122757
.pubmatic.com/	1970-01-20 00:26:00	Name: PugT Value: 1640568388
.mathtag.com/	1970-01-20 00:26:00	Name: mt_mop Value: 9:1640568389
.crwdcntrl.net/	1970-01-20 06:11:35	Name: _cc_dc Value: 1
.crwdcntrl.net/	1970-01-20 06:11:35	Name: _cc_id Value: 61a777059d243ce2766c4babc72e3e5a
.crwdcntrl.net/	1970-01-20 06:11:36	Name: _cc_cc Value: "ACZ4XmNQMDNMNDc3NzC1TDEyMU5ONTI3M0s2SUpMSjY3SjVONU1kAILEk2KuIBoKAEnRCmY%3D"
.crwdcntrl.net/	1970-01-20 06:11:36	Name: _cc_aud Value: "ABR4XmNgYGBIPCnmCqSgAAATlAGG"
.acuityplatform.com/	1970-01-20 08:28:24	Name: auid Value: 634835032505
.acuityplatform.com/	1970-01-20 08:28:24	Name: aum Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqAOPqNdXNlck1hdGNoaW5nSWTQkWxhc3REcm9wVGltZU1pbGxpcyUBPn4vb3uOmGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAT5+L297jo90aGlyZFBhcnR5VXNlcklkIfv7hnZlcnNpb27C+w=="
ads.stickyadstv.com/	1970-01-20 00:26:00	Name: UID Value: 916544337193fe3baed0a1742f811cc2
ads.stickyadstv.com/	1969-12-31 23:59:59	Name: sessionId Value: 9c4a55cce456f2a3b8653a57775c36f0
ads.stickyadstv.com/	1970-01-20 00:26:00	Name: uid-bp-34673 Value: YckWRZwlS.tA.TVA2RnE-gAA&1204
.onaudience.com/	1970-01-19 23:44:14	Name: done_redirects147 Value: 1
.advertising.com/	1970-01-20 08:29:50	Name: APID Value: UP0471dc94-66b4-11ec-a82d-0203314ef094
.urbandictionary.com/	1970-01-20 09:04:24	Name: __gads Value: ID=7fcd3dc3ef7aec15:T=1640568389:S=ALNI_MZ-yZhImORRx1OXGtBdTzjj81_5Kw
.everesttech.net/	1970-01-20 08:28:24	Name: everest_g_v2 Value: g_surferid~YckWRQAA749dnQAF
.adsrvr.org/	1970-01-20 08:28:24	Name: TDID Value: 456b261a-6772-44d4-bdfe-6385b9439d94
beacon.lynx.cognitivlabs.com/	1970-01-20 08:28:24	Name: UID Value: 2446002a-8032-4cdb-9d07-bed53b35ef2b
beacon.lynx.cognitivlabs.com/	1970-01-20 08:28:24	Name: ss Value: Zyxb9vk4m%2FplZSnKaCDuNSix%2FL2EWTtaecn04pg3g5gdQbkb9iIZWpcEIfPdZ662aVUHqeAORPp8HBIb%2BMSVnw%3D%3D
www.urbandictionary.com/	1970-01-19 23:42:51	Name: _lr_retry_request Value: true
www.urbandictionary.com/	1970-01-20 00:26:00	Name: _lr_env_src_ats Value: false
sync.srv.stackadapt.com/	1970-01-20 08:28:24	Name: sa-user-id Value: s%3A0-d202834d-822c-4223-75f8-feb98a0023fe.VnqvitJfMz4T32FGRjK2ui9t5nbK3vY%2BgCSKU7%2BlP2k
.srv.stackadapt.com/	1970-01-20 08:28:24	Name: sa-user-id-v2 Value: s%3A0-d202834d-822c-4223-75f8-feb98a0023fe%24ip%24185.213.155.166.h7htxx9ORp5MZcdO7bvEkY62%2BKglf2zsKKNMCK7GSqo
.adsrvr.org/	1970-01-20 08:28:24	Name: TDCPM Value: CAEYBSABKAIyCwiSxZW91LikOhAFOAE.
.yahoo.com/	1970-01-20 00:34:33	Name: APID Value: UP0471dc94-66b4-11ec-a82d-0203314ef094
.yahoo.com/	1970-01-20 08:28:45	Name: A3 Value: d=AQABBEUWyWECEM9hIRegA9pwyFWjuRDk7R8FEgEBAQFnymHSYQAAAAAA_eMAAA&S=AQAAAlmLh5VlGqyvQy6Gp2QNxt4
.adform.net/	1970-01-19 23:52:53	Name: TPC Value: 1640568389964
.urbandictionary.com/	1969-12-31 23:59:59	Name: panoramaId_expiry Value: 1640654789824
www.urbandictionary.com/	1970-01-20 00:26:00	Name: pbjs-unifiedid Value: %7B%22TDID%22%3A%22456b261a-6772-44d4-bdfe-6385b9439d94%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222021-11-27T01%3A26%3A29%22%7D
.onaudience.com/	1970-01-19 23:44:14	Name: done_redirects219 Value: 1
.turn.com/	1970-01-20 04:02:00	Name: uid Value: 7962868175624140480
.zeotap.com/	1970-01-20 08:28:24	Name: zc Value: 7a2d47b5-2c92-406f-5426-4a80e51ab110
.zeotap.com/	1970-01-19 23:44:14	Name: zsc Value: 6%40%3D%90%06%0C%A1%8D%13%23g%B8%DB%22%E9%B3%2F%F03%A4%BF%1C5o%D0T%F6%93%CDE%06%D3%CE%C2%F1P%02%B8w%2391%A4%0F%A3%EBe%BF%03%5E%A1%7F%82%DD%BE%12%05%86f%8F%E5%94J%3Db%E0%EB%83+%1CZQ%02%BA%5B%C2%F9%AF%DE5%CE%2C%D5
.w55c.net/	1970-01-20 09:13:02	Name: wfivefivec Value: oF0iMr0b1N1EMu5
.w55c.net/	1970-01-20 00:26:00	Name: matchtriplelift Value: 5
.adfarm1.adition.com/	1970-01-20 01:52:24	Name: UserID1 Value: 7046187581903144168
.redintelligence.net/	1970-01-20 01:52:24	Name: 8lcfmzhxc8d6_uid Value: c2590807f4983fb7
.urbandictionary.com/	1970-01-19 23:42:51	Name: __li_idex_cache Value: %7B%22unifiedId%22%3A%229WLZ7V1ZhBaqzrN5vlVUHAR8kM4pCHUkyVNjgA%22%2C%22segments%22%3A%5B%5D%7D
www.urbandictionary.com/	1970-01-19 23:44:14	Name: pbjs_li_nonid Value: %7B%22unifiedId%22%3A%229WLZ7V1ZhBaqzrN5vlVUHAR8kM4pCHUkyVNjgA%22%2C%22segments%22%3A%5B%5D%7D
www.urbandictionary.com/	1970-01-20 01:52:24	Name: _autuserid2 Value: 7046187581903144168
.mfadsrvr.com/	1970-01-20 17:14:00	Name: tuuid Value: 4046931d-97d2-47b7-83b5-8b82791855f9
.mfadsrvr.com/	1970-01-20 17:14:00	Name: c Value: 1640568390
.mfadsrvr.com/	1970-01-20 17:14:00	Name: tuuid_lu Value: 1640568390
.mfadsrvr.com/	1970-01-20 17:14:00	Name: ssh Value: !triplelift,1640568390
.casalemedia.com/	1970-01-19 23:44:14	Name: CMST Value: YckWRWHJFkYA
.bidr.io/	1970-01-20 09:11:18	Name: bito Value: AAJ9cE7Dki0AAEGbwiCDSw
.bidr.io/	1970-01-20 09:11:18	Name: bitoIsSecure Value: ok
.adnxs.com/	1970-01-20 01:52:24	Name: anj Value: dTM7k!M41.D>6NRF']wIg2HaOtBHYn!@wnfH8K6pQK`!5=E<L5?%M%8O^oldH<N]mIXhI4jboai970JC2]E0'3WF%nugO%v4VB%nmLq)pVJK
.mathtag.com/	1970-01-20 00:26:00	Name: mt_misc Value: mt_bt:1
.casalemedia.com/	1970-01-20 08:28:24	Name: CMRUM3 Value: 2761c916450b40&5861c9164505a0&e661c916452760&4961c9164505a0&c361c916452760av-53467a0e-216e-4b45-b675-5039ca23607d&0a61c916452760634835032505&7b61c9164527600gKDTYIsQiN1-P65igAj_rnVm6Y&f161c9164505a0&6f61c9164505a0&2d61c916462760CAESEGlXq2n2yFpRj0Ljf-58hT4
.creativecdn.com/	1970-01-20 08:28:24	Name: u Value: kbsWX51QyvTzy9vu2Kyx
.creativecdn.com/	1970-01-20 08:28:24	Name: ts Value: 1640568390
.ipredictive.com/	1970-01-20 08:28:24	Name: cu Value: 04edea56-66b4-11ec-b373-216702a4ec2c\|1640568390449
.medialead.de/	1970-01-20 08:28:24	Name: trscj Value: MTY0MDU2ODM5MHxMM1J5WTJzdlpYQjJMMlU1T1dGaFkyVTVOR1UyWlRVNE56TTRPREZrTXpRd01EazVNMlV4WlRkbFAzTjFZbWxrUFRRM056TTFNekF3TURFeU1UWXhNVEF3TnpFd05Ua3lNREV4T0RJeE1ERTNKblE5YUhSc2NBPT18YUhSMGNITTZMeTlqWmprME5tRXhObUkyWkdNMVlqTmlNMkUzWmpneU1EZGhZemRqT1dFM09DNXpZV1psWm5KaGJXVXVaMjl2WjJ4bGMzbHVaR2xqWVhScGIyNHVZMjl0THc9PQ%3D%3D
.awin1.com/	1970-01-19 23:52:53	Name: awpv14098 Value: 296283\|1640568390\|04fc9010-66b4-11ec-a9fe-2263e4039ea6
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 379097:2519595
.w55c.net/	1970-01-20 00:26:00	Name: matchgoogle Value: 5
.quantserve.com/	1970-01-20 01:52:24	Name: d Value: EAgBEAGHJYENv6kw
.lijit.com/	1970-01-20 08:28:24	Name: ljt_reader Value: 93256ffb12fdf780af6aa9cd
.analytics.yahoo.com/	1970-01-20 08:29:50	Name: IDSYNC Value: "17ot~22bd:18wq~22bd"
.yahoo.com/	1970-01-19 23:44:14	Name: APIDTS Value: 1640568390
.travelaudience.com/	1970-01-20 09:13:02	Name: _tracker Value: %7B%22UUID%22%3A%224CE50994-2E10-40DB-B679-836E12DD49D9%22%7D
pb.media01.eu/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: j5jqkmboavxvyc1ae0dcmlio
pb.media01.eu/	1970-01-20 17:14:00	Name: DTU Value: D31CEBC3ED67D5323F3D8FD6F6F055DC
.realestate.com.au/	1970-01-25 20:29:45	Name: mid Value: 14359246641729256354
.pubmatic.com/	1970-01-20 00:26:00	Name: SPugT Value: 1640568390
.realestate.com.au/	1970-01-20 08:28:24	Name: External Value: %2FTRIPLELIFT%3D9634054160953369579%2F_EXP%3D1672104390%2F_exp%3D1672104391

14 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://thrtle.com/insync?vxii_pid=10054&vxii_pdid=bbb932dd-b0ad-4c3c-8c11-07739ec9e8e0 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://eb2.3lift.com/xuidmid=7976&xuid=c79tbChfp&dongle=u6nf Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://eb2.3lift.com/xuidmid=7976&xuid=n79tskhfp&dongle=u6nf Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://eb2.3lift.com/xuidmid=7976&xuid=r79tbCOfp&dongle=u6nf Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://eb2.3lift.com/xuidmid=7976&xuid=nNrabkOfM&dongle=u6nf Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1 Message: Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network	error	URL: https://c1.adform.net/serving/cookie/match?party=29&gdpr=1 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://id.rlcdn.com/709414.gif?us_privacy=1--- Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=1327 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=1&gdpr_consent=&uid=9634054160953369579 Message: Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network	error	URL: https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=1&gdpr_consent=&uid=9634054160953369579 Message: Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network	error	URL: https://sync.hgrtb.com/triplelift?redir=http%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D7666%26xuid%3Dmy_external_user_id%26dongle%3D8f7 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://c1.adform.net/serving/cookie/match?party=1245&gdpr=1&gdpr_consent= Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLROo30Xf8L0Rxf_SJaQEhCmLu-35nCIHSZhAyPbNVhpcHyJhCR9-eGV90VhQ4aDSwUK_9dWHbnGi8dojPlyJRxTW7OX4Q Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a5261.casalemedia.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad-delivery.net
ad-server.eu
ad.doubleclick.net
ad.mrtnsvr.com
ad.turn.com
ad13.adfarm1.adition.com
ad4m.at
ads.pubmatic.com
ads.stickyadstv.com
ads.travelaudience.com
adservice.google.com
analytics.webgains.io
ap.lijit.com
api.britepool.com
api.btloader.com
api.rlcdn.com
api.urbandictionary.com
api.webgains.io
b1sync.zemanta.com
bcp.crwdcntrl.net
beacon.lynx.cognitivlabs.com
btloader.com
btlr.sharethrough.com
bttrack.com
c.bing.com
c1.adform.net
c2shb.ssp.yahoo.com
cdn.contentspread.net
cdn.cookielaw.org
cdn.jsdelivr.net
cdnjs.cloudflare.com
cf946a16b6dc5b3b3a7f8207ac7c9a78.safeframe.googlesyndication.com
clarium.global.ssl.fastly.net
click.udimg.com
cm.g.doubleclick.net
cms.quantserve.com
contextual.media.net
cookie-cdn.cookiepro.com
d5p.de17a.com
dpm.demdex.net
dsum-sec.casalemedia.com
e.serverbid.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g.udimg.com
geolocation.onetrust.com
gift-connect-d.openx.net
googleads.g.doubleclick.net
gum.criteo.com
hal9000.redintelligence.net
hal900017.redintelligence.net
hal900021.redintelligence.net
hal900027.redintelligence.net
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.3lift.com
ib.adnxs.com
id.crwdcntrl.net
id.rlcdn.com
idx.liadm.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imagesrv.adition.com
js-sec.indexww.com
lg3.media.net
match.adsrvr.org
match.prod.bidr.io
media.giphy.com
medialead.de
mug.criteo.com
mwzeom.zeotap.com
nep.advangelists.com
pagead2.googlesyndication.com
pb.media01.eu
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.advertising.com
pixel.mathtag.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid.media.net
protected-by.clarium.io
pv.medialead.de
px.ads.linkedin.com
px.britepool.com
res-a.akamaihd.net
rp.liadm.com
rp4.liadm.com
rtb.adentifi.com
rtb.mfadsrvr.com
rules.quantcount.com
s.amazon-adsystem.com
s1.adform.net
sasinator.realestate.com.au
sb.scorecardresearch.com
secure-assets.rubiconproject.com
secure.quantserve.com
securepubads.g.doubleclick.net
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
simage2.pubmatic.com
simage4.pubmatic.com
spl.zeotap.com
ssum-sec.casalemedia.com
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.hgrtb.com
sync.ipredictive.com
sync.mathtag.com
sync.serverbid.com
sync.srv.stackadapt.com
t.pubmatic.com
tag.1rx.io
tags.mathtag.com
thrtle.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
track.adform.net
track.webgains.com
triplelift-match.dotomi.com
twemoji.maxcdn.com
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
urbandictionary-com.videoplayerhub.com
urbandictionary.com
us.creativecdn.com
www.awin1.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.urbandictionary.com
x.bidswitch.net
api.britepool.com
cm.g.doubleclick.net
sync.hgrtb.com
104.109.78.125
104.111.239.217
13.32.27.72
13.35.253.75
13.55.197.144
130.211.23.194
134.209.131.220
138.201.63.116
142.250.184.230
142.250.185.66
142.250.186.130
143.204.209.94
144.76.238.55
145.239.193.130
151.101.129.194
151.101.2.49
154.59.122.79
159.122.14.34
159.69.70.9
165.227.252.242
178.250.2.146
18.156.0.31
18.156.195.47
18.159.117.129
18.184.69.62
18.192.154.98
18.196.197.61
18.197.42.49
184.31.84.150
185.170.61.202
185.184.10.30
185.29.134.244
185.29.134.249
185.33.221.15
185.64.189.110
185.64.189.112
185.64.189.226
185.64.190.78
185.64.190.81
192.132.33.46
198.47.127.20
199.232.198.2
2.16.186.89
2.18.232.130
2.18.233.180
2.18.233.201
2.18.234.21
2.18.234.233
2.18.235.93
2.19.35.65
2001:678:cb4:bbbb::11
205.185.216.10
213.155.156.184
213.19.147.42
216.52.2.19
217.79.188.54
217.79.188.60
23.111.9.57
23.20.7.162
2600:1f18:730:b110:c4cb:f288:bc78:c53b
2600:9000:211e:d400:6:44e3:f8c0:93a1
2602:803:c001::200:194
2606:4700:10::6814:b944
2606:4700:10::ac43:db6
2606:4700:20::681a:68b
2606:4700:20::ac43:4513
2606:4700:3039::6815:c076
2606:4700:3039::6815:c079
2606:4700::6810:135e
2606:4700::6810:5714
2606:4700::6810:9540
2606:4700::6812:678
2620:116:800d:21:36a9:ecb:e518:b308
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:802::200a
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2004
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::200e
2a00:1450:4001:813::2001
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a00:1450:4019:80c::2013
2a02:2638::1c
2a02:fa8:8806:13::1370
2a04:4e42:200::425
2a04:4e42:a00::207
2a05:d018:d29:3605:15eb:8f8e:fe0:229e
3.248.87.88
34.102.163.6
34.107.148.139
34.107.179.104
34.120.133.55
34.197.43.243
34.199.172.6
34.238.14.155
35.156.3.27
35.157.51.51
35.190.0.66
35.190.23.99
35.244.159.8
35.244.174.68
35.71.131.137
37.157.2.248
37.157.4.24
37.157.6.253
44.193.191.16
46.236.13.147
51.210.112.236
52.16.124.238
52.19.22.209
52.46.130.91
52.86.156.15
52.95.119.178
54.172.254.117
54.175.36.162
54.76.176.197
54.77.6.213
54.81.54.221
64.202.112.63
66.155.71.25
69.173.144.138
69.173.144.165
76.223.111.18
78.46.111.106
8.43.72.98
88.198.250.30
88.99.69.161
94.23.99.218
00b7b3e4dd39d512a1f08ef786856b720475af62051658af277c0cf357c99b1c
0176ce1f70de495ed4e8f40af8b6263f104c6796b1c25af7d9a169955a8b9d5d
041743565ed84cfbe2769b21e6498731b3c05678cb51ed8cc8cee208e5f907de
048675b5bae1d7dada511b7b02c60f3fb7a02e891a3931ab3afe3ab36033ca6f
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06731437b93851a20c28a961aa9c1d2f5af314103be71640f74d89fac90d8e6c
08285afd2f0c11a2a9d89f00dce769479e4d164e62caa39eceea9f1eb551afa9
086277042a04674a95dc3a57f66046ef70b8bb2337c8f9ef133f27a7540e3e3d
08823bb640a139685b7adf52d8041883aa4004a6cf890eafc2f65605dff2ef92
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
09b6c25e51389cfe88a8dc892ccfc298f2db8f284613c564717f5e7aa22f0bfe
09b7ece464c01f640c13fdceb08bb12ab4a2db787f36a8253c109ea3d4f7d9f5
0a6dba6be9fabace7b448e1f431cf5660a8e30028e895226b8e15f45eb7c13aa
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c07b5df9ce1c2b83014f44b8607e1e60cf9730a30240fcdaaeada1a63d103ff
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5
0e0e5259e3ff8ea805e0c5660c6336f7f46b14332e3cafb82939e1db3da8b6f8
0fd429b95adc1755ffb3f7d831ac7e33dad31379239750f32c49c98f7019e45f
10ab566c9fb0560fc9b7690af2b2a06cb4ce5af583a6e9796d1ece57c702c5e8
11f4d896d828c6a497b25b5c6bb3eff64e6fb9de8a60c4f2bf1f3739ffc16118
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1465ae8c2077abe2436d2e196b3ad677052e27523af6ec4740dbce18e85035e8
148e5dde391de40ea192a2ae2055879603a0d5a9f25b7b176f16693ee1516a21
15de584bc2971ae67049d2a9997f7aa7069243edaf645475a7682640968d0f94
17f8c38e578718cdd0fe840056e389717e8e7694e7a83a75eb28d4705ff60b55
185bd6adbe2e2cdd0934c564853b7903526b51a6fb75ba9443e8956d5392c48b
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1872504536553a906534bf7decd822fa902fe07a0133bfbc99ac2b9be6d3f427
1907478e8fa62801a1db26be87cab0755288131c9c8e80320582e560825df3cc
19fcb061c321a980bfbfe07037524dd4f0476c1971d6bbbeb1bb76d56660e94a
1a61e839600d86181b846ec06ce33c6729062dde0f755a16ddb640445302f950
1b439b7fa6572b659fbef161d8946372f472ef8e7169db1e47d21c91b410b918
1b98066a9186221b5008ac5dda12ea40c2cc1c0362715ebd871ae046b60ebdee
1bda28610742ab75071b05da88f5c6f2366f25085ff90c4d771b3e7814973198
1c89db4b2886d91bf58decbae0593a2a3f327c196f2fe2ce8df17363eb4b9c2a
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1cf39622a056725a42e0541d2dcb6f2975fd1dff4d8fa470d1df908685b86cd1
1d5f9db72b5578f215d3d6db952260c149fb70fd3dceeaf62cb89dcea9bb0b4f
1e5983fa4d2be2eac40981cf1b0df95075835a7755d95449835ad1ab42203544
1e6d3d4383e92055d93d26bb2d6006eda8839f57ea54c60b29e2e1ce2e40528e
203a6d58f606a50f84d9e7509720bf42116be9c4c967e8a5d8a9e4316545f043
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
243d70f43a15541e81882d53fc506e0d6d7360c7f9f88046ee80db70174bb5c1
24df5dd16a5c35013e04387d68e88f912f5d4d2195c02e4f39a204868464f313
260039b6e6461a5069054c7d945d6421f59f2d8d50158f12adf68cae6625293d
298a49884af0d3488fc30e1d88878c7dbe1c0a07d17f6d9d64a15f854cc6cd78
299a84d4324c9776dcf0b8607389564103aab7b2176e98189bd3c767f0f792f7
29bb4b6b99538e3dcdd0f9ef0b22adee10a953436e86b7cf91f7d836a3d336d3
2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675
2d73ef8e8aaf61183ad486f81ca65fb1c9e9bdbf764d4133b12ef317dfa04d51
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ea38f80cb6b2d993ea70538532bb5cd116038229cd2f91ec3a038bd2efd92ca
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2faab8affbe7463d637cec1087e0ce8d721338678132fc82f3cfe7d9cc31062a
2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6
2fffa17e889bf55d0fd9fcd1dee7ae7044298ed8e7ea69c480ab9a1b1a3c1961
30d2143e5e0ad4af94bf25a55ea17ac1451f5f8b91ff96dc4a32b4791aaeeab8
310ec08f78aca9b36c34a878dc933c8258bcb914800038508419033c2c69e25e
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347
333a73d1f3e666294912d87eae75efbaeebaa5f67b197a2fff9123c35532733d
339b062715f0fa93bd4509bbd3c7ee6ebb3ce63ef1140c0dbf3aa8935b7aaf7c
358b728e852cf39a6b55c9eb0a70aa7790e8ca39eff99669bf35b7a2cf7243d3
36273c33da1748d907aa37106ef3086062f648a466d0f2a807ae5163e8f3a823
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
37bc930c63149650677d732eea9526432bd8494c55737f45c98e7f8ad7c1e7ff
384077c43dddcfdb3603b90d581812b40859fe7e69bcdd46e147fb30111cb048
39e0bcfc32461ddf29132144172891496436a1c8eef9830f7795ca89c43b4462
3aaf3ac542301cf81ff6104045bdcd1433b927145c8950012feed8efca1c9c54
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3efa652802615e33622d9ee6eee31f63db17602f1ef0f8a533ce0c58b3fb8114
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40a0f5dd67c3872993adfee2988cbe160cad5c07631da96b4a5bc6ca7f4a2eea
411c5cad0d24027c726e52a3903531a2c8348c845e6552932c7698e997a81405
428f1eb7935944229430ac0fdce0033f05d9b8c1c020b87c681dd7a78ab4dd19
42bab28225b200fcaef4d6dc17379592c02c63daf49fea12450d9c66e4afa1c5
43f5e335ca9eba391f49f36fa3f4fb02cdc98ecbaa7ef8343fcabceae6a54f27
46fc99f79ddbf8ae97a2d6d4c95d0d9992abfb8caa993efbfddab0cee7a65f08
487fce51fd801415c362f3f9f2df43c445a4b9ba38f9b6d49dfc898dc85ede94
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49886c0376bcfa5026073ce6314b2ad027338fde567cde729c3427fe2db77a69
49a86c59b86563d06a25ecdf34ff617c6b8dff04a81798418d9dc02c77c51314
4a9feaf0a180486f3fa92e50aefb98ad100b3453efbc98170b88cef56efe2d02
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d2a74d8b25e1ccd4b1294b0b937804bc24aeea7f46edad3f3c1f91604d2708c
4e1e3534cd3dc977db196bf47b9c20924218aa39a5db8181261b4429f40b56bb
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
531d05a912c78d430f454775194e350f60330620c42513073cd84ac700077dc2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
556c70de22653ea4c61432d9b4661c897ebc7df8416cf69070f580a7fc5792cc
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55aee3023dfde97304bc75d49ec863cdaac91659665d1ac08daed95e29d59afa
55d1549700c6a6582ea11b81f65462c69d4314a161962264e1ac81dcacf8e221
597493b4a8767f74b1392b10e164426ffe9c11949b209bfecb3596a03ad00e09
59a9fd5d93c0b214c527cbc7d807c444f3cde5f6ffe12e5dd7d9ccda75c9fd3e
5f5cb993a0d38717b49cd64e977fff7338fc7f47c97760d256366b873ac9275e
5fb81d5d6ba2272f4f3dcc86348a859920be63199f98f082a073144cdbfdf725
614305ee414f9b73b89b32101c278293814beb310525293d2c24f35c1cd9de0a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62dfe992f48c3ae7c1b6b12225a2a16e80177a3bdec3ae9064b012fad19166ac
632dbf79906663d624f02e07c694aea26ea7af45d693cc1391dbbd679512e0f0
643957ecf716a2bcba9104704e5ab7423fe1dbcf892bae2aa6036db40f11f738
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
6a692561d1c4b19376746bfa12edbc335b222f0e0af8556df547302d6f5a2822
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b49f18370ab654be0367fb969d5015649fdf5406bcbec33e5b0644f4bb7fe0a
6b71d2bd27010cbb01e505314423d9c903230bf4182019eb1ca8016bd2b624a0
6b8ee02bddec67b4e38863e28da563f65c682459773ba2a0800a839bc98755e7
6ea3397749fc6b873d51573b1121abfd8ece9b6727ebacbea870605ce5ba5d38
6ea55309b41249727d51da7543ae1ccb4c50e883ec85e27d3c1ece612fec9dd5
70e0a3b2c82384039a2e4b31c305c9ef1f72a59b585acad421c54a6101a25237
710237d7476dc2ac8494a9b0530bb2e6822f045dc661eb5364c81de1f996107f
7209c26bc245ae1b293f4b9622201b1dc97282229a2e8fcae555f36caa8650e8
728c9a9952347dce2efe7452438e76d72e5107dd92395febd377e146fa464cf4
72dbd696f7961daf9049faacc868865d959f3d126f40d5271f48d5d9a0ccc652
72f70f5404f95af014f9497b4a34612f37e24f98f7844c3d42392633c116bba9
73eb8d310f0e297aec595be28406cedaf20e9243b8ac5fdcabd3139450f5d53f
772767f8cc04b25657a494a2a5aca873aede7c06b52bbd460222beedd917b1df
7792e1c9ac3133653260cc659a5cf19ffe50f4512e993a506308ee2d3211f858
77b3b2c53216ee57263fe847e0bd6f28ae2577a25c2ae00ab470dc164c769096
7e5b4dd28e58e76dbe83eb2b357fdad7e54b85a9def9bf953063d5970a91ee6a
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
7fc828bb9cb60dfab4ce7ef6f96f61630f7d816be2c36b9ae08462fa8adc0bbf
81ec37f2f154f27cfde29aa4ea92e319fde0efec6444e6d053b76eb12828afc7
82e400c090fb5260267fa339b115e8fe2cb3171303e252844d9756f252f39099
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84153107c9783beb9cd872cea87403d57ef93bde35eb9c4e9432dfc9d594b94f
8554834885c022b9ae43216d18490e5f390a18a1aabac694b38752ded8a92733
856fb62eb0cec024187dafc2edcd7097c9c74633f4de9444660c6b0e19119b98
876bbf0a2b842a8cbb5cb24dbc1074ba204d7735af3c5469d3570d8b52ac8b7a
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
8801fd6b018fa8b0c6fa01c0e7838c184b64df6557c97baeb0d9041bdf657083
8b13335b5f44be68fee7ea4003e3ba58badaba5c822d8f34d5b463cb74fea8c4
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
947a09f5ce3555232293442b48c046261494fe79dab3a4bbf77e06ade1020265
955508e747dcd797570bace5a506277a6895660c637947ee4fcf69657b85a816
9799371c6c23216b2db8bdd20c40dd17518a4987169b0e997753b33563c2cc34
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a3f7144e808cdb189d4581b80d2f7e9cfdf112e39f429c190a3c23ff2f19b9b
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9d2f264b8c8fb7285328fae69dab5ddb6a6e96b602891ea275e6adcc415359f4
9e9b34f0817548b428e128d5a7551fbc499d01fee0a12d016c323f65b9d4e2fd
9f0d42fa5021590be879fc17d3cb58b1768cc8d45919f82bea63eff24b5796f8
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a03821969dec51515aef904c96b7b22223902779dd85f97251559b15d66fc503
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1b000b433199bfd60632e61b74bb2c4abd074dce072784e7acd55b1e4158cee
a1c43f0c5f7b237c1a9bcb74a11600939ca5a8e74ee02dd01ca0a2b2a331d1cf
a21998523667aa9d043e52cc2b6de4db33f4a37adc32ed85a73f219615609a30
a23b6379de12cc2615f3376d784dff35a611a05365ae6c901b7829a72439a6b9
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a28d5bb2dfe3df501f9ada7611a9064d9b5dbdf0cec09c465d3409b1aa8af422
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5d90042ab77d822ee4e9377a6c76afc335ad9d30d8c952f848d1f87b1e07124
a5d9bb5c1067545ab7bc5ec13a1bf70b5e58d858343a06bcef6b6dd74dfa935c
a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7e55552dd1b8c30e6a33515512cda29a22a628d75d6445e6647f6a9124aac2e
a84e0b2e52705c216f3a7b4c08da32f3b8abeed4948c4813fb0716c3c93a941c
aaa760d81f2d3f708d8b28f8e26254a137133de6c51a8439242f2403e4e3fd3e
abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107
acc1ca755792e32aa69e909064b90362857fb423614b62ee7ea99af20aeeaa3d
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
acf64df29b2293a9f317def20b93fabecf86f22fd434c082056fc5675f4a5f70
ad246d47536dacf0256646042ec184678bfc630fcb638d9199bd66cf8cb5e457
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b41186bb7937c339619e3598cdda08866874dc40627689f7526954effce24f63
b7334ff3a363a292147229f5de0a7068842a9eb81b47514c820492772824bef7
b7bcbe4eeca65d8f0b8de5ca42f38800fe21202fa3387e69ce319b5ccee750ef
bab2c4f074cec2704d21d736d3bbb3837e39bc38cfc2db07ec7966c68f1b88b6
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a
bee61bc00e3070d85567df780c08914b861333b11d74f9ae034b7ba2317580d6
c00a759275b8628823a9809f24cbeca08cb48b52713adf221f70284e66d9c82f
c020f54c248a55614e1dbe7002ac03e4a6ed263a6e9d460621b4894add76efcd
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c41393a4ae0832a7169e4f3b80b0dbbd25444141eacd7920f80c59fa093c93f6
c4e1ef5b8a05b1734d1ecf6c8ff1d45746381423aa24ab4220ce6793ce1aa7e0
c60a61732841bead09d6801d940efd42964503d476d620ff3e009c5146d495b8
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0
c71704461d36379165b4b265df85892d3a482815d2843f3d7f9a094ca573b615
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
c86d9eefc9313a8a8f902e2ff7c971f1684eb0d8318085237180abfdd583ffed
c8f1fcb43e1d166a76248462ef363e20e96044c8e4b565553a84e873724b7b4a
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cab36f9b41731db38b485e3734fc715b3ee3c4ba8dbbea49c0268257305516f0
cb5ad41e1a672ce7b05978fea4976dd4bb4f4e74059194f9301365f319015e9b
cbf2228ab439f89b83feb79ea549213521a81212fde9ff67f9c73d002d586198
cc97afe5e5a8af01acdf4b1fcb68f86cdc7c6296a7cf15f9f5ddf1539a0c42a6
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf89425da46ed27924fc942d16912642c30c8aa09fd1c45980edd049491aedb2
cfeff20b62259ddc3f161bc87acb595b9f565e7a5dcb94e97578d91260224210
d0a0a94ad4f9c90d139c619d2d4db0ee85d63b39d7c856f127d432467b7b365d
d421db3f1a99d2dcc188359dc347da043170c8f56f899e97f76fa0a2fa37feb6
d52d1c737ccf46ce4597f44d77440b396122e0ac4eb0868bfe63dd97cd5fea55
d5823f6f8f29021b5700ffaf97edb6e0b929b3bc4ec364c20127498ff23374a1
d680c559bfc3623cf68413feff5c1ca69374f1d313def9f674a01869f4d7af25
d68932ece8eb0d862ad487b7494ed099ea690dcaf6f0cf5a599ab8994d3f7ef6
d7d6ba4fd0c5f1f25ce38467a2a231fc0ff5fee0d23dca8f1781d741380e4064
d8625de52840994c5e58be87bf9c157829c5689dc054ec6a2402e89d7b7a39f1
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
d96b28f40ec76b63ec65ef0e1a28bd714c82391efc4c968ea0d6561f8ac20c66
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
deee94b6bae2b88ae952755415c0bb34a56c29c0da375ce2090ab880ac8df973
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26
e286a59bebbbd432549e87c5cc38b2e900440cdc616d4b4286611e59bbdb9c61
e2ccc9c8ea94440590d3398b6b7e69df145f34787bf9a915e3a9cbf920b108ff
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46c0a900716a463eadee0338a05548ced6a084199d066229426d42b9273d263
e5595db09650405bd6fe4cd28e4433abbbd694d6faa84292c353930bdad1a4d2
e6bcb09b72fe4af0a7025a07592c4d798c853a0bc53443bbfaeeb58dbaee58bf
e735dd34ecd465da6008b63e4006611a487b8de11d057a5e18f1220e9c694eb0
e992e4a930bdca4151aff4635515d50cc4a1752f2fc62b560d2d403201db010f
eabe49325f664d9b3f39c4d10db423329aeb89639eb5842dbdf4396e484eee84
eb5490233911727fc6de6b0a4641fda9991756bf842204981f7eb0bbd6179c3e
eede9de1fe2b6044d7a53ea6bd804a2e40c249d9f1e3b8a055a1b41baeac64de
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef7572a19ba5927e9b49109e6fd11d6ca2bbb93f78179bc6d4921fff704ccda4
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f1d6eacc207784c0eca390fb932e65580c75fc1c2d19ae064d219e906cc05315
f27226a8124728cfd13b4af5c10200a99cd62486354895740efbcc56ef4e0c07
f456cb90811b3ce528e781c6f05450cf60a9c157335ea081996727601627c1d1
f598dbe7a4ca3b66ffca0381976398ed82df1cd93476951fcf31286781ab6bce
f87bd576fcbe5e9fb3f76384b78da0f241eaa8ee4b5c7b1bf451a19e4995f8fd
f8a2a9a8910819e9dd33c9df27097653785db9423adea8d3c55927596292cd73
f90c11bb02739ecefdace8febb1bf28b08f5aca32729727722c36963a0f36954
fa151abc87b7ce7e8425d9e431ac66c27a8be7d71719e76d4cec932f38374819
fa168732edfde31e4e17a90abf88fc734967fae274b2422c3944a74df6201c30
fa4e09005d25c6c9ca0ca08156258261a834729669dc98b8e1780de7f46028a2
fb38d35231518cb883bcaf98214930b304470aba76a545666bdf8bb533c0f65c
fbc058e52f83414e86ec45a7698feafd009bffeffd2e11877e155a63f3acd4ae
fedb03c2e9347c6968d1a7e54d6dbdefbf2adbdc6bcc3d7b37522a370cdac968
fef5a41be1b827a1729f19bcd123a57ee3f2cb8dc9074fffa4ab5b807f503514
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

www.urbandictionary.com Open in urlscan Pro 2a04:4e42:200::425 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

535 Requests

80 %HTTPS

25 %IPv6

89 Domains

143 Subdomains

106 IPs

12 Countries

3246 kBTransfer

8113 kBSize

119 Cookies

42 Outgoing links

Page URL History

Redirected requests

535 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 15 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.urbandictionary.com Open in urlscan Pro
2a04:4e42:200::425 Public Scan

Screenshot
Live screenshot

Full Image

535
Requests

80 %
HTTPS

25 %
IPv6

89
Domains

143
Subdomains

106
IPs

12
Countries

3246 kB
Transfer

8113 kB
Size

119
Cookies

535 HTTP transactions
15 data transactions