www.rinkworks.com Open in urlscan Pro
50.116.23.195 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.rinkworks.com/brainfood/c/logi.shtml
Submission: On October 07 via manual (October 7th 2021, 1:43:16 pm UTC) from US — Scanned from DE

Summary HTTP 131 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 32 IPs in 7 countries across 30 domains to perform 131 HTTP transactions. The main IP is 50.116.23.195, located in Richardson, United States and belongs to LINODE-AP Linode, LLC, US. The main domain is www.rinkworks.com.

This is the only time www.rinkworks.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	50.116.23.195 50.116.23.195	63949 (LINODE-AP...) (LINODE-AP Linode)
2	2606:4700::68... 2606:4700::6812:517	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2.16.186.112 2.16.186.112	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
11 49	2606:4700::68... 2606:4700::6812:c05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a02:26f0:fe0... 2a02:26f0:fe00:48c::4469	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a02:26f0:fe0... 2a02:26f0:fe00:4a5::4469	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
8	213.254.244.17 213.254.244.17	36062 (DOUBLE-VE...) (DOUBLE-VERIFY)
2	2606:4700::68... 2606:4700::6812:d05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:fa8:8806... 2a02:fa8:8806:13::1460	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:fa8:8806... 2a02:fa8:8806:12::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
13	2606:4700::68... 2606:4700::6810:5e41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
2 2	52.59.77.57 52.59.77.57	16509 (AMAZON-02) (AMAZON-02)
2 2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
2 2	52.19.186.105 52.19.186.105	16509 (AMAZON-02) (AMAZON-02)
1	34.255.169.92 34.255.169.92	16509 (AMAZON-02) (AMAZON-02)
1 1	104.111.215.191 104.111.215.191	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	2.21.141.232 2.21.141.232	16625 (AKAMAI-AS) (AKAMAI-AS)
1 5	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1 1	35.176.195.187 35.176.195.187	16509 (AMAZON-02) (AMAZON-02)
1 2	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	188.65.124.38 188.65.124.38	41690 (DAILYMOTI...) (DAILYMOTION For peering related business)
3 3	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
1	2a00:1288:80:... 2a00:1288:80:800::7000	203220 (YAHOO-DEB) (YAHOO-DEB)
7	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:f916:5049:f87f:108e	16509 (AMAZON-02) (AMAZON-02)
1	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
1 1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
1	2600:1f18:445... 2600:1f18:445b:901:5dde:90cc:842c:e1f	14618 (AMAZON-AES) (AMAZON-AES)
2	142.250.186.163 142.250.186.163	15169 (GOOGLE) (GOOGLE)
131	32

4 50.116.23.195 (Richardson, United States)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li429-195.members.linode.com

www.rinkworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:517 (United States)

ASN13335 (CLOUDFLARENET, US)

tags.expo9.exponential.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.186.112 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-112.deploy.static.akamaitechnologies.com

cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

49 2606:4700::6812:c05 (United States) 11 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:fe00:48c::4469 (Amsterdam, Netherlands)

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:fe00:4a5::4469 (Amsterdam, Netherlands)

ASN20940 (AKAMAI-ASN1, NL)

cdn3.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 213.254.244.17 (United States)

ASN36062 (DOUBLE-VERIFY, US)

rtb0.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tps20524.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tps20525.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:d05 (United States)

ASN13335 (CLOUDFLARENET, US)

cdnx.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:13::1460 (Singapore)

ASN41041 (VCLK-EU-SE, US)

direct.ad.cpe.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:12::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)

ads.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700::6810:5e41 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.98.64.218 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.59.77.57 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-77-57.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.19.186.105 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-186-105.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.255.169.92 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-169-92.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.215.191 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.21.141.232 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-141-232.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.184.226 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.176.195.187 (London, United Kingdom) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-176-195-187.eu-west-2.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.138 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.65.124.38 (L'Haÿ-les-Roses, France) 1 redirects

ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR)
PTR: icscale-01-pub-ix7.vip.dailymotion.com

public-prod-dspcookiematching.dmxleo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.189.115 (United Kingdom) 3 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.125 (Amsterdam, Netherlands) 2 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:800::7000 (Frankfurt am Main, Germany)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:f916:5049:f87f:108e (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:445b:901:5dde:90cc:842c:e1f (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f3.1e100.net

p4-eg5aqklr6p6l2-vyvq4xizfo45opni-if-v6exp3-v4.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
51	tribalfusion.com 11 redirects a.tribalfusion.com cdnx.tribalfusion.com s.tribalfusion.com	68 KB
17	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	310 KB
15	doubleverify.com cdn.doubleverify.com cdn3.doubleverify.com rtb0.doubleverify.com tps20524.doubleverify.com tps20525.doubleverify.com	38 KB
13	cloudflareinsights.com static.cloudflareinsights.com	66 KB
11	doubleclick.net 1 redirects googleads.g.doubleclick.net cm.g.doubleclick.net	53 KB
5	gstatic.com www.gstatic.com p4-eg5aqklr6p6l2-vyvq4xizfo45opni-if-v6exp3-v4.metric.gstatic.com	15 KB
5	google.com adservice.google.com www.google.com	2 KB
4	pubmatic.com 4 redirects image6.pubmatic.com simage2.pubmatic.com	2 KB
4	openx.net 3 redirects us-u.openx.net rtb.openx.net	1 KB
4	google.de adservice.google.de	1 KB
4	rinkworks.com www.rinkworks.com	13 KB
3	yahoo.com 2 redirects ups.analytics.yahoo.com ads.yahoo.com	2 KB
2	googleapis.com fonts.googleapis.com	2 KB
2	spotxchange.com 2 redirects sync.search.spotxchange.com	1 KB
2	dmxleo.com 1 redirects public-prod-dspcookiematching.dmxleo.com	438 B
2	rubiconproject.com 1 redirects pixel.rubiconproject.com	699 B
2	casalemedia.com 2 redirects dsum-sec.casalemedia.com	2 KB
2	demdex.net 2 redirects dpm.demdex.net	2 KB
2	advertising.com 2 redirects pixel.advertising.com	693 B
2	dotomi.com direct.ad.cpe.dotomi.com ads.dotomi.com	62 KB
2	exponential.com tags.expo9.exponential.com	29 KB
1	innovid.com ag.innovid.com	297 B
1	mookie1.com odr.mookie1.com	609 B
1	quantserve.com cms.quantserve.com	464 B
1	googletagservices.com www.googletagservices.com	38 KB
1	agkn.com 1 redirects aa.agkn.com	338 B
1	bluekai.com 1 redirects tags.bluekai.com	677 B
1	krxd.net beacon.krxd.net	338 B
1	googleadservices.com partner.googleadservices.com	659 B
1	fastclick.net cdn.fastclick.net	4 KB
131	30

	Domain	Requested by
42	a.tribalfusion.com	8 redirects tags.expo9.exponential.com www.rinkworks.com a.tribalfusion.com static.cloudflareinsights.com
13	static.cloudflareinsights.com	a.tribalfusion.com
10	pagead2.googlesyndication.com	www.rinkworks.com pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
7	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
7	s.tribalfusion.com	3 redirects a.tribalfusion.com
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com
5	cm.g.doubleclick.net	1 redirects googleads.g.doubleclick.net
5	cdn.doubleverify.com	a.tribalfusion.com cdn.doubleverify.com www.rinkworks.com
4	adservice.google.com	pagead2.googlesyndication.com
4	adservice.google.de	pagead2.googlesyndication.com
4	www.rinkworks.com	www.rinkworks.com
3	www.gstatic.com	googleads.g.doubleclick.net
3	image6.pubmatic.com	3 redirects
3	tps20525.doubleverify.com	cdn.doubleverify.com
3	us-u.openx.net	2 redirects a.tribalfusion.com
3	tps20524.doubleverify.com	cdn.doubleverify.com
2	p4-eg5aqklr6p6l2-vyvq4xizfo45opni-if-v6exp3-v4.metric.gstatic.com	googleads.g.doubleclick.net p4-eg5aqklr6p6l2-vyvq4xizfo45opni-if-v6exp3-v4.metric.gstatic.com
2	fonts.googleapis.com	googleads.g.doubleclick.net
2	sync.search.spotxchange.com	2 redirects
2	public-prod-dspcookiematching.dmxleo.com	1 redirects a.tribalfusion.com
2	pixel.rubiconproject.com	1 redirects a.tribalfusion.com
2	dsum-sec.casalemedia.com	2 redirects
2	dpm.demdex.net	2 redirects
2	ups.analytics.yahoo.com	2 redirects
2	pixel.advertising.com	2 redirects
2	cdnx.tribalfusion.com	www.rinkworks.com a.tribalfusion.com
2	rtb0.doubleverify.com	cdn.doubleverify.com
2	cdn3.doubleverify.com	cdn.doubleverify.com
2	tags.expo9.exponential.com	www.rinkworks.com cdn.doubleverify.com
1	ag.innovid.com	googleads.g.doubleclick.net
1	rtb.openx.net	1 redirects
1	odr.mookie1.com	googleads.g.doubleclick.net
1	cms.quantserve.com	googleads.g.doubleclick.net
1	www.googletagservices.com	googleads.g.doubleclick.net
1	www.google.com	tpc.googlesyndication.com
1	ads.yahoo.com	a.tribalfusion.com
1	simage2.pubmatic.com	1 redirects
1	aa.agkn.com	1 redirects
1	tags.bluekai.com	1 redirects
1	beacon.krxd.net	a.tribalfusion.com
1	ads.dotomi.com	www.rinkworks.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	direct.ad.cpe.dotomi.com	cdn.fastclick.net
1	cdn.fastclick.net	www.rinkworks.com
131	44

This site contains links to these domains. Also see Links.

Domain
a.tribalfusion.com
www.internetalerts.org

Subject Issuer	Validity	Valid
*.doubleverify.com DigiCert SHA2 Secure Server CA	`2021-01-10` - `2022-01-17`	a year	crt.sh
exponential.com Cloudflare Inc ECC CA-3	`2021-04-21` - `2022-04-20`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
ad.cpe.dotomi.com GlobalSign RSA OV SSL CA 2018	`2021-07-13` - `2022-06-25`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.google.de GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2021-08-10` - `2022-09-11`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-11` - `2022-06-10`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-01-13` - `2022-01-07`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
dspcookiematching.dmxleo.com ZeroSSL RSA Domain Secure Site CA	`2021-08-27` - `2021-11-25`	3 months	crt.sh
*.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-09-27` - `2021-11-17`	2 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
www.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-22` - `2022-03-25`	a year	crt.sh
*.innovid.com RapidSSL RSA CA 2018	`2020-02-07` - `2022-04-07`	2 years	crt.sh

This page contains 30 frames:

Primary Page: http://www.rinkworks.com/brainfood/c/logi.shtml
Frame ID: 7EE43BE1D7409B45C643CD3084B8F1A8
Requests: 42 HTTP requests in this frame

Frame: https://cdn3.doubleverify.com/bst2tv3.html
Frame ID: E2672521C7C5004FA2443EE219B1CF89
Requests: 1 HTTP requests in this frame

Frame: http://cdn.doubleverify.com/dv-match6.js
Frame ID: 4889A7789B018D123728F771F30C150A
Requests: 1 HTTP requests in this frame

Frame: http://a.tribalfusion.com/p.media?clickID=a0mTo6pdEv36YR4Vb7Tc3aUcJjPAMwTWM3UUZbS2UAuVEvwVqQlPTMLQcZbBPFumPWfcWGr54bevmtit0qmu4tnFPG7A2A3HmtayUdQcYrfa1UJ71a6pRFrZbUbBXTtQ4oFJxPrFpYEvy5aUk4Ef2mabB1rFcWtbPmPbDpGvwoWfD5EQ72Wmp5AFKnbrJ0GM0XVJ51VnwnT7R2UYQTFnZcUA7TPrB03UQGpE65Za6&mediaDataID=6347136&mediaName=frame.html
Frame ID: 542F033080DB5369DEA2D7A065211A7A
Requests: 4 HTTP requests in this frame

Frame: http://a.tribalfusion.com/p.media?clickID=a1mU0h3A7ZbprMLXsbQXsr5XGBMmarU2FM2VbBZbVmMTQqnRQGUMPtfxYHbxVPbw4cJ5XF3DTPau4AU6R6bB4HYr1WUZapW6o3mMY4GjdUsJdUcjkSPvxUdv3UUn25UiwUEjrVTY7PTnFSGFBPbumSHUaVcbT2FuootZaqXayp2dYZaQVbG2ABHotXsVWJhXUf91U7j1aurSUMZbUrB2TH3YobZbpPFFoYqny3TUa2a7Ytq7pHhpJ6c&mediaDataID=5578346&mediaName=frame.html
Frame ID: 85C1B577AACD05B01D2F6CAD6F6AC4C9
Requests: 4 HTTP requests in this frame

Frame: http://a.tribalfusion.com/p.media?clickID=a2mTo6mdAtVWJ60rM81FUgXaAmPrQATUvSVWvTnFZbxQb7MYa3y4Tfg2TMQmEMB1b39UWjXm67DnVvomHnC5TYh2tao3mBGpbYEYsfWXsF2XGFwnEBS5Fv2VrnFUAv3RqMQQGMmQtfr1HvoVAjM2GY20U3ZaVAqo4ABgR6bK2HZbrXW3AmH2O4mMT4cbdVc3jVVnhSAZbvUd3QTr735b2uUqjvVbja3d3Nx7hlWU&mediaDataID=6546596&mediaName=frame.html
Frame ID: 998BE808B7C8FAD64B007865E2EE4D79
Requests: 4 HTTP requests in this frame

Frame: http://a.tribalfusion.com/p.media?clickID=a3mTo636YR3sr6TGMcVcFhPPnmTWZbVUbFP3FixVEnvWa3iQqYFRVjZaRFawRt7bUGjU4UmxmHyMXamx4dMESV7G5m3LmWeyVHjhYUf9XFYfXaIsSbYATbMSVHJ2orJoRbjNYarn5Tfa4T7XmqrGYFZb6WHjWomnJnVjumHnJ3TZbh5tiN46vLpFvIYs3W1cQV1srumEnU3U3PWFjDUA7TREbQQWfs3EJZcs3X47x&mediaDataID=6807466&mediaName=frame.html
Frame ID: 30165CC296980D09E4C3610676DAE709
Requests: 4 HTTP requests in this frame

Frame: http://a.tribalfusion.com/p.media?clickID=a4mTo6prMZd0GnPYGnT1cnupTfU2bnPTrJZcW6QWQqvQPVYNQWZbr0tFsTPvm2GB20FFJT6yw4mFgPmbC4WUqXHUKmdIN3PZbY3cQgUVJ6VsMePPQwUHQWUUBP3U2pUqrmTaQlQqnISVjCPFupRdf8WcMV2FmqoWitXaan4dMZdQVrG2mUHpHXrUWJ9Ybv91UZb91TuqSrBGUUY5WtU0orQxRUrNYr7tSdJ5tF79rf&mediaDataID=2713736&mediaName=frame.html
Frame ID: D93057FA8940BF3538401972C2AF4881
Requests: 4 HTTP requests in this frame

Frame: http://a.tribalfusion.com/p.media?clickID=a5mTo6VWJ60bnb1FBg0aaqPbMATUrYWtnWmU7uQbfNXqQO5qZba5a32oa7LYbU6WWrRmPvBncfuoWnB5EUg5daq4AjKpFjE0VU0XVF11VvxpTFU3FQSWFZbZcWm75REMXSVUMQWbu1tFuVPbv2VJ1XbUKVmyr26U6PmnI4WUO0HBKpdAo4ABT4cM7VsY6Ucf8S6JxTtZbVUrb22bArUqjvTTJlQbbZc5bZbvqRsUDX&mediaDataID=6530936&mediaName=frame.html
Frame ID: FF7EE284A0759CF86CA8631EA6006003
Requests: 4 HTTP requests in this frame

Frame: http://a.tribalfusion.com/p.media?clickID=a6mTo63sr7VcQcWcb7P6nxWdvUUUZbR2bauWT3wWaUlPaUGSsJCQrEtPtMlWcbV2UenmtaOXT6n2tMHSGjH263ZbpdZamVHZbh0rUkXbYk1qqtPbYETFJYWWrWmFQmRUjt1q3y5qbf4a3RmaMCYU3dUtbQoAvZcpsvooWbL5EU73dmq3AbGmUbLXsQWYcZb1XGjnmarW2FZbWVFfCVAMYREbQScZbMQGnNWEbDuLlIEL&mediaDataID=4056396&mediaName=frame.html
Frame ID: 3A80A2507B8CF7303DA21CFCAC3FC0B5
Requests: 4 HTTP requests in this frame

Frame: http://a.tribalfusion.com/p.media?clickID=a7mTo60GnQ1c35XVfypErW5UrPTUFAWPYTPaURPVQMPHBs1W7uW6YM4G3VXbZbKV6am4A3ePArI2HUtXWYLptIu46UU3crgVsrjVVMlSAFuWdvTUrn22b6uWEjoTTQcSaYFSs7ZdPrEvRt7cWsjQ4ruoodam0Emx2tfZbSGjZa46JZbmdEyUtQdYF36XbQkXa6MSUFETFJXVtQ1nrZbsRUrN1EFy5bnlRWMfNaMoZc7&mediaDataID=7665496&mediaName=frame.html
Frame ID: 78C152F02D59FF64162F15EBE1F3004D
Requests: 4 HTTP requests in this frame

Frame: http://a.tribalfusion.com/p.media?clickID=a9mTo6VcQcUcbgRPMOTtJTWrF33rZanVaUvVqviPa3FRcFBPU6vSH38Ucv24r6ootyrXaup2HjZbQVjE2mQZamtZasUWFd0rMk1Fb91TqmSrJHWUQ5VWM3mbjxPbrr1E3r3aZba4EQ5mTBIYFU9UdrVmmnIpGnrmtnB3TB95teN5PvZaprvEYcfTXVU11sjypTj42bJUWUvFWAvXQEv2ScZbMStUr1G3p0SvIv6LQRh&mediaDataID=5436426&mediaName=frame.html
Frame ID: 897084A2951C5A2A7E6B5B25F32F0E0A
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1382747617792961&output=html&h=15&adk=3557669583&adf=1663281734&w=728&lmt=1633614191&channel=2246335018%209065640222&format=728x15_0ads_al_s&color_bg=FFFFFF&color_border=FFFFFF&color_link=3333AA&color_text=000000&color_url=3333AA&url=http%3A%2F%2Fwww.rinkworks.com%2Fbrainfood%2Fc%2Flogi.shtml&flash=0&wgl=1&dt=1633614191241&bpp=12&bdt=1713&idt=104&shv=r20211005&mjsv=m202109290101&ptt=5&saldr=sa&abxe=1&correlator=6914367198100&frm=20&pv=2&ga_vid=959011563.1633614191&ga_sid=1633614191&ga_hid=1809547132&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=436&ady=109&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423&oid=2&pvsid=1330004267916991&pem=842&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=hlEuQxCCiI&p=http%3A//www.rinkworks.com&dtd=120
Frame ID: C665D975523E1BE7BB4F5DD71DD98743
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1382747617792961&output=html&h=15&adk=3749866806&adf=1008303532&w=468&lmt=1633614191&channel=2246335018%209065640222&format=468x15_0ads_al_s&color_bg=FFFFFF&color_border=FFFFFF&color_link=3333AA&color_text=000000&color_url=3333AA&url=http%3A%2F%2Fwww.rinkworks.com%2Fbrainfood%2Fc%2Flogi.shtml&flash=0&wgl=1&dt=1633614191367&bpp=7&bdt=1840&idt=7&shv=r20211005&mjsv=m202109290101&ptt=5&saldr=sa&abxe=1&prev_fmts=728x15_0ads_al_s&correlator=6914367198100&pv_ch=2246335018%2B9065640222%2B&frm=20&pv=1&ga_vid=959011563.1633614191&ga_sid=1633614191&ga_hid=1809547132&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=566&ady=725&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423&oid=2&pvsid=1330004267916991&pem=842&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=gHMQ6nevPa&p=http%3A//www.rinkworks.com&dtd=10
Frame ID: E8F7935403D46128132B2926F80BA8F3
Requests: 1 HTTP requests in this frame

Frame: https://cdn3.doubleverify.com/bst2tv3.html
Frame ID: D742CB1590D73CCEAADB65034F929865
Requests: 1 HTTP requests in this frame

Frame: http://cdn.doubleverify.com/dv-match6.js
Frame ID: 3DEA9238B2654F99676A7A5D337801D5
Requests: 1 HTTP requests in this frame

Frame: http://a.tribalfusion.com/p.media?clickID=a2mTo6mdAtVWJ9YFn71FZbgXayqSUvFTUvSVWvTnFZbxQb7MYa3y4Tfg2TMQmaMB1b39UWjXm67DnVvomHnC5TYh2tyq3PfGpbYEYsfWXsF2XGFNpajW5bv2VrnFUAv3RqMQQGMmQtfr1HvoVAjM2GY20U3ZaVAqo4ABgR6bK2HZbrXW3AmH2m5mM03GvdVc3jVVnhSAZbvUd3QTr735b2uUqjvVbja3d3NuFG7bZc&mediaDataID=9148826&mediaName=frame.html
Frame ID: C542A68F7BD72B20374C2B951B9DF9D6
Requests: 4 HTTP requests in this frame

Frame: http://a.tribalfusion.com/p.media?clickID=a3mTo636YR3sr9VsY7WsJhPPJuTHvWTFFP3FixVEnvWa3iQqYFRVjZaRFawRW7bUGjU4UmxmHyMXamx4dMESV7G5mFZbmtayVHjhYUf9XFYfXaIrRUrCUrMSVHJ2orJoRbjNYarn5Tfa4T7XmqrGYFZb6WHjWomnJnVjumHnJ3TZbh5tiN46vFnFrGYV3W1cQV1srumEnU3U3PWFjDUA7TREbQQWfs3EJZcvR3Xur&mediaDataID=8039566&mediaName=frame.html
Frame ID: C555269A11F1FEEDFA438D2883608F72
Requests: 4 HTTP requests in this frame

Frame: http://a.tribalfusion.com/p.media?clickID=a5mTo6VWJ60bnaYFjg1EIqPbMZcTrU2WHnWmU7uQbfNXqQO5qZba5a32oa7LYbU6WWrRmPvBncfuoWnB5EUg5daq4ArZapb3E0VU0XVF11VvxpTFU2FMRVbZbZcWm75REMXSVUMQWbu1tFuVPbv2VJ1XbUKVmyr26U6PmnI4WUO0HBKpdAo4ABT4sreUcr6Ucf8S6JxTtZbVUrb22bArUqjvTTJlQbbZc5bZbvx2X2O0&mediaDataID=6719746&mediaName=frame.html
Frame ID: 4D292D31E69498F9C3278556DDFE0DEE
Requests: 4 HTTP requests in this frame

Frame: http://a.tribalfusion.com/p.media?clickID=a6mTo63sr7VcQdWVn6RPZbxWdMRUF725UauWT3wWaUlPaUGSsJCQrEtPtMlWcbV2UenmtaOXT6n2tMHSGjH263ZbpdTsVHbh0rUkXbYk1qqtPbYATrUQVtrWmFQmRUjt1q3y5qbf4a3RmaMCYU3dUtbQoAvZcpsvooWbL5EU73dmq3AbGmUbKXcrVYc31XGjnmarW2FZbWVFfCVAMYREbQScZbMQGnNWEbDwSgbC1&mediaDataID=5207316&mediaName=frame.html
Frame ID: E98E7C541BB1C371457A130F000D8652
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1382747617792961&output=html&h=90&adk=1995636810&adf=1180108593&w=200&lmt=1633614191&channel=2246335018%209065640222&format=200x90_0ads_al_s&color_bg=FFFFFF&color_border=FFFFFF&color_link=3333AA&color_text=000000&color_url=3333AA&url=http%3A%2F%2Fwww.rinkworks.com%2Fbrainfood%2Fc%2Flogi.shtml&flash=0&wgl=1&dt=1633614191936&bpp=3&bdt=2408&idt=3&shv=r20211005&mjsv=m202109290101&ptt=5&saldr=sa&abxe=1&cookie=ID%3Dcea0a363a96f4906-2228263ee8ca006b%3AT%3D1633614191%3ART%3D1633614191%3AS%3DALNI_MYaw9BzM-dV1C3apZv0SgEUtTVWAQ&prev_fmts=728x15_0ads_al_s%2C468x15_0ads_al_s&correlator=6914367198100&pv_ch=2246335018%2B9065640222%2B&frm=20&pv=1&ga_vid=959011563.1633614191&ga_sid=1633614191&ga_hid=1809547132&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=937&ady=826&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423&oid=2&pvsid=1330004267916991&pem=842&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=eeW0zg1Z0F&p=http%3A//www.rinkworks.com&dtd=7
Frame ID: 3DBDDE864967337163557063B89D00D3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211005/r20190131/zrt_lookup.html
Frame ID: 63A1B78EDA6474CE346F70CAB7779CEB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1382747617792961&output=html&adk=1812271804&adf=3025194257&lmt=1633614192&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&channel=2246335018%209065640222&format=0x0&url=http%3A%2F%2Fwww.rinkworks.com%2Fbrainfood%2Fc%2Flogi.shtml&ea=0&flash=0&pra=7&wgl=1&dt=1633614192551&bpp=1&bdt=3024&idt=1&shv=r20211005&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcea0a363a96f4906-2228263ee8ca006b%3AT%3D1633614191%3ART%3D1633614191%3AS%3DALNI_MYaw9BzM-dV1C3apZv0SgEUtTVWAQ&prev_fmts=728x15_0ads_al_s%2C468x15_0ads_al_s%2C200x90_0ads_al_s&nras=1&correlator=6914367198100&pv_ch=2246335018%2B9065640222%2B&frm=20&pv=1&ga_vid=959011563.1633614191&ga_sid=1633614191&ga_hid=1809547132&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423&oid=2&pvsid=1330004267916991&pem=842&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=4&uci=a!4&fsb=1&dtd=14
Frame ID: 1D23AB69F2BCDDEDAED81E21DBC47F1B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: F488893C8200090047E0FD855C2D1E36
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2BCD1D4AED115470129F3FBF2F3EB70B
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211005/r20110914/zrt_lookup.html?fsb=1
Frame ID: 58CA75D75423F1937F1A3B700FEC5A56
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 18D924667655475080CEC095D8D14596
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7094AACC81D6595C64854B4635618D88
Requests: 9 HTTP requests in this frame

Frame: https://p4-eg5aqklr6p6l2-vyvq4xizfo45opni-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: 1D060BC3F3F70A1609B9708647FB837C
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/6hT0VtOiLu9-LOvcCmXY2zCEL5ayT6jMkvIn30Y9geQ.js
Frame ID: 206443E755C1D516749926B1E90EB935
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Brain Food: Logi-Numbers

Detected technologies

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

131
Requests

62 %
HTTPS

49 %
IPv6

30
Domains

44
Subdomains

32
IPs

7
Countries

697 kB
Transfer

1682 kB
Size

31
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://a.tribalfusion.com/h.click/aAmUoeTFfFUAv1PqnXSVrqStjw0dZbqTm3p2c3X0b3IVmXt4mMhPmMG2WrM1WnZapdau4AMQ5sjaTsM8Wcj8RAYmUH3QTUZb12r2rVTvrTaQlQEBZdQVJCPrZarPtjcVcbT2Fyxmt6yXaew3dQHPsrH2mQZcmt6tTHFhXbUjYFJfXTyMSb3ZcWUJXTtQWmFQsRUZbtXaJp5a7a4E73oafG1bJ7UWZbTmm3BpG7wmHfC0aQ0ygjxh7/http://www.cidi.org/NepalRelief?utm_medium=banner&utm_source=exponential&utm_campaign=adcouncil&utm_content=nepal

Search URL Search Domain Scan URL

URL: https://www.internetalerts.org/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37

https://us-u.openx.net/w/1.0/cm?id=b9f5c7de-85f6-48cc-ba86-351b90373b6b&r=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db12%26redirect%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537141727%2526val%253D%2524TF_USER_ID_ENC%2524%26u%3D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=b9f5c7de-85f6-48cc-ba86-351b90373b6b&r=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db12%26redirect%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537141727%2526val%253D%2524TF_USER_ID_ENC%2524%26u%3D HTTP 302
https://a.tribalfusion.com/i.match?p=b12&redirect=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537141727%26val%3D%24TF_USER_ID_ENC%24&u=e30095c3-a4f6-4a0b-a2c4-625ab35ea4ab HTTP 302
https://s.tribalfusion.com/z/i.match?p=b12&redirect=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537141727%26val%3D%24TF_USER_ID_ENC%24&u=e30095c3-a4f6-4a0b-a2c4-625ab35ea4ab HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537141727&val=18072662307738051920

Request Chain 39

https://pixel.advertising.com/ups/57628/sync?uid=18072662307738034791&_origin=1&redir=true HTTP 302
https://pixel.advertising.com/ups/57628/sync?uid=18072662307738034791&_origin=1&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/57628/sync?uid=18072662307738034791&_origin=1&redir=true&apid=UP8359c292-2774-11ec-83da-02a5fb3287ae HTTP 302
https://ups.analytics.yahoo.com/ups/57628/sync?uid=18072662307738034791&_origin=1&redir=true&apid=UP8359c292-2774-11ec-83da-02a5fb3287ae&verify=true HTTP 302
https://a.tribalfusion.com/i.match?p=b17&u=UP8359c292-2774-11ec-83da-02a5fb3287ae HTTP 302
https://s.tribalfusion.com/z/i.match?p=b17&u=UP8359c292-2774-11ec-83da-02a5fb3287ae

Request Chain 41

https://dpm.demdex.net/ibs:dpid=22054&dpuuid=18072662307738034791&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db13%26u%3D%24%7BDD_UUID%7D HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22054&dpuuid=18072662307738034791&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db13%26u%3D%24%7BDD_UUID%7D HTTP 302
https://a.tribalfusion.com/i.match?p=b13&u=89202911527399109383820841340399940051

Request Chain 43

https://a.tribalfusion.com/i.match?p=b22&u=18072662307738034791&redirect=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dexponential%26partner_uid%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b22&u=18072662307738034791&redirect=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dexponential%26partner_uid%3D%24TF_USER_ID_ENC%24 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=exponential&partner_uid=18072662307738051925

Request Chain 45

https://tags.bluekai.com/site/4229?id=18072662307738034791&redir=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db3%26u%3D%24_BK_UUID HTTP 302
https://a.tribalfusion.com/i.match?p=b3&u=$_BK_UUID HTTP 302
https://s.tribalfusion.com/z/i.match?p=b3&u=$_BK_UUID

Request Chain 47

https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=131&external_user_id=18072662307738034791&cb=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db20%26u%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db20%26u%3D&cm_dsp_id=131&external_user_id=18072662307738034791&C=1 HTTP 302
https://a.tribalfusion.com/i.match?p=b20&u=YV75bzTwiWJEPHqE8PupDQAA HTTP 302
https://s.tribalfusion.com/z/i.match?p=b20&u=YV75bzTwiWJEPHqE8PupDQAA

Request Chain 49

https://cm.g.doubleclick.net/pixel?google_nid=exp&google_cm&google_sc&google_ula=2786954&google_hm=18072662307738034791 HTTP 302
https://a.tribalfusion.com/i.match?p=b6&u=adx&google_gid=CAESEMHmBxxLdkEv0pcbhvHkqM4&google_cver=1&google_ula=2786954,0 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=adx&google_gid=CAESEMHmBxxLdkEv0pcbhvHkqM4&google_cver=1&google_ula=2786954,0

Request Chain 51

https://aa.agkn.com/adscores/g.pixel?sid=9212295768&_puid=18072662307738034791 HTTP 302
https://a.tribalfusion.com/i.match?p=b23&u=164880603932000223099

Request Chain 53

https://a.tribalfusion.com/i.match?p=b10&u=18072662307738034791&redirect=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D111756%26nid%3D3856%26put%3D%24TF_USER_ID_ENC%24%26expires%3D180 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b10&u=18072662307738034791&redirect=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D111756%26nid%3D3856%26put%3D%24TF_USER_ID_ENC%24%26expires%3D180 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=111756&nid=3856&put=18072662307738050214&expires=180

Request Chain 79

https://a.tribalfusion.com/i.match?p=b24&u=18072662307738034791&redirect=https%3A%2F%2Fpublic-prod-dspcookiematching.dmxleo.com%2Fdspreply%3FdspId%3D15%26dspUserId%3D%24TF_USER_ID_ENC%24 HTTP 302
https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=15&dspUserId=18072662307738052621 HTTP 307
https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=15&dspUserId=18072662307738052621&cookieRequired=true

Request Chain 83

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%253A//simage2.pubmatic.com/AdServer/Pug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%2526piggybackCookie%253D18072662307738034791%2526r%253Dhttps%25253A//a.tribalfusion.com/i.match%25253Fp%25253Db11%252526u%25253D%252524%25257BPUBMATIC_UID%25257D HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%253A//simage2.pubmatic.com/AdServer/Pug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%2526piggybackCookie%253D18072662307738034791%2526r%253Dhttps%25253A//a.tribalfusion.com/i.match%25253Fp%25253Db11%252526u%25253D%252524%25257BPUBMATIC_UID%25257D&rdf=1 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw&piggybackCookie=18072662307738034791&r=https%3A//a.tribalfusion.com/i.match%3Fp%3Db11%26u%3D%24%7BPUBMATIC_UID%7D HTTP 302
https://a.tribalfusion.com/i.match?p=b11&u=0EA03DC6-1D13-4B95-8597-EB178F6A9CE2

Request Chain 85

https://sync.search.spotxchange.com/partner?adv_id=8731&uid=18072662307738034791&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db19%26u%3D$SPOTX_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=8731&uid=18072662307738034791&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db19%26u%3D$SPOTX_USER_ID&__user_check__=1&sync_id=83c6d638-2774-11ec-8b86-1384e0ef0406 HTTP 302
https://a.tribalfusion.com/i.match?p=b19&u=83c6d5c7-2774-11ec-8b86-1384e0ef0406

Request Chain 122

https://rtb.openx.net/sync/dds?google_gid=CAESEC8dVqYwVLIGUK-VPcxE13Q&google_cver=1&google_push=AYg5qPLyNNh1Cbep9DGjMn8X2lTRHTNZBokirI0PpqGCRehQAjB_S345VVrITln4Po_8naYXwWS_lhs91k8P-xLLMvIXoPhFMnc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLyNNh1Cbep9DGjMn8X2lTRHTNZBokirI0PpqGCRehQAjB_S345VVrITln4Po_8naYXwWS_lhs91k8P-xLLMvIXoPhFMnc&google_hm=NW1uQpgPyrsz65AKkplmLQ==

Request Chain 123

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEMMdpEi4RFlPEQE47UuawiY&google_cver=1&google_push=AYg5qPKPnddH4uPNhD4AcOL-VU2FTxUBrEbw1avlo3KbmXvMk653zD7dbSo6Rqs-EOLKE3MxV9muIjmWqrH76C2s7yhQYEps1wc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=DqA9xh0TS5WFl-sXj2qc4g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKPnddH4uPNhD4AcOL-VU2FTxUBrEbw1avlo3KbmXvMk653zD7dbSo6Rqs-EOLKE3MxV9muIjmWqrH76C2s7yhQYEps1wc

Request Chain 124

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIJ4ZFcwR3YXMAdmNgeobnI&google_cver=1&google_push=AYg5qPI4Mx3DKSGDQWu7Yd8ECYz48_nw4SRyNRC3VJjBGn7W9t-K6pe--_ZnmIDaj6MMFvUnna_YKKsGrpxYNkvAZ4fgz4rJ7-w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VHWlBOMFQtMjYtQUIwTA==&google_push=AYg5qPI4Mx3DKSGDQWu7Yd8ECYz48_nw4SRyNRC3VJjBGn7W9t-K6pe--_ZnmIDaj6MMFvUnna_YKKsGrpxYNkvAZ4fgz4rJ7-w

Request Chain 125

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKof5Ujz4blBxfE9EtgquLg&google_cver=1&google_push=AYg5qPKo8_YtNkb9mVral0yqzotTryMF1ufcTfMmVN9xlqZ0S8-Gae2CNxONItTGVgQwB9kGlVZ4B8-hwmnn7HU6Zyoz0Abrf1A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YV75bzTwiWJEPHqE8PupDQAABH8AAAIB&google_push=AYg5qPKo8_YtNkb9mVral0yqzotTryMF1ufcTfMmVN9xlqZ0S8-Gae2CNxONItTGVgQwB9kGlVZ4B8-hwmnn7HU6Zyoz0Abrf1A&google_gid=CAESEKof5Ujz4blBxfE9EtgquLg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YV75bzTwiWJEPHqE8PupDQAABH8AAAIB&google_push=AYg5qPKo8_YtNkb9mVral0yqzotTryMF1ufcTfMmVN9xlqZ0S8-Gae2CNxONItTGVgQwB9kGlVZ4B8-hwmnn7HU6Zyoz0Abrf1A&google_gid=CAESEKof5Ujz4blBxfE9EtgquLg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YV75bzTwiWJEPHqE8PupDQAABH8AAAIB&google_push=AYg5qPKo8_YtNkb9mVral0yqzotTryMF1ufcTfMmVN9xlqZ0S8-Gae2CNxONItTGVgQwB9kGlVZ4B8-hwmnn7HU6Zyoz0Abrf1A&google_gid=CAESEKof5Ujz4blBxfE9EtgquLg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YV75bzTwiWJEPHqE8PupDQAABH8AAAIB&google_push=AYg5qPKo8_YtNkb9mVral0yqzotTryMF1ufcTfMmVN9xlqZ0S8-Gae2CNxONItTGVgQwB9kGlVZ4B8-hwmnn7HU6Zyoz0Abrf1A&google_gid=CAESEKof5Ujz4blBxfE9EtgquLg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YV75bzTwiWJEPHqE8PupDQAABH8AAAIB&google_push=AYg5qPKo8_YtNkb9mVral0yqzotTryMF1ufcTfMmVN9xlqZ0S8-Gae2CNxONItTGVgQwB9kGlVZ4B8-hwmnn7HU6Zyoz0Abrf1A&google_gid=CAESEKof5Ujz4blBxfE9EtgquLg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YV75bzTwiWJEPHqE8PupDQAABH8AAAIB&google_push=AYg5qPKo8_YtNkb9mVral0yqzotTryMF1ufcTfMmVN9xlqZ0S8-Gae2CNxONItTGVgQwB9kGlVZ4B8-hwmnn7HU6Zyoz0Abrf1A&google_gid=CAESEKof5Ujz4blBxfE9EtgquLg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YV75bzTwiWJEPHqE8PupDQAABH8AAAIB&google_push=AYg5qPKo8_YtNkb9mVral0yqzotTryMF1ufcTfMmVN9xlqZ0S8-Gae2CNxONItTGVgQwB9kGlVZ4B8-hwmnn7HU6Zyoz0Abrf1A&google_gid=CAESEKof5Ujz4blBxfE9EtgquLg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YV75bzTwiWJEPHqE8PupDQAABH8AAAIB&google_push=AYg5qPKo8_YtNkb9mVral0yqzotTryMF1ufcTfMmVN9xlqZ0S8-Gae2CNxONItTGVgQwB9kGlVZ4B8-hwmnn7HU6Zyoz0Abrf1A&google_gid=CAESEKof5Ujz4blBxfE9EtgquLg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YV75bzTwiWJEPHqE8PupDQAABH8AAAIB&google_push=AYg5qPKo8_YtNkb9mVral0yqzotTryMF1ufcTfMmVN9xlqZ0S8-Gae2CNxONItTGVgQwB9kGlVZ4B8-hwmnn7HU6Zyoz0Abrf1A&google_gid=CAESEKof5Ujz4blBxfE9EtgquLg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YV75bzTwiWJEPHqE8PupDQAABH8AAAIB&google_push=AYg5qPKo8_YtNkb9mVral0yqzotTryMF1ufcTfMmVN9xlqZ0S8-Gae2CNxONItTGVgQwB9kGlVZ4B8-hwmnn7HU6Zyoz0Abrf1A&google_gid=CAESEKof5Ujz4blBxfE9EtgquLg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YV75bzTwiWJEPHqE8PupDQAABH8AAAIB&google_push=AYg5qPKo8_YtNkb9mVral0yqzotTryMF1ufcTfMmVN9xlqZ0S8-Gae2CNxONItTGVgQwB9kGlVZ4B8-hwmnn7HU6Zyoz0Abrf1A&google_gid=CAESEKof5Ujz4blBxfE9EtgquLg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YV75bzTwiWJEPHqE8PupDQAABH8AAAIB&google_push=AYg5qPKo8_YtNkb9mVral0yqzotTryMF1ufcTfMmVN9xlqZ0S8-Gae2CNxONItTGVgQwB9kGlVZ4B8-hwmnn7HU6Zyoz0Abrf1A&google_gid=CAESEKof5Ujz4blBxfE9EtgquLg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YV75bzTwiWJEPHqE8PupDQAABH8AAAIB&google_push=AYg5qPKo8_YtNkb9mVral0yqzotTryMF1ufcTfMmVN9xlqZ0S8-Gae2CNxONItTGVgQwB9kGlVZ4B8-hwmnn7HU6Zyoz0Abrf1A&google_gid=CAESEKof5Ujz4blBxfE9EtgquLg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YV75bzTwiWJEPHqE8PupDQAABH8AAAIB&google_push=AYg5qPKo8_YtNkb9mVral0yqzotTryMF1ufcTfMmVN9xlqZ0S8-Gae2CNxONItTGVgQwB9kGlVZ4B8-hwmnn7HU6Zyoz0Abrf1A&google_gid=CAESEKof5Ujz4blBxfE9EtgquLg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YV75bzTwiWJEPHqE8PupDQAABH8AAAIB&google_push=AYg5qPKo8_YtNkb9mVral0yqzotTryMF1ufcTfMmVN9xlqZ0S8-Gae2CNxONItTGVgQwB9kGlVZ4B8-hwmnn7HU6Zyoz0Abrf1A&google_gid=CAESEKof5Ujz4blBxfE9EtgquLg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YV75bzTwiWJEPHqE8PupDQAABH8AAAIB&google_push=AYg5qPKo8_YtNkb9mVral0yqzotTryMF1ufcTfMmVN9xlqZ0S8-Gae2CNxONItTGVgQwB9kGlVZ4B8-hwmnn7HU6Zyoz0Abrf1A&google_gid=CAESEKof5Ujz4blBxfE9EtgquLg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YV75bzTwiWJEPHqE8PupDQAABH8AAAIB&google_push=AYg5qPKo8_YtNkb9mVral0yqzotTryMF1ufcTfMmVN9xlqZ0S8-Gae2CNxONItTGVgQwB9kGlVZ4B8-hwmnn7HU6Zyoz0Abrf1A&google_gid=CAESEKof5Ujz4blBxfE9EtgquLg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YV75bzTwiWJEPHqE8PupDQAABH8AAAIB&google_push=AYg5qPKo8_YtNkb9mVral0yqzotTryMF1ufcTfMmVN9xlqZ0S8-Gae2CNxONItTGVgQwB9kGlVZ4B8-hwmnn7HU6Zyoz0Abrf1A&google_gid=CAESEKof5Ujz4blBxfE9EtgquLg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YV75bzTwiWJEPHqE8PupDQAABH8AAAIB&google_push=AYg5qPKo8_YtNkb9mVral0yqzotTryMF1ufcTfMmVN9xlqZ0S8-Gae2CNxONItTGVgQwB9kGlVZ4B8-hwmnn7HU6Zyoz0Abrf1A&google_gid=CAESEKof5Ujz4blBxfE9EtgquLg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YV75bzTwiWJEPHqE8PupDQAABH8AAAIB&google_push=AYg5qPKo8_YtNkb9mVral0yqzotTryMF1ufcTfMmVN9xlqZ0S8-Gae2CNxONItTGVgQwB9kGlVZ4B8-hwmnn7HU6Zyoz0Abrf1A&google_gid=CAESEKof5Ujz4blBxfE9EtgquLg&google_cver=1

131 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request logi.shtml Show response
www.rinkworks.com/brainfood/c/ 8 KB
3 KB 282ms
258ms Document
text/html 50.116.23.195
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: http://www.rinkworks.com/brainfood/c/logi.shtml
Protocol: HTTP/1.1
Server: 50.116.23.195 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li429-195.members.linode.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: d4a734d6dbdfc354949ce2f9d9c960583e49097857c04f5144691f4f8c7ef5aa

Request headers

Host: www.rinkworks.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Thu, 07 Oct 2021 13:43:09 GMT
Server: Apache/2.4.29 (Ubuntu)
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2475
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html

GET
H/1.1 200
OK style.css
www.rinkworks.com/css/ 12 KB
3 KB 131ms
131ms Stylesheet
text/css 50.116.23.195
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: http://www.rinkworks.com/css/style.css
Requested by: Host: www.rinkworks.com
URL: http://www.rinkworks.com/brainfood/c/logi.shtml
Protocol: HTTP/1.1
Server: 50.116.23.195 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li429-195.members.linode.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 0edbf61cafea63fbb6ffb84a6478b6da11c5d114cf31fb78b91fba5743c59c61

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.rinkworks.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://www.rinkworks.com/brainfood/c/logi.shtml
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://www.rinkworks.com/brainfood/c/logi.shtml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 07 Oct 2021 13:43:09 GMT
Content-Encoding: gzip
Last-Modified: Fri, 03 Jul 2020 14:21:06 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "3181-5a98a3c523b3a-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 2230

GET
H/1.1 200
OK brainfood.css
www.rinkworks.com/css/ 6 KB
2 KB 255ms
252ms Stylesheet
text/css 50.116.23.195
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: http://www.rinkworks.com/css/brainfood.css
Requested by: Host: www.rinkworks.com
URL: http://www.rinkworks.com/brainfood/c/logi.shtml
Protocol: HTTP/1.1
Server: 50.116.23.195 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li429-195.members.linode.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 29c68c2bfedd788aa12170e21a7299910122b67df280d9c12820a8f79e9daaa1

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.rinkworks.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://www.rinkworks.com/brainfood/c/logi.shtml
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://www.rinkworks.com/brainfood/c/logi.shtml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 07 Oct 2021 13:43:09 GMT
Content-Encoding: gzip
Last-Modified: Wed, 01 Oct 2008 17:59:15 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "17dc-45834dbbd42c0-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1201

GET
H/1.1 200
OK tags.js Show response
tags.expo9.exponential.com/tags/RinkWorks/ROS/ 59 KB
14 KB 223ms
210ms Script
application/x-javascript 2606:4700::6812:517
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://tags.expo9.exponential.com/tags/RinkWorks/ROS/tags.js
Requested by: Host: www.rinkworks.com
URL: http://www.rinkworks.com/brainfood/c/logi.shtml
Protocol: HTTP/1.1
Server: 2606:4700::6812:517 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d64fbf9622c2c2ac1f3c95e3c56d062a2ae2d2604af7ca7a6e70d00f5f66e059

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.rinkworks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 07 Oct 2021 13:43:09 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
P3P: CP="NOI DEVo TAIa OUR BUS"
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length: 14135
X-Function: 151
Last-Modified: Wed, 11 Aug 2021 04:08:51 GMT
Server: cloudflare
X-Reuse-Index: 2
ETag: 1465915661854892734
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=3600, private
CF-RAY: 69a78e8ccf926909-FRA
Expires: Thu, 07 Oct 2021 14:43:09 GMT

GET
H/1.1 200
OK show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 114 KB
40 KB 45ms
42ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: www.rinkworks.com
URL: http://www.rinkworks.com/brainfood/c/logi.shtml

Protocol

HTTP/1.1

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50c0e3de1240eaf0867b34fdb9ee12e7563d11535f53e2b094473ff3ff8e3b16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.rinkworks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Thu, 07 Oct 2021 13:43:09 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 2460283662745924971
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 40860
X-XSS-Protection: 0
Expires: Thu, 07 Oct 2021 13:43:09 GMT

GET
H/1.1 200
OK pzzlbnnr.gif
www.rinkworks.com/brainfood/im/ 6 KB
6 KB 128ms
128ms Image
image/gif 50.116.23.195
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.rinkworks.com/brainfood/im/pzzlbnnr.gif
Requested by: Host: www.rinkworks.com
URL: http://www.rinkworks.com/brainfood/c/logi.shtml
Protocol: HTTP/1.1
Server: 50.116.23.195 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li429-195.members.linode.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 6b764ea77ba389516596888847e0fdb73dba3cdaff3b485d5f9b11b641965855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.rinkworks.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.rinkworks.com/brainfood/c/logi.shtml
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://www.rinkworks.com/brainfood/c/logi.shtml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 07 Oct 2021 13:43:09 GMT
Last-Modified: Thu, 21 May 1998 00:49:11 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "18d6-32ea524bd4fc0"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 6358

GET
H/1.1 200
OK pubcode.min.js Show response
cdn.fastclick.net/js/adcodes/ 10 KB
4 KB 51ms
19ms Script
application/javascript 2.16.186.112
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.fastclick.net/js/adcodes/pubcode.min.js
Requested by: Host: www.rinkworks.com
URL: http://www.rinkworks.com/brainfood/c/logi.shtml
Protocol: HTTP/1.1
Server: 2.16.186.112 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-112.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: aeb4e91ace2fa32384064caa3eb3d1355e938bbb7d0a86b0b5280ee649d24544

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.rinkworks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 07 Oct 2021 13:43:09 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Jun 2020 22:08:18 GMT
Server: Apache
ETag: "269f-5a7c214d0c865-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3788

GET
H/1.1 200
OK displayAd.js Show response
a.tribalfusion.com/ 678 B
1 KB 188ms
177ms Script
application/x-javascript 2606:4700::6812:c05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://a.tribalfusion.com/displayAd.js?dver=0.9&th=7822345132
Requested by: Host: tags.expo9.exponential.com
URL: http://tags.expo9.exponential.com/tags/RinkWorks/ROS/tags.js
Protocol: HTTP/1.1
Server: 2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d099d1fec025d8af7d71db732c1b29e203ff4ee6525c0c71c1194cac60957bfa

Request headers

Referer: http://www.rinkworks.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Thu, 07 Oct 2021 13:43:09 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
P3P: CP="NOI DEVo TAIa OUR BUS"
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length: 330
X-Function: 153
Last-Modified: Wed, 11 Aug 2021 04:08:51 GMT
Server: cloudflare
X-Reuse-Index: 3
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private
CF-RAY: 69a78e8e6c7b6958-FRA
Expires: Wed, 05 Jan 2022 13:43:09 GMT

GET
H/1.1 200
OK j.ad Show response
a.tribalfusion.com/ 6 KB
3 KB 174ms
174ms Script
application/x-javascript 2606:4700::6812:c05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://a.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=7822345132&tagKey=2630619931&site=rinkworks&adSpace=ros&center=1&size=728x90,468x60&env=display&url=http%3A%2F%2Fwww.rinkworks.com%2Fbrainfood%2Fc%2Flogi.shtml&f=0&p=14113205&tKey=ammneM5Tj1nErDYrZbbTH7UyprwSdEWme&a=1&adContainerId=richmedia_2&rnd=14117484
Requested by: Host: tags.expo9.exponential.com
URL: http://tags.expo9.exponential.com/tags/RinkWorks/ROS/tags.js
Protocol: HTTP/1.1
Server: 2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ef236eb25a31efd2630a9df3a26c376d3e40caa488752360024d55967365b11

Request headers

Referer: http://www.rinkworks.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Thu, 07 Oct 2021 13:43:10 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
P3P: CP="NOI DEVo TAIa OUR BUS"
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length: 2561
Pragma: no-cache
X-Function: 101
Server: cloudflare
X-Reuse-Index: 11
Vary: Accept-Encoding
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: private, no-cache, no-store, proxy-revalidate
CF-RAY: 69a78e8f7edb6958-FRA
Expires: 0

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ 2 KB
2 KB 76ms
13ms Script
application/javascript 2a02:26f0:fe00:48c::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=3758893&cmp=26291800&plc=311302239&sid=5745037&dvregion=0&unit=728x90
Requested by: Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=7822345132&tagKey=2630619931&site=rinkworks&adSpace=ros&center=1&size=728x90,468x60&env=display&url=http%3A%2F%2Fwww.rinkworks.com%2Fbrainfood%2Fc%2Flogi.shtml&f=0&p=14113205&tKey=ammneM5Tj1nErDYrZbbTH7UyprwSdEWme&a=1&adContainerId=richmedia_2&rnd=14117484
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:fe00:48c::4469 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 42977b3f1bf3b11d34a40c50c095d65b3ba8631ef4ebb37b950ccd9c401d2181

Request headers

Referer: http://www.rinkworks.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Thu, 07 Oct 2021 13:43:10 GMT
Content-Encoding: gzip
Last-Modified: Mon, 09 Aug 2021 12:31:25 GMT
Server: Microsoft-IIS/10.0
ETag: "e6262781a8dd71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 1338

GET
H/1.1 200
OK dvbs_src_internal99.js Show response
cdn.doubleverify.com/ 61 KB
19 KB 33ms
32ms Script
application/javascript 2a02:26f0:fe00:48c::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=3758893&cmp=26291800&plc=311302239&sid=5745037&dvregion=0&unit=728x90
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:fe00:48c::4469 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 158edd2a7562d2b16eadda8fb990eb8d20e53837dd1abdfd2c890fcc0980ede0

Request headers

Referer: http://www.rinkworks.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Thu, 07 Oct 2021 13:43:10 GMT
Content-Encoding: gzip
Last-Modified: Mon, 09 Aug 2021 12:31:42 GMT
Server: Microsoft-IIS/10.0
ETag: "08bf9811a8dd71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19248

GET
H/1.1 200
OK bst2tv3.html Show response
cdn3.doubleverify.com/ Frame E267 1 KB
981 B 49ms
13ms Document
text/html 2a02:26f0:fe00:4a5::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn3.doubleverify.com/bst2tv3.html
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:fe00:4a5::4469 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 86be5d6a3d661fd3d5d72f254a347dec5c66cad569117f51dad297acba02f558

Request headers

Host: cdn3.doubleverify.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://www.rinkworks.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.rinkworks.com/

Response headers

Content-Type: text/html
Last-Modified: Tue, 02 Sep 2014 17:01:36 GMT
Accept-Ranges: bytes
ETag: "01818ecfc6cf1:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 634
Cache-Control: max-age=46699
Date: Thu, 07 Oct 2021 13:43:10 GMT
Connection: keep-alive

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ 1 KB
1014 B 536ms
15ms Script
text/javascript 213.254.244.17
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: http://rtb0.doubleverify.com/verify.js?jsCallback=__verify_callback_232017382193&jsTagObjCallback=__tagObject_callback_232017382193&num=6&ctx=3758893&cmp=26291800&plc=311302239&sid=5745037&advid=&adsrv=&unit=728x90&isdvvid=&uid=232017382193&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&brid=3&brver=93&bridua=3&dup=null&chro=1&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&srcurlD=0&ssl=0&refD=0&htmlmsging=1&m1=13&noc=4&fcifrms=1&brh=2&fwc=0&flt=21&fec=22&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=147&eparams=DC4FC%3Dl9EEATbpTauTauHHH%5DC%3A%3F%3CH%40C%3CD%5D4%40%3ETau3C2%3A%3F7%40%405Tau4Tau%3D%408%3A%5DD9E%3E%3D&dvp_exetime=10.80&callbackName=__verify_callback_232017382193
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol: HTTP/1.1
Server: 213.254.244.17 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: 1e9051fc3da4d4338365016172225cc3456c954557693f0fe8e8a9dbec7d74f4

Request headers

Referer: http://www.rinkworks.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma: no-cache
X-DV-Response: 1
Content-Encoding: gzip
Date: Thu, 07 Oct 2021 13:43:10 GMT
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=0
Transfer-Encoding: chunked
Expires: 10/6/2021 1:43:10 PM

GET
H/1.1 200
OK dv-match6.js Show response
cdn.doubleverify.com/ Frame 4889 4 KB
2 KB 25ms
22ms Script
application/javascript 2a02:26f0:fe00:48c::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.doubleverify.com/dv-match6.js
Requested by: Host: www.rinkworks.com
URL: http://www.rinkworks.com/brainfood/c/logi.shtml
Protocol: HTTP/1.1
Server: 2a02:26f0:fe00:48c::4469 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d03755898b05a3d69377bf7da16ccb307e789a0f569b4dbbcb7b29bdecf967c5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.rinkworks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 07 Oct 2021 13:43:10 GMT
Content-Encoding: gzip
Last-Modified: Sun, 11 Mar 2018 04:45:12 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "03c84bdf3b8d31:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=52118
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1935

POST
H/1.1 200
OK bsevent.gif
tps20524.doubleverify.com/ 807 B
1 KB 665ms
15ms Ping
image/gif 213.254.244.17
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: http://tps20524.doubleverify.com/bsevent.gif?impid=72145f1db1b5473a8e48bb40d6482ee1&dvp_or2=1&cbust=1633614190840482
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol: HTTP/1.1
Server: 213.254.244.17 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: 78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer: http://www.rinkworks.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Thu, 07 Oct 2021 13:43:11 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: image/gif
Access-Control-Allow-Origin: http://www.rinkworks.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 860
Expires: 10/6/2021 1:43:11 PM

POST
H/1.1 200
OK bsevent.gif
tps20524.doubleverify.com/ 807 B
1 KB 665ms
16ms Ping
image/gif 213.254.244.17
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: http://tps20524.doubleverify.com/bsevent.gif?impid=72145f1db1b5473a8e48bb40d6482ee1&vfdur=536&cbust=1633614190841872
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol: HTTP/1.1
Server: 213.254.244.17 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: 78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer: http://www.rinkworks.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Thu, 07 Oct 2021 13:43:11 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: image/gif
Access-Control-Allow-Origin: http://www.rinkworks.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 860
Expires: 10/6/2021 1:43:11 PM

GET
H2 200 tags.js Show response
tags.expo9.exponential.com/tags/ContentVerification/AdVerificationBackup_DV/ 59 KB
14 KB 199ms
179ms Script
application/x-javascript 2606:4700::6812:517
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.expo9.exponential.com/tags/ContentVerification/AdVerificationBackup_DV/tags.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:517 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09052d858b92b95d2609cecee50dcbe39561e1a37632cc44ccfba57ea61a2fd9

Request headers

Referer: http://www.rinkworks.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Thu, 07 Oct 2021 13:43:11 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
p3p: CP="NOI DEVo TAIa OUR BUS"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 14121
x-function: 151
last-modified: Wed, 11 Aug 2021 04:08:51 GMT
server: cloudflare
x-reuse-index: 47
etag: 359443243770392154
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600, private
cf-ray: 69a78e94ef2d4a6d-FRA
expires: Thu, 07 Oct 2021 14:43:10 GMT

GET
H/1.1 200
OK j.ad Show response
a.tribalfusion.com/ 589 B
1 KB 177ms
177ms Script
application/x-javascript 2606:4700::6812:c05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://a.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=7822345132&tagKey=2630619931&site=contentverification&adSpace=adverificationbackup_dv&center=1&size=728x90&env=display&url=http%3A%2F%2Fwww.rinkworks.com%2Fbrainfood%2Fc%2Flogi.shtml&f=0&p=14113205&tKey=ammneM5Tj1nErDYrZbbTH7UyprwSdEWme&a=3&adContainerId=richmedia_4&rnd=14119225
Requested by: Host: tags.expo9.exponential.com
URL: http://tags.expo9.exponential.com/tags/RinkWorks/ROS/tags.js
Protocol: HTTP/1.1
Server: 2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 211c99f43ef93e68c327dcbe3b04118a19dde26b69c99784f061d37d65b5d971

Request headers

Referer: http://www.rinkworks.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Thu, 07 Oct 2021 13:43:11 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
P3P: CP="NOI DEVo TAIa OUR BUS"
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length: 466
Pragma: no-cache
X-Function: 101
Server: cloudflare
X-Reuse-Index: 2
Vary: Accept-Encoding
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: private, no-cache, no-store, proxy-revalidate
CF-RAY: 69a78e96184e6958-FRA
Expires: 0

GET
H/1.1 200
OK adc_ndr_nepal_728x90.gif
cdnx.tribalfusion.com/media/5268406/ 25 KB
26 KB 35ms
21ms Image
image/gif 2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdnx.tribalfusion.com/media/5268406/adc_ndr_nepal_728x90.gif
Requested by: Host: www.rinkworks.com
URL: http://www.rinkworks.com/brainfood/c/logi.shtml
Protocol: HTTP/1.1
Server: 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 471c6845b9b92e9ade5a83127d1a693fa80a74655cdbe4e4d820fa77de860213

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.rinkworks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 07 Oct 2021 13:43:11 GMT
CF-Cache-Status: HIT
Age: 36172
P3P: CP="NOI DEVo TAIa OUR BUS"
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length: 25604
X-Function: 301
Last-Modified: Wed, 03 Jun 2015 15:22:10 GMT
Server: cloudflare
ETag: 1433344930
Vary: Accept-Encoding
Content-Type: image/gif; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public
Accept-Ranges: bytes
CF-RAY: 69a78e974f6a6933-FRA
Expires: Tue, 31 Dec 2030 00:00:00 GMT

GET
H/1.1 200
OK Cookie set p.media Show response
a.tribalfusion.com/ Frame 542F 414 B
1 KB 179ms
179ms Document
text/html 2606:4700::6812:c05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://a.tribalfusion.com/p.media?clickID=a0mTo6pdEv36YR4Vb7Tc3aUcJjPAMwTWM3UUZbS2UAuVEvwVqQlPTMLQcZbBPFumPWfcWGr54bevmtit0qmu4tnFPG7A2A3HmtayUdQcYrfa1UJ71a6pRFrZbUbBXTtQ4oFJxPrFpYEvy5aUk4Ef2mabB1rFcWtbPmPbDpGvwoWfD5EQ72Wmp5AFKnbrJ0GM0XVJ51VnwnT7R2UYQTFnZcUA7TPrB03UQGpE65Za6&mediaDataID=6347136&mediaName=frame.html
Requested by: Host: www.rinkworks.com
URL: http://www.rinkworks.com/brainfood/c/logi.shtml
Protocol: HTTP/1.1
Server: 2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26fd2ddd45d1827edb37595acbb8e0c587206048c245a9f5f32418d3d8c00611

Request headers

Host: a.tribalfusion.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://www.rinkworks.com/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.rinkworks.com/

Response headers

Date: Thu, 07 Oct 2021 13:43:11 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="NOI DEVo TAIa OUR BUS"
X-Function: 102
X-Reuse-Index: 4
Pragma: no-cache
Cache-Control: private, no-cache, no-store, proxy-revalidate
Set-Cookie: ANON_ID=aMnpe3R3YWy7UXuTwb8yTGA9aqc01Jdj3RULFUUjYhWXTGeYdET4; path=/; domain=.tribalfusion.com; expires=Wed, 05-Jan-2022 13:43:11 GMT; SameSite=None; Secure;
Vary: Accept-Encoding
Expires: 0
set-cookie: ANON_ID_old=aMnpe3R3YWy7UXuTwb8yTGA9aqc01Jdj3RULFUUjYhWXTGeYdET4; path=/; domain=.tribalfusion.com; expires=Wed, 05-Jan-2022 13:43:11 GMT;
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 69a78e973b326958-FRA
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H/1.1 200
OK Cookie set p.media Show response
a.tribalfusion.com/ Frame 85C1 465 B
1 KB 180ms
176ms Document
text/html 2606:4700::6812:c05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://a.tribalfusion.com/p.media?clickID=a1mU0h3A7ZbprMLXsbQXsr5XGBMmarU2FM2VbBZbVmMTQqnRQGUMPtfxYHbxVPbw4cJ5XF3DTPau4AU6R6bB4HYr1WUZapW6o3mMY4GjdUsJdUcjkSPvxUdv3UUn25UiwUEjrVTY7PTnFSGFBPbumSHUaVcbT2FuootZaqXayp2dYZaQVbG2ABHotXsVWJhXUf91U7j1aurSUMZbUrB2TH3YobZbpPFFoYqny3TUa2a7Ytq7pHhpJ6c&mediaDataID=5578346&mediaName=frame.html
Requested by: Host: www.rinkworks.com
URL: http://www.rinkworks.com/brainfood/c/logi.shtml
Protocol: HTTP/1.1
Server: 2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7594a9ae892fe5bd554d9d803b00d5f52c696fe23f2fb67f620ef03386c2e8db

Request headers

Host: a.tribalfusion.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://www.rinkworks.com/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.rinkworks.com/

Response headers

Date: Thu, 07 Oct 2021 13:43:11 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="NOI DEVo TAIa OUR BUS"
X-Function: 102
X-Reuse-Index: 3
Pragma: no-cache
Cache-Control: private, no-cache, no-store, proxy-revalidate
Set-Cookie: ANON_ID=a9npe3s2aFppAJs90Xc3aWLcP9JX5ZbaZc7A1wbT3iBZb4gnveYdhsh; path=/; domain=.tribalfusion.com; expires=Wed, 05-Jan-2022 13:43:11 GMT; SameSite=None; Secure;
Vary: Accept-Encoding
Expires: 0
set-cookie: ANON_ID_old=a9npe3s2aFppAJs90Xc3aWLcP9JX5ZbaZc7A1wbT3iBZb4gnveYdhsh; path=/; domain=.tribalfusion.com; expires=Wed, 05-Jan-2022 13:43:11 GMT;
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 69a78e9748f64a7f-FRA
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H/1.1 200
OK Cookie set p.media Show response
a.tribalfusion.com/ Frame 998B 582 B
1 KB 174ms
171ms Document
text/html 2606:4700::6812:c05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://a.tribalfusion.com/p.media?clickID=a2mTo6mdAtVWJ60rM81FUgXaAmPrQATUvSVWvTnFZbxQb7MYa3y4Tfg2TMQmEMB1b39UWjXm67DnVvomHnC5TYh2tao3mBGpbYEYsfWXsF2XGFwnEBS5Fv2VrnFUAv3RqMQQGMmQtfr1HvoVAjM2GY20U3ZaVAqo4ABgR6bK2HZbrXW3AmH2O4mMT4cbdVc3jVVnhSAZbvUd3QTr735b2uUqjvVbja3d3Nx7hlWU&mediaDataID=6546596&mediaName=frame.html
Requested by: Host: www.rinkworks.com
URL: http://www.rinkworks.com/brainfood/c/logi.shtml
Protocol: HTTP/1.1
Server: 2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 077652eca3bfdda0282d07f406c24283fc26baee59c9bf9e99c6b7bb045f4891

Request headers

Host: a.tribalfusion.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://www.rinkworks.com/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.rinkworks.com/

Response headers

Date: Thu, 07 Oct 2021 13:43:11 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="NOI DEVo TAIa OUR BUS"
X-Function: 102
X-Reuse-Index: 28
Pragma: no-cache
Cache-Control: private, no-cache, no-store, proxy-revalidate
Set-Cookie: ANON_ID=ahnpe3m5abnAyuoEVMDZdmnZcGXZbZbvGJikY3SKZbfyiMATJrReYdgNT; path=/; domain=.tribalfusion.com; expires=Wed, 05-Jan-2022 13:43:11 GMT; SameSite=None; Secure;
Vary: Accept-Encoding
Expires: 0
set-cookie: ANON_ID_old=ahnpe3m5abnAyuoEVMDZdmnZcGXZbZbvGJikY3SKZbfyiMATJrReYdgNT; path=/; domain=.tribalfusion.com; expires=Wed, 05-Jan-2022 13:43:11 GMT;
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 69a78e974c8a0ebb-FRA
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H/1.1 200
OK Cookie set p.media Show response
a.tribalfusion.com/ Frame 3016 503 B
1 KB 180ms
177ms Document
text/html 2606:4700::6812:c05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://a.tribalfusion.com/p.media?clickID=a3mTo636YR3sr6TGMcVcFhPPnmTWZbVUbFP3FixVEnvWa3iQqYFRVjZaRFawRt7bUGjU4UmxmHyMXamx4dMESV7G5m3LmWeyVHjhYUf9XFYfXaIsSbYATbMSVHJ2orJoRbjNYarn5Tfa4T7XmqrGYFZb6WHjWomnJnVjumHnJ3TZbh5tiN46vLpFvIYs3W1cQV1srumEnU3U3PWFjDUA7TREbQQWfs3EJZcs3X47x&mediaDataID=6807466&mediaName=frame.html
Requested by: Host: www.rinkworks.com
URL: http://www.rinkworks.com/brainfood/c/logi.shtml
Protocol: HTTP/1.1
Server: 2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4c7c01c5ce917bd8f45e242b7792dc23e1af72b991096da70ee20f7c86f790d

Request headers

Host: a.tribalfusion.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://www.rinkworks.com/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.rinkworks.com/

Response headers

Date: Thu, 07 Oct 2021 13:43:11 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="NOI DEVo TAIa OUR BUS"
X-Function: 102
X-Reuse-Index: 4
Pragma: no-cache
Cache-Control: private, no-cache, no-store, proxy-revalidate
Set-Cookie: ANON_ID=ainpe3t3ern6AxvVDRaZcZapIHa2FfCm6i3x31TC4O7a0gFaeYdPuU; path=/; domain=.tribalfusion.com; expires=Wed, 05-Jan-2022 13:43:11 GMT; SameSite=None; Secure;
Vary: Accept-Encoding
Expires: 0
set-cookie: ANON_ID_old=ainpe3t3ern6AxvVDRaZcZapIHa2FfCm6i3x31TC4O7a0gFaeYdPuU; path=/; domain=.tribalfusion.com; expires=Wed, 05-Jan-2022 13:43:11 GMT;
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 69a78e974c244a6d-FRA
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H/1.1 200
OK Cookie set p.media Show response
a.tribalfusion.com/ Frame D930 460 B
1 KB 189ms
186ms Document
text/html 2606:4700::6812:c05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://a.tribalfusion.com/p.media?clickID=a4mTo6prMZd0GnPYGnT1cnupTfU2bnPTrJZcW6QWQqvQPVYNQWZbr0tFsTPvm2GB20FFJT6yw4mFgPmbC4WUqXHUKmdIN3PZbY3cQgUVJ6VsMePPQwUHQWUUBP3U2pUqrmTaQlQqnISVjCPFupRdf8WcMV2FmqoWitXaan4dMZdQVrG2mUHpHXrUWJ9Ybv91UZb91TuqSrBGUUY5WtU0orQxRUrNYr7tSdJ5tF79rf&mediaDataID=2713736&mediaName=frame.html
Requested by: Host: www.rinkworks.com
URL: http://www.rinkworks.com/brainfood/c/logi.shtml
Protocol: HTTP/1.1
Server: 2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df98aaf7444a19538c3d6cd3de279510848752986080c3749f28b8a2138c857a

Request headers

Host: a.tribalfusion.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://www.rinkworks.com/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.rinkworks.com/

Response headers

Date: Thu, 07 Oct 2021 13:43:11 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="NOI DEVo TAIa OUR BUS"
X-Function: 102
X-Reuse-Index: 46
Pragma: no-cache
Cache-Control: private, no-cache, no-store, proxy-revalidate
Set-Cookie: ANON_ID=arnpe3NZaiMyAmemDpPjgi8ZcpPvIgZcKfjZbvyJmJSXBQRKZbQeYdZcGl; path=/; domain=.tribalfusion.com; expires=Wed, 05-Jan-2022 13:43:11 GMT; SameSite=None; Secure;
Vary: Accept-Encoding
Expires: 0
set-cookie: ANON_ID_old=arnpe3NZaiMyAmemDpPjgi8ZcpPvIgZcKfjZbvyJmJSXBQRKZbQeYdZcGl; path=/; domain=.tribalfusion.com; expires=Wed, 05-Jan-2022 13:43:11 GMT;
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 69a78e974a615b6e-FRA
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H/1.1 200
OK Cookie set p.media Show response
a.tribalfusion.com/ Frame FF7E 476 B
1 KB 189ms
185ms Document
text/html 2606:4700::6812:c05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://a.tribalfusion.com/p.media?clickID=a5mTo6VWJ60bnb1FBg0aaqPbMATUrYWtnWmU7uQbfNXqQO5qZba5a32oa7LYbU6WWrRmPvBncfuoWnB5EUg5daq4AjKpFjE0VU0XVF11VvxpTFU3FQSWFZbZcWm75REMXSVUMQWbu1tFuVPbv2VJ1XbUKVmyr26U6PmnI4WUO0HBKpdAo4ABT4cM7VsY6Ucf8S6JxTtZbVUrb22bArUqjvTTJlQbbZc5bZbvqRsUDX&mediaDataID=6530936&mediaName=frame.html
Requested by: Host: www.rinkworks.com
URL: http://www.rinkworks.com/brainfood/c/logi.shtml
Protocol: HTTP/1.1
Server: 2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b30a3810492a43368d57705e8feaf2b880f4c0b2a923c8e7159175801cefb0f8

Request headers

Host: a.tribalfusion.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://www.rinkworks.com/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.rinkworks.com/

Response headers

Date: Thu, 07 Oct 2021 13:43:11 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="NOI DEVo TAIa OUR BUS"
X-Function: 102
X-Reuse-Index: 21
Pragma: no-cache
Cache-Control: private, no-cache, no-store, proxy-revalidate
Set-Cookie: ANON_ID=aqnpe3mMZaEpDXqwsOQD3UrGdFAI0cw8yvrS4byN5XqYhnPeYdTXo; path=/; domain=.tribalfusion.com; expires=Wed, 05-Jan-2022 13:43:11 GMT; SameSite=None; Secure;
Vary: Accept-Encoding
Expires: 0
set-cookie: ANON_ID_old=aqnpe3mMZaEpDXqwsOQD3UrGdFAI0cw8yvrS4byN5XqYhnPeYdTXo; path=/; domain=.tribalfusion.com; expires=Wed, 05-Jan-2022 13:43:11 GMT;
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 69a78e9749c14e55-FRA
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H/1.1 200
OK Cookie set p.media Show response
a.tribalfusion.com/ Frame 3A80 443 B
1 KB 342ms
171ms Document
text/html 2606:4700::6812:c05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://a.tribalfusion.com/p.media?clickID=a6mTo63sr7VcQcWcb7P6nxWdvUUUZbR2bauWT3wWaUlPaUGSsJCQrEtPtMlWcbV2UenmtaOXT6n2tMHSGjH263ZbpdZamVHZbh0rUkXbYk1qqtPbYETFJYWWrWmFQmRUjt1q3y5qbf4a3RmaMCYU3dUtbQoAvZcpsvooWbL5EU73dmq3AbGmUbLXsQWYcZb1XGjnmarW2FZbWVFfCVAMYREbQScZbMQGnNWEbDuLlIEL&mediaDataID=4056396&mediaName=frame.html
Requested by: Host: www.rinkworks.com
URL: http://www.rinkworks.com/brainfood/c/logi.shtml
Protocol: HTTP/1.1
Server: 2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f4a0e692e939562d9722d37f761ba37ceb5ca43e2e7f3472ef590f759a7dfd6

Request headers

Host: a.tribalfusion.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://www.rinkworks.com/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.rinkworks.com/

Response headers

Date: Thu, 07 Oct 2021 13:43:11 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="NOI DEVo TAIa OUR BUS"
X-Function: 102
X-Reuse-Index: 12
Pragma: no-cache
Cache-Control: private, no-cache, no-store, proxy-revalidate
Set-Cookie: ANON_ID=aknpe3tlixo8qyTGZcQ9lTqHWeZdLfVQj4jhMwQpUZbU7Xx39eYdy8C; path=/; domain=.tribalfusion.com; expires=Wed, 05-Jan-2022 13:43:11 GMT; SameSite=None; Secure;
Vary: Accept-Encoding
Expires: 0
set-cookie: ANON_ID_old=aknpe3tlixo8qyTGZcQ9lTqHWeZdLfVQj4jhMwQpUZbU7Xx39eYdy8C; path=/; domain=.tribalfusion.com; expires=Wed, 05-Jan-2022 13:43:11 GMT;
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 69a78e985e0a0ebb-FRA
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H/1.1 200
OK Cookie set p.media Show response
a.tribalfusion.com/ Frame 78C1 402 B
1 KB 341ms
168ms Document
text/html 2606:4700::6812:c05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://a.tribalfusion.com/p.media?clickID=a7mTo60GnQ1c35XVfypErW5UrPTUFAWPYTPaURPVQMPHBs1W7uW6YM4G3VXbZbKV6am4A3ePArI2HUtXWYLptIu46UU3crgVsrjVVMlSAFuWdvTUrn22b6uWEjoTTQcSaYFSs7ZdPrEvRt7cWsjQ4ruoodam0Emx2tfZbSGjZa46JZbmdEyUtQdYF36XbQkXa6MSUFETFJXVtQ1nrZbsRUrN1EFy5bnlRWMfNaMoZc7&mediaDataID=7665496&mediaName=frame.html
Requested by: Host: www.rinkworks.com
URL: http://www.rinkworks.com/brainfood/c/logi.shtml
Protocol: HTTP/1.1
Server: 2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1fdf4fe72c5a7193c96b1c918d20c990ed6afb1f631586e8d9326570fca9b6bd

Request headers

Host: a.tribalfusion.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://www.rinkworks.com/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.rinkworks.com/

Response headers

Date: Thu, 07 Oct 2021 13:43:11 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="NOI DEVo TAIa OUR BUS"
X-Function: 102
X-Reuse-Index: 17
Pragma: no-cache
Cache-Control: private, no-cache, no-store, proxy-revalidate
Set-Cookie: ANON_ID=aLnpe3pkijtDifqGdS7MAcJFIiKu9ZcD3uGU0EIP5bH2wUteYdDhN; path=/; domain=.tribalfusion.com; expires=Wed, 05-Jan-2022 13:43:11 GMT; SameSite=None; Secure;
Vary: Accept-Encoding
Expires: 0
set-cookie: ANON_ID_old=aLnpe3pkijtDifqGdS7MAcJFIiKu9ZcD3uGU0EIP5bH2wUteYdDhN; path=/; domain=.tribalfusion.com; expires=Wed, 05-Jan-2022 13:43:11 GMT;
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 69a78e985e516958-FRA
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H/1.1 200
OK Cookie set p.media Show response
a.tribalfusion.com/ Frame 8970 525 B
1 KB 349ms
175ms Document
text/html 2606:4700::6812:c05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://a.tribalfusion.com/p.media?clickID=a9mTo6VcQcUcbgRPMOTtJTWrF33rZanVaUvVqviPa3FRcFBPU6vSH38Ucv24r6ootyrXaup2HjZbQVjE2mQZamtZasUWFd0rMk1Fb91TqmSrJHWUQ5VWM3mbjxPbrr1E3r3aZba4EQ5mTBIYFU9UdrVmmnIpGnrmtnB3TB95teN5PvZaprvEYcfTXVU11sjypTj42bJUWUvFWAvXQEv2ScZbMStUr1G3p0SvIv6LQRh&mediaDataID=5436426&mediaName=frame.html
Requested by: Host: www.rinkworks.com
URL: http://www.rinkworks.com/brainfood/c/logi.shtml
Protocol: HTTP/1.1
Server: 2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4a696f13df4efed4618edf2536722657ea5cbe8064eee91c2f47c8b4e37f8c1

Request headers

Host: a.tribalfusion.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://www.rinkworks.com/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.rinkworks.com/

Response headers

Date: Thu, 07 Oct 2021 13:43:11 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="NOI DEVo TAIa OUR BUS"
X-Function: 102
X-Reuse-Index: 12
Pragma: no-cache
Cache-Control: private, no-cache, no-store, proxy-revalidate
Set-Cookie: ANON_ID=apnpe3RkP6M6eCnq8oDwILlUZaJcwgykNBXPY2FSuvZcyJFOeYdUm1; path=/; domain=.tribalfusion.com; expires=Wed, 05-Jan-2022 13:43:11 GMT; SameSite=None; Secure;
Vary: Accept-Encoding
Expires: 0
set-cookie: ANON_ID_old=apnpe3RkP6M6eCnq8oDwILlUZaJcwgykNBXPY2FSuvZcyJFOeYdUm1; path=/; domain=.tribalfusion.com; expires=Wed, 05-Jan-2022 13:43:11 GMT;
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 69a78e985afb4a7f-FRA
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109290101/ 257 KB
96 KB 67ms
43ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109290101/show_ads_impl_with_ama_fy2019.js?client=pub-1382747617792961&plah=www.rinkworks.com

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

33ab834e22bc5d5f8b5831f340c054334f5418ff66922dec0fe3f9ccb8443fab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.rinkworks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 13:43:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 97187
x-xss-protection: 0
server: cafe
etag: 9922904937206383910
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 07 Oct 2021 13:43:11 GMT

GET
H2 200 get.media Show response
direct.ad.cpe.dotomi.com/w/ 230 B
344 B 100ms
23ms Script
text/html 2a02:fa8:8806:13::1460
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://direct.ad.cpe.dotomi.com/w/get.media?sid=24526&m=6&tp=8&d=j&t=n&vcm_acv=1.1&version=1.12&c=0.6748326228555404&vcm_ifr=0&vcm_xy=1282..407&vcm_vv=true&vcm_vm=false&vcm_pr=http%3A//www.rinkworks.com/brainfood/c/logi.shtml&vcm_tr=&vcm_cr=&mo=0
Requested by: Host: cdn.fastclick.net
URL: http://cdn.fastclick.net/js/adcodes/pubcode.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:13::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: b0962ee1e9702df5152dbbf348470954f1547d7b7836c014e0732ea0b70d7bc1

Request headers

Referer: http://www.rinkworks.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma: no-cache
date: Thu, 07 Oct 2021 13:43:11 GMT
cache-control: no-cache
server: nginx
content-type: text/html
content-length: 230
expires: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 203 B
659 B 55ms
17ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.rinkworks.com&callback=_gfp_s_&client=ca-pub-1382747617792961

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109290101/show_ads_impl_with_ama_fy2019.js?client=pub-1382747617792961&plah=www.rinkworks.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

dc8a6d207206dd154c14909a114ac96def42b913a4635648a9bf9ff35be125f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.rinkworks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 13:43:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 193
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 58ms
18ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.rinkworks.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.rinkworks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 07 Oct 2021 13:43:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 42ms
18ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.rinkworks.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.rinkworks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 07 Oct 2021 13:43:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C665 430 B
376 B 262ms
234ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1382747617792961&output=html&h=15&adk=3557669583&adf=1663281734&w=728&lmt=1633614191&channel=2246335018%209065640222&format=728x15_0ads_al_s&color_bg=FFFFFF&color_border=FFFFFF&color_link=3333AA&color_text=000000&color_url=3333AA&url=http%3A%2F%2Fwww.rinkworks.com%2Fbrainfood%2Fc%2Flogi.shtml&flash=0&wgl=1&dt=1633614191241&bpp=12&bdt=1713&idt=104&shv=r20211005&mjsv=m202109290101&ptt=5&saldr=sa&abxe=1&correlator=6914367198100&frm=20&pv=2&ga_vid=959011563.1633614191&ga_sid=1633614191&ga_hid=1809547132&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=436&ady=109&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423&oid=2&pvsid=1330004267916991&pem=842&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=hlEuQxCCiI&p=http%3A//www.rinkworks.com&dtd=120

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6318c8c91755c560ee5af2aaa0143893d7f750a1727f5fb14c5091523aba85ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1382747617792961&output=html&h=15&adk=3557669583&adf=1663281734&w=728&lmt=1633614191&channel=2246335018%209065640222&format=728x15_0ads_al_s&color_bg=FFFFFF&color_border=FFFFFF&color_link=3333AA&color_text=000000&color_url=3333AA&url=http%3A%2F%2Fwww.rinkworks.com%2Fbrainfood%2Fc%2Flogi.shtml&flash=0&wgl=1&dt=1633614191241&bpp=12&bdt=1713&idt=104&shv=r20211005&mjsv=m202109290101&ptt=5&saldr=sa&abxe=1&correlator=6914367198100&frm=20&pv=2&ga_vid=959011563.1633614191&ga_sid=1633614191&ga_hid=1809547132&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=436&ady=109&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423&oid=2&pvsid=1330004267916991&pem=842&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=hlEuQxCCiI&p=http%3A//www.rinkworks.com&dtd=120
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.rinkworks.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.rinkworks.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 07 Oct 2021 13:43:11 GMT
server: cafe
content-length: 206
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 07-Oct-2021 13:58:11 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 07 Oct 2021 13:43:11 GMT
cache-control: private

GET
H2 200 300x250_default.jpg
ads.dotomi.com/banners/fia/ 61 KB
62 KB 367ms
20ms Image
image/jpeg 2a02:fa8:8806:12::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.dotomi.com/banners/fia/300x250_default.jpg
Requested by: Host: www.rinkworks.com
URL: http://www.rinkworks.com/brainfood/c/logi.shtml
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: 55e0d9358cb60205eff06d2ce1215f07b5945abd16d4fda876519421c850ca46

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.rinkworks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 13:43:11 GMT
last-modified: Thu, 25 Jan 2018 03:01:12 GMT
server: nginx
etag: "5a694878-f542"
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
access-control-allow-origin: *
accept-ranges: bytes
content-type: image/jpeg
content-length: 62786

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E8F7 430 B
809 B 132ms
120ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1382747617792961&output=html&h=15&adk=3749866806&adf=1008303532&w=468&lmt=1633614191&channel=2246335018%209065640222&format=468x15_0ads_al_s&color_bg=FFFFFF&color_border=FFFFFF&color_link=3333AA&color_text=000000&color_url=3333AA&url=http%3A%2F%2Fwww.rinkworks.com%2Fbrainfood%2Fc%2Flogi.shtml&flash=0&wgl=1&dt=1633614191367&bpp=7&bdt=1840&idt=7&shv=r20211005&mjsv=m202109290101&ptt=5&saldr=sa&abxe=1&prev_fmts=728x15_0ads_al_s&correlator=6914367198100&pv_ch=2246335018%2B9065640222%2B&frm=20&pv=1&ga_vid=959011563.1633614191&ga_sid=1633614191&ga_hid=1809547132&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=566&ady=725&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423&oid=2&pvsid=1330004267916991&pem=842&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=gHMQ6nevPa&p=http%3A//www.rinkworks.com&dtd=10

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

518cc593cea01e7517d74f0e32180770b94f590dc8acafa967189a9ec3dc3cef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1382747617792961&output=html&h=15&adk=3749866806&adf=1008303532&w=468&lmt=1633614191&channel=2246335018%209065640222&format=468x15_0ads_al_s&color_bg=FFFFFF&color_border=FFFFFF&color_link=3333AA&color_text=000000&color_url=3333AA&url=http%3A%2F%2Fwww.rinkworks.com%2Fbrainfood%2Fc%2Flogi.shtml&flash=0&wgl=1&dt=1633614191367&bpp=7&bdt=1840&idt=7&shv=r20211005&mjsv=m202109290101&ptt=5&saldr=sa&abxe=1&prev_fmts=728x15_0ads_al_s&correlator=6914367198100&pv_ch=2246335018%2B9065640222%2B&frm=20&pv=1&ga_vid=959011563.1633614191&ga_sid=1633614191&ga_hid=1809547132&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=566&ady=725&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423&oid=2&pvsid=1330004267916991&pem=842&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=gHMQ6nevPa&p=http%3A//www.rinkworks.com&dtd=10
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.rinkworks.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.rinkworks.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 07 Oct 2021 13:43:11 GMT
server: cafe
content-length: 207
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 07-Oct-2021 13:58:11 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 07 Oct 2021 13:43:11 GMT
cache-control: private

GET
H/1.1 200
OK j.ad Show response
a.tribalfusion.com/ 3 KB
3 KB 232ms
197ms Script
application/x-javascript 2606:4700::6812:c05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://a.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=7822345132&tagKey=2630619931&site=rinkworks&adSpace=ros&center=1&size=300x250&env=display&url=http%3A%2F%2Fwww.rinkworks.com%2Fbrainfood%2Fc%2Flogi.shtml&f=0&p=14113205&tKey=ammneM5Tj1nErDYrZbbTH7UyprwSdEWme&a=5&adContainerId=richmedia_6&rnd=14115771
Requested by: Host: tags.expo9.exponential.com
URL: http://tags.expo9.exponential.com/tags/RinkWorks/ROS/tags.js
Protocol: HTTP/1.1
Server: 2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be7463b338430ef2b5b11c2f9155479f1f67b0209802436402b5921e1aa83923

Request headers

Referer: http://www.rinkworks.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Thu, 07 Oct 2021 13:43:11 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
P3P: CP="NOI DEVo TAIa OUR BUS"
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length: 1633
Pragma: no-cache
X-Function: 101
Server: cloudflare
X-Reuse-Index: 23
Vary: Accept-Encoding
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: private, no-cache, no-store, proxy-revalidate
CF-RAY: 69a78e986e674a6d-FRA
Expires: 0

GET
H2 200 beacon.min.js Show response
static.cloudflareinsights.com/ Frame 998B 13 KB
5 KB 72ms
48ms Script
text/javascript 2606:4700::6810:5e41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js
Requested by: Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/p.media?clickID=a2mTo6mdAtVWJ60rM81FUgXaAmPrQATUvSVWvTnFZbxQb7MYa3y4Tfg2TMQmEMB1b39UWjXm67DnVvomHnC5TYh2tao3mBGpbYEYsfWXsF2XGFwnEBS5Fv2VrnFUAv3RqMQQGMmQtfr1HvoVAjM2GY20U3ZaVAqo4ABgR6bK2HZbrXW3AmH2O4mMT4cbdVc3jVVnhSAZbvUd3QTr735b2uUqjvVbja3d3Nx7hlWU&mediaDataID=6546596&mediaName=frame.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5e41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: acd89c8dd5cc9cf47ee574302ec883993c33d419da8840ddb05763b857f1f09f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://a.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 13:43:11 GMT
content-encoding: gzip
last-modified: Wed, 22 Sep 2021 16:39:17 GMT
server: cloudflare
etag: W/2021.9.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 69a78e98ba9f178e-FRA

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 998B
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=b9f5c7de-85f6-48cc-ba86-351b90373b6b&r=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db12%26redirect%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%2...
https://us-u.openx.net/w/1.0/cm?cc=1&id=b9f5c7de-85f6-48cc-ba86-351b90373b6b&r=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db12%26redirect%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252...
https://a.tribalfusion.com/i.match?p=b12&redirect=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537141727%26val%3D%24TF_USER_ID_ENC%24&u=e30095c3-a4f6-4a0b-a2c4-625ab35ea4ab
https://s.tribalfusion.com/z/i.match?p=b12&redirect=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537141727%26val%3D%24TF_USER_ID_ENC%24&u=e30095c3-a4f6-4a0b-a2c4-625ab35ea4ab
https://us-u.openx.net/w/1.0/sd?id=537141727&val=18072662307738051920

43 B
172 B

17ms
16ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537141727&val=18072662307738051920
Requested by: Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/p.media?clickID=a2mTo6mdAtVWJ60rM81FUgXaAmPrQATUvSVWvTnFZbxQb7MYa3y4Tfg2TMQmEMB1b39UWjXm67DnVvomHnC5TYh2tao3mBGpbYEYsfWXsF2XGFwnEBS5Fv2VrnFUAv3RqMQQGMmQtfr1HvoVAjM2GY20U3ZaVAqo4ABgR6bK2HZbrXW3AmH2O4mMT4cbdVc3jVVnhSAZbvUd3QTr735b2uUqjvVbja3d3Nx7hlWU&mediaDataID=6546596&mediaName=frame.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.216.4 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://a.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Oct 2021 13:43:11 GMT
via: 1.1 google
server: OXGW/16.216.4
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 07 Oct 2021 13:43:11 GMT
cf-cache-status: DYNAMIC
x-function: 209
server: cloudflare
x-reuse-index: 915
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 69a78e9a1c436969-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
location: https://us-u.openx.net/w/1.0/sd?id=537141727&val=18072662307738051920
cache-control: no-cache, private
content-type: text/html
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 beacon.min.js Show response
static.cloudflareinsights.com/ Frame 542F 13 KB
5 KB 70ms
46ms Script
text/javascript 2606:4700::6810:5e41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js
Requested by: Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/p.media?clickID=a0mTo6pdEv36YR4Vb7Tc3aUcJjPAMwTWM3UUZbS2UAuVEvwVqQlPTMLQcZbBPFumPWfcWGr54bevmtit0qmu4tnFPG7A2A3HmtayUdQcYrfa1UJ71a6pRFrZbUbBXTtQ4oFJxPrFpYEvy5aUk4Ef2mabB1rFcWtbPmPbDpGvwoWfD5EQ72Wmp5AFKnbrJ0GM0XVJ51VnwnT7R2UYQTFnZcUA7TPrB03UQGpE65Za6&mediaDataID=6347136&mediaName=frame.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5e41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: acd89c8dd5cc9cf47ee574302ec883993c33d419da8840ddb05763b857f1f09f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://a.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 13:43:11 GMT
content-encoding: gzip
last-modified: Wed, 22 Sep 2021 16:39:17 GMT
server: cloudflare
etag: W/2021.9.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 69a78e98baa1178e-FRA

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 542F
Redirect Chain

https://pixel.advertising.com/ups/57628/sync?uid=18072662307738034791&_origin=1&redir=true
https://pixel.advertising.com/ups/57628/sync?uid=18072662307738034791&_origin=1&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/57628/sync?uid=18072662307738034791&_origin=1&redir=true&apid=UP8359c292-2774-11ec-83da-02a5fb3287ae
https://ups.analytics.yahoo.com/ups/57628/sync?uid=18072662307738034791&_origin=1&redir=true&apid=UP8359c292-2774-11ec-83da-02a5fb3287ae&verify=true
https://a.tribalfusion.com/i.match?p=b17&u=UP8359c292-2774-11ec-83da-02a5fb3287ae
https://s.tribalfusion.com/z/i.match?p=b17&u=UP8359c292-2774-11ec-83da-02a5fb3287ae

43 B
371 B

177ms
177ms

Image
image/gif

2606:4700::6812:c05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b17&u=UP8359c292-2774-11ec-83da-02a5fb3287ae
Requested by: Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/p.media?clickID=a0mTo6pdEv36YR4Vb7Tc3aUcJjPAMwTWM3UUZbS2UAuVEvwVqQlPTMLQcZbBPFumPWfcWGr54bevmtit0qmu4tnFPG7A2A3HmtayUdQcYrfa1UJ71a6pRFrZbUbBXTtQ4oFJxPrFpYEvy5aUk4Ef2mabB1rFcWtbPmPbDpGvwoWfD5EQ72Wmp5AFKnbrJ0GM0XVJ51VnwnT7R2UYQTFnZcUA7TPrB03UQGpE65Za6&mediaDataID=6347136&mediaName=frame.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://a.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Oct 2021 13:43:11 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 69a78e9a9db26969-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
content-type: image/gif; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 07 Oct 2021 13:43:11 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 1209
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 69a78e997ad96969-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
location: https://s.tribalfusion.com/z/i.match?p=b17&u=UP8359c292-2774-11ec-83da-02a5fb3287ae
cache-control: no-cache, private
content-type: text/html
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 beacon.min.js Show response
static.cloudflareinsights.com/ Frame 85C1 13 KB
5 KB 71ms
47ms Script
text/javascript 2606:4700::6810:5e41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js
Requested by: Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/p.media?clickID=a1mU0h3A7ZbprMLXsbQXsr5XGBMmarU2FM2VbBZbVmMTQqnRQGUMPtfxYHbxVPbw4cJ5XF3DTPau4AU6R6bB4HYr1WUZapW6o3mMY4GjdUsJdUcjkSPvxUdv3UUn25UiwUEjrVTY7PTnFSGFBPbumSHUaVcbT2FuootZaqXayp2dYZaQVbG2ABHotXsVWJhXUf91U7j1aurSUMZbUrB2TH3YobZbpPFFoYqny3TUa2a7Ytq7pHhpJ6c&mediaDataID=5578346&mediaName=frame.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5e41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: acd89c8dd5cc9cf47ee574302ec883993c33d419da8840ddb05763b857f1f09f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://a.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 13:43:11 GMT
content-encoding: gzip
last-modified: Wed, 22 Sep 2021 16:39:17 GMT
server: cloudflare
etag: W/2021.9.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 69a78e98baa3178e-FRA

GET
H2

200

i.match
a.tribalfusion.com/ Frame 85C1
Redirect Chain

https://dpm.demdex.net/ibs:dpid=22054&dpuuid=18072662307738034791&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db13%26u%3D%24%7BDD_UUID%7D
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22054&dpuuid=18072662307738034791&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db13%26u%3D%24%7BDD_UUID%7D
https://a.tribalfusion.com/i.match?p=b13&u=89202911527399109383820841340399940051

43 B
424 B

175ms
175ms

Image
image/gif

2606:4700::6812:c05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b13&u=89202911527399109383820841340399940051
Requested by: Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/p.media?clickID=a1mU0h3A7ZbprMLXsbQXsr5XGBMmarU2FM2VbBZbVmMTQqnRQGUMPtfxYHbxVPbw4cJ5XF3DTPau4AU6R6bB4HYr1WUZapW6o3mMY4GjdUsJdUcjkSPvxUdv3UUn25UiwUEjrVTY7PTnFSGFBPbumSHUaVcbT2FuootZaqXayp2dYZaQVbG2ABHotXsVWJhXUf91U7j1aurSUMZbUrB2TH3YobZbpPFFoYqny3TUa2a7Ytq7pHhpJ6c&mediaDataID=5578346&mediaName=frame.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://a.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Oct 2021 13:43:12 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 69a78e9b3f196969-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
content-type: image/gif; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

DCS: dcs-prod-irl1-1-v018-0da38673c.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: hz6qFBwAQgw=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://a.tribalfusion.com/i.match?p=b13&u=89202911527399109383820841340399940051
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 beacon.min.js Show response
static.cloudflareinsights.com/ Frame 3016 13 KB
5 KB 65ms
42ms Script
text/javascript 2606:4700::6810:5e41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js
Requested by: Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/p.media?clickID=a3mTo636YR3sr6TGMcVcFhPPnmTWZbVUbFP3FixVEnvWa3iQqYFRVjZaRFawRt7bUGjU4UmxmHyMXamx4dMESV7G5m3LmWeyVHjhYUf9XFYfXaIsSbYATbMSVHJ2orJoRbjNYarn5Tfa4T7XmqrGYFZb6WHjWomnJnVjumHnJ3TZbh5tiN46vLpFvIYs3W1cQV1srumEnU3U3PWFjDUA7TREbQQWfs3EJZcs3X47x&mediaDataID=6807466&mediaName=frame.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5e41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: acd89c8dd5cc9cf47ee574302ec883993c33d419da8840ddb05763b857f1f09f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://a.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 13:43:11 GMT
content-encoding: gzip
last-modified: Wed, 22 Sep 2021 16:39:17 GMT
server: cloudflare
etag: W/2021.9.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 69a78e98baa7178e-FRA

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 3016
Redirect Chain

https://a.tribalfusion.com/i.match?p=b22&u=18072662307738034791&redirect=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dexponential%26partner_uid%3D%24TF_USER_ID_ENC%24
https://s.tribalfusion.com/z/i.match?p=b22&u=18072662307738034791&redirect=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dexponential%26partner_uid%3D%24TF_USER_ID_ENC%24
https://beacon.krxd.net/usermatch.gif?partner=exponential&partner_uid=18072662307738051925

0
338 B

128ms
30ms

Image
text/plain

34.255.169.92
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=exponential&partner_uid=18072662307738051925
Requested by: Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/p.media?clickID=a3mTo636YR3sr6TGMcVcFhPPnmTWZbVUbFP3FixVEnvWa3iQqYFRVjZaRFawRt7bUGjU4UmxmHyMXamx4dMESV7G5m3LmWeyVHjhYUf9XFYfXaIsSbYATbMSVHJ2orJoRbjNYarn5Tfa4T7XmqrGYFZb6WHjWomnJnVjumHnJ3TZbh5tiN46vLpFvIYs3W1cQV1srumEnU3U3PWFjDUA7TREbQQWfs3EJZcs3X47x&mediaDataID=6807466&mediaName=frame.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.255.169.92 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-255-169-92.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://a.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 13:43:11 GMT
cache-control: private, no-cache, no-store
x-request-time: D=25 t=1633614191
x-served-by: beacon-n018-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Thu, 07 Oct 2021 13:43:11 GMT
cf-cache-status: DYNAMIC
x-function: 209
server: cloudflare
x-reuse-index: 528
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 69a78e9a0c1c6969-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
location: https://beacon.krxd.net/usermatch.gif?partner=exponential&partner_uid=18072662307738051925
cache-control: no-cache, private
content-type: text/html
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 beacon.min.js Show response
static.cloudflareinsights.com/ Frame D930 13 KB
5 KB 79ms
57ms Script
text/javascript 2606:4700::6810:5e41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js
Requested by: Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/p.media?clickID=a4mTo6prMZd0GnPYGnT1cnupTfU2bnPTrJZcW6QWQqvQPVYNQWZbr0tFsTPvm2GB20FFJT6yw4mFgPmbC4WUqXHUKmdIN3PZbY3cQgUVJ6VsMePPQwUHQWUUBP3U2pUqrmTaQlQqnISVjCPFupRdf8WcMV2FmqoWitXaan4dMZdQVrG2mUHpHXrUWJ9Ybv91UZb91TuqSrBGUUY5WtU0orQxRUrNYr7tSdJ5tF79rf&mediaDataID=2713736&mediaName=frame.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5e41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: acd89c8dd5cc9cf47ee574302ec883993c33d419da8840ddb05763b857f1f09f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://a.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 13:43:11 GMT
content-encoding: gzip
last-modified: Wed, 22 Sep 2021 16:39:17 GMT
server: cloudflare
etag: W/2021.9.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 69a78e98baa9178e-FRA

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame D930
Redirect Chain

https://tags.bluekai.com/site/4229?id=18072662307738034791&redir=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db3%26u%3D%24_BK_UUID
https://a.tribalfusion.com/i.match?p=b3&u=$_BK_UUID
https://s.tribalfusion.com/z/i.match?p=b3&u=$_BK_UUID

43 B
398 B

179ms
179ms

Image
image/gif

2606:4700::6812:c05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b3&u=$_BK_UUID
Requested by: Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/p.media?clickID=a4mTo6prMZd0GnPYGnT1cnupTfU2bnPTrJZcW6QWQqvQPVYNQWZbr0tFsTPvm2GB20FFJT6yw4mFgPmbC4WUqXHUKmdIN3PZbY3cQgUVJ6VsMePPQwUHQWUUBP3U2pUqrmTaQlQqnISVjCPFupRdf8WcMV2FmqoWitXaan4dMZdQVrG2mUHpHXrUWJ9Ybv91UZb91TuqSrBGUUY5WtU0orQxRUrNYr7tSdJ5tF79rf&mediaDataID=2713736&mediaName=frame.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://a.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Oct 2021 13:43:11 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 69a78e9aee406969-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
content-type: image/gif; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 07 Oct 2021 13:43:11 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 5247
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 69a78e99cb9d6969-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
location: https://s.tribalfusion.com/z/i.match?p=b3&u=$_BK_UUID
cache-control: no-cache, private
content-type: text/html
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 beacon.min.js Show response
static.cloudflareinsights.com/ Frame FF7E 13 KB
5 KB 70ms
49ms Script
text/javascript 2606:4700::6810:5e41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js
Requested by: Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/p.media?clickID=a5mTo6VWJ60bnb1FBg0aaqPbMATUrYWtnWmU7uQbfNXqQO5qZba5a32oa7LYbU6WWrRmPvBncfuoWnB5EUg5daq4AjKpFjE0VU0XVF11VvxpTFU3FQSWFZbZcWm75REMXSVUMQWbu1tFuVPbv2VJ1XbUKVmyr26U6PmnI4WUO0HBKpdAo4ABT4cM7VsY6Ucf8S6JxTtZbVUrb22bArUqjvTTJlQbbZc5bZbvqRsUDX&mediaDataID=6530936&mediaName=frame.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5e41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: acd89c8dd5cc9cf47ee574302ec883993c33d419da8840ddb05763b857f1f09f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://a.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 13:43:11 GMT
content-encoding: gzip
last-modified: Wed, 22 Sep 2021 16:39:17 GMT
server: cloudflare
etag: W/2021.9.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 69a78e98baaa178e-FRA

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame FF7E
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=131&external_user_id=18072662307738034791&cb=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db20%26u%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db20%26u%3D&cm_dsp_id=131&external_user_id=18072662307738034791&C=1
https://a.tribalfusion.com/i.match?p=b20&u=YV75bzTwiWJEPHqE8PupDQAA
https://s.tribalfusion.com/z/i.match?p=b20&u=YV75bzTwiWJEPHqE8PupDQAA

43 B
363 B

168ms
168ms

Image
image/gif

2606:4700::6812:c05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b20&u=YV75bzTwiWJEPHqE8PupDQAA
Requested by: Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/p.media?clickID=a5mTo6VWJ60bnb1FBg0aaqPbMATUrYWtnWmU7uQbfNXqQO5qZba5a32oa7LYbU6WWrRmPvBncfuoWnB5EUg5daq4AjKpFjE0VU0XVF11VvxpTFU3FQSWFZbZcWm75REMXSVUMQWbu1tFuVPbv2VJ1XbUKVmyr26U6PmnI4WUO0HBKpdAo4ABT4cM7VsY6Ucf8S6JxTtZbVUrb22bArUqjvTTJlQbbZc5bZbvqRsUDX&mediaDataID=6530936&mediaName=frame.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://a.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Oct 2021 13:43:11 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 69a78e9a1c646969-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
content-type: image/gif; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 07 Oct 2021 13:43:11 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 3827
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 69a78e9919bf6969-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
location: https://s.tribalfusion.com/z/i.match?p=b20&u=YV75bzTwiWJEPHqE8PupDQAA
cache-control: no-cache, private
content-type: text/html
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 beacon.min.js Show response
static.cloudflareinsights.com/ Frame 3A80 13 KB
5 KB 55ms
55ms Script
text/javascript 2606:4700::6810:5e41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js
Requested by: Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/p.media?clickID=a6mTo63sr7VcQcWcb7P6nxWdvUUUZbR2bauWT3wWaUlPaUGSsJCQrEtPtMlWcbV2UenmtaOXT6n2tMHSGjH263ZbpdZamVHZbh0rUkXbYk1qqtPbYETFJYWWrWmFQmRUjt1q3y5qbf4a3RmaMCYU3dUtbQoAvZcpsvooWbL5EU73dmq3AbGmUbLXsQWYcZb1XGjnmarW2FZbWVFfCVAMYREbQScZbMQGnNWEbDuLlIEL&mediaDataID=4056396&mediaName=frame.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5e41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: acd89c8dd5cc9cf47ee574302ec883993c33d419da8840ddb05763b857f1f09f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://a.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 13:43:11 GMT
content-encoding: gzip
last-modified: Wed, 22 Sep 2021 16:39:17 GMT
server: cloudflare
etag: W/2021.9.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 69a78e998c0c178e-FRA

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 3A80
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=exp&google_cm&google_sc&google_ula=2786954&google_hm=18072662307738034791
https://a.tribalfusion.com/i.match?p=b6&u=adx&google_gid=CAESEMHmBxxLdkEv0pcbhvHkqM4&google_cver=1&google_ula=2786954,0
https://s.tribalfusion.com/z/i.match?p=b6&u=adx&google_gid=CAESEMHmBxxLdkEv0pcbhvHkqM4&google_cver=1&google_ula=2786954,0

43 B
371 B

168ms
168ms

Image
image/gif

2606:4700::6812:c05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=adx&google_gid=CAESEMHmBxxLdkEv0pcbhvHkqM4&google_cver=1&google_ula=2786954,0
Requested by: Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/p.media?clickID=a6mTo63sr7VcQcWcb7P6nxWdvUUUZbR2bauWT3wWaUlPaUGSsJCQrEtPtMlWcbV2UenmtaOXT6n2tMHSGjH263ZbpdZamVHZbh0rUkXbYk1qqtPbYETFJYWWrWmFQmRUjt1q3y5qbf4a3RmaMCYU3dUtbQoAvZcpsvooWbL5EU73dmq3AbGmUbLXsQWYcZb1XGjnmarW2FZbWVFfCVAMYREbQScZbMQGnNWEbDuLlIEL&mediaDataID=4056396&mediaName=frame.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://a.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Oct 2021 13:43:11 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 69a78e9aee476969-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
content-type: image/gif; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 07 Oct 2021 13:43:11 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 3695
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 69a78e99dbba6969-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
location: https://s.tribalfusion.com/z/i.match?p=b6&u=adx&google_gid=CAESEMHmBxxLdkEv0pcbhvHkqM4&google_cver=1&google_ula=2786954,0
cache-control: no-cache, private
content-type: text/html
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 beacon.min.js Show response
static.cloudflareinsights.com/ Frame 78C1 13 KB
5 KB 45ms
45ms Script
text/javascript 2606:4700::6810:5e41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js
Requested by: Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/p.media?clickID=a7mTo60GnQ1c35XVfypErW5UrPTUFAWPYTPaURPVQMPHBs1W7uW6YM4G3VXbZbKV6am4A3ePArI2HUtXWYLptIu46UU3crgVsrjVVMlSAFuWdvTUrn22b6uWEjoTTQcSaYFSs7ZdPrEvRt7cWsjQ4ruoodam0Emx2tfZbSGjZa46JZbmdEyUtQdYF36XbQkXa6MSUFETFJXVtQ1nrZbsRUrN1EFy5bnlRWMfNaMoZc7&mediaDataID=7665496&mediaName=frame.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5e41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: acd89c8dd5cc9cf47ee574302ec883993c33d419da8840ddb05763b857f1f09f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://a.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 13:43:11 GMT
content-encoding: gzip
last-modified: Wed, 22 Sep 2021 16:39:17 GMT
server: cloudflare
etag: W/2021.9.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 69a78e998c0e178e-FRA

GET
H2

200

i.match
a.tribalfusion.com/ Frame 78C1
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212295768&_puid=18072662307738034791
https://a.tribalfusion.com/i.match?p=b23&u=164880603932000223099

43 B
394 B

163ms
163ms

Image
image/gif

2606:4700::6812:c05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b23&u=164880603932000223099
Requested by: Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/p.media?clickID=a7mTo60GnQ1c35XVfypErW5UrPTUFAWPYTPaURPVQMPHBs1W7uW6YM4G3VXbZbKV6am4A3ePArI2HUtXWYLptIu46UU3crgVsrjVVMlSAFuWdvTUrn22b6uWEjoTTQcSaYFSs7ZdPrEvRt7cWsjQ4ruoodam0Emx2tfZbSGjZa46JZbmdEyUtQdYF36XbQkXa6MSUFETFJXVtQ1nrZbsRUrN1EFy5bnlRWMfNaMoZc7&mediaDataID=7665496&mediaName=frame.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://a.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Oct 2021 13:43:11 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 69a78e9a0c2c6969-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
content-type: image/gif; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 07 Oct 2021 13:43:11 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://a.tribalfusion.com/i.match?p=b23&u=164880603932000223099
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H2 200 beacon.min.js Show response
static.cloudflareinsights.com/ Frame 8970 13 KB
5 KB 54ms
54ms Script
text/javascript 2606:4700::6810:5e41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js
Requested by: Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/p.media?clickID=a9mTo6VcQcUcbgRPMOTtJTWrF33rZanVaUvVqviPa3FRcFBPU6vSH38Ucv24r6ootyrXaup2HjZbQVjE2mQZamtZasUWFd0rMk1Fb91TqmSrJHWUQ5VWM3mbjxPbrr1E3r3aZba4EQ5mTBIYFU9UdrVmmnIpGnrmtnB3TB95teN5PvZaprvEYcfTXVU11sjypTj42bJUWUvFWAvXQEv2ScZbMStUr1G3p0SvIv6LQRh&mediaDataID=5436426&mediaName=frame.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5e41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: acd89c8dd5cc9cf47ee574302ec883993c33d419da8840ddb05763b857f1f09f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://a.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 13:43:11 GMT
content-encoding: gzip
last-modified: Wed, 22 Sep 2021 16:39:17 GMT
server: cloudflare
etag: W/2021.9.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 69a78e998c0f178e-FRA

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 8970
Redirect Chain

https://a.tribalfusion.com/i.match?p=b10&u=18072662307738034791&redirect=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D111756%26nid%3D3856%26put%3D%24TF_USER_ID_ENC%24%26expires%3D180
https://s.tribalfusion.com/z/i.match?p=b10&u=18072662307738034791&redirect=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D111756%26nid%3D3856%26put%3D%24TF_USER_ID_ENC%24%26expires%3D180
https://pixel.rubiconproject.com/tap.php?v=111756&nid=3856&put=18072662307738050214&expires=180

0
239 B

49ms
13ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=111756&nid=3856&put=18072662307738050214&expires=180
Requested by: Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/p.media?clickID=a9mTo6VcQcUcbgRPMOTtJTWrF33rZanVaUvVqviPa3FRcFBPU6vSH38Ucv24r6ootyrXaup2HjZbQVjE2mQZamtZasUWFd0rMk1Fb91TqmSrJHWUQ5VWM3mbjxPbrr1E3r3aZba4EQ5mTBIYFU9UdrVmmnIpGnrmtnB3TB95teN5PvZaprvEYcfTXVU11sjypTj42bJUWUvFWAvXQEv2ScZbMStUr1G3p0SvIv6LQRh&mediaDataID=5436426&mediaName=frame.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://a.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 611afce88997db6fdd35eb213e662871
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 07 Oct 2021 13:43:11 GMT
cf-cache-status: DYNAMIC
x-function: 209
server: cloudflare
x-reuse-index: 135
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 69a78e9a9dd16969-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
location: https://pixel.rubiconproject.com/tap.php?v=111756&nid=3856&put=18072662307738050214&expires=180
cache-control: no-cache, private
content-type: text/html
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ 2 KB
2 KB 287ms
287ms Script
application/javascript 2a02:26f0:fe00:48c::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=3758893&cmp=26199431&plc=309961231&sid=6596925&dvregion=0&unit=300x250
Requested by: Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=7822345132&tagKey=2630619931&site=rinkworks&adSpace=ros&center=1&size=300x250&env=display&url=http%3A%2F%2Fwww.rinkworks.com%2Fbrainfood%2Fc%2Flogi.shtml&f=0&p=14113205&tKey=ammneM5Tj1nErDYrZbbTH7UyprwSdEWme&a=5&adContainerId=richmedia_6&rnd=14115771
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:fe00:48c::4469 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 42977b3f1bf3b11d34a40c50c095d65b3ba8631ef4ebb37b950ccd9c401d2181

Request headers

Referer: http://www.rinkworks.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Thu, 07 Oct 2021 13:43:11 GMT
Content-Encoding: gzip
Last-Modified: Mon, 09 Aug 2021 12:31:25 GMT
Server: Microsoft-IIS/10.0
ETag: "e6262781a8dd71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 1338

POST
H/1.1 200
OK rum Show response
a.tribalfusion.com/cdn-cgi/ Frame 78C1 0
480 B 14ms
14ms XHR
text/plain 2606:4700::6812:c05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://a.tribalfusion.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js

Protocol

HTTP/1.1

Server

2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://a.tribalfusion.com/p.media?clickID=a7mTo60GnQ1c35XVfypErW5UrPTUFAWPYTPaURPVQMPHBs1W7uW6YM4G3VXbZbKV6am4A3ePArI2HUtXWYLptIu46UU3crgVsrjVVMlSAFuWdvTUrn22b6uWEjoTTQcSaYFSs7ZdPrEvRt7cWsjQ4ruoodam0Emx2tfZbSGjZa46JZbmdEyUtQdYF36XbQkXa6MSUFETFJXVtQ1nrZbsRUrN1EFy5bnlRWMfNaMoZc7&mediaDataID=7665496&mediaName=frame.html
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/json

Response headers

Date: Thu, 07 Oct 2021 13:43:11 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cloudflare
X-Frame-Options: DENY
access-control-allow-methods: POST,OPTIONS
Content-Type: text/plain
access-control-allow-origin: http://a.tribalfusion.com
access-control-max-age: 86400
Transfer-Encoding: chunked
Connection: keep-alive
access-control-allow-credentials: true
CF-RAY: 69a78e9b1b624a6d-FRA
vary: Origin

POST
H/1.1 200
OK rum Show response
a.tribalfusion.com/cdn-cgi/ Frame FF7E 0
480 B 12ms
12ms XHR
text/plain 2606:4700::6812:c05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://a.tribalfusion.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js

Protocol

HTTP/1.1

Server

2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://a.tribalfusion.com/p.media?clickID=a5mTo6VWJ60bnb1FBg0aaqPbMATUrYWtnWmU7uQbfNXqQO5qZba5a32oa7LYbU6WWrRmPvBncfuoWnB5EUg5daq4AjKpFjE0VU0XVF11VvxpTFU3FQSWFZbZcWm75REMXSVUMQWbu1tFuVPbv2VJ1XbUKVmyr26U6PmnI4WUO0HBKpdAo4ABT4cM7VsY6Ucf8S6JxTtZbVUrb22bArUqjvTTJlQbbZc5bZbvqRsUDX&mediaDataID=6530936&mediaName=frame.html
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/json

Response headers

Date: Thu, 07 Oct 2021 13:43:11 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cloudflare
X-Frame-Options: DENY
access-control-allow-methods: POST,OPTIONS
Content-Type: text/plain
access-control-allow-origin: http://a.tribalfusion.com
access-control-max-age: 86400
Transfer-Encoding: chunked
Connection: keep-alive
access-control-allow-credentials: true
CF-RAY: 69a78e9b3b8a4a6d-FRA
vary: Origin

GET
H/1.1 200
OK bst2tv3.html Show response
cdn3.doubleverify.com/ Frame D742 1 KB
981 B 14ms
13ms Document
text/html 2a02:26f0:fe00:4a5::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn3.doubleverify.com/bst2tv3.html
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:fe00:4a5::4469 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 86be5d6a3d661fd3d5d72f254a347dec5c66cad569117f51dad297acba02f558

Request headers

Host: cdn3.doubleverify.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://www.rinkworks.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.rinkworks.com/

Response headers

Content-Type: text/html
Last-Modified: Tue, 02 Sep 2014 17:01:36 GMT
Accept-Ranges: bytes
ETag: "01818ecfc6cf1:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 634
Cache-Control: max-age=46698
Date: Thu, 07 Oct 2021 13:43:11 GMT
Connection: keep-alive

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ 1 KB
868 B 11ms
10ms Script
text/javascript 213.254.244.17
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: http://rtb0.doubleverify.com/verify.js?jsCallback=__verify_callback_548455462985&jsTagObjCallback=__tagObject_callback_548455462985&num=6&ctx=3758893&cmp=26199431&plc=309961231&sid=6596925&advid=&adsrv=&unit=300x250&isdvvid=&uid=548455462985&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&brid=3&brver=93&bridua=3&dup=null&chro=1&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&srcurlD=0&ssl=0&refD=0&htmlmsging=1&m1=13&noc=4&fcifrms=14&brh=2&fwc=0&fcl=107&flt=21&fec=181&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=147&eparams=DC4FC%3Dl9EEATbpTauTauHHH%5DC%3A%3F%3CH%40C%3CD%5D4%40%3ETau3C2%3A%3F7%40%405Tau4Tau%3D%408%3A%5DD9E%3E%3D&dvp_exetime=10.80&callbackName=__verify_callback_548455462985
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol: HTTP/1.1
Server: 213.254.244.17 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: ff087dab72b63c6e2dbd8c3c061a26480a9f8090be851e849183e77afdc99a42

Request headers

Referer: http://www.rinkworks.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma: no-cache
X-DV-Response: 1
Content-Encoding: gzip
Date: Thu, 07 Oct 2021 13:43:10 GMT
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=0
Transfer-Encoding: chunked
Expires: 10/6/2021 1:43:11 PM

GET
H/1.1 200
OK dv-match6.js Show response
cdn.doubleverify.com/ Frame 3DEA 4 KB
2 KB 13ms
13ms Script
application/javascript 2a02:26f0:fe00:48c::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.doubleverify.com/dv-match6.js
Requested by: Host: www.rinkworks.com
URL: http://www.rinkworks.com/brainfood/c/logi.shtml
Protocol: HTTP/1.1
Server: 2a02:26f0:fe00:48c::4469 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d03755898b05a3d69377bf7da16ccb307e789a0f569b4dbbcb7b29bdecf967c5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.rinkworks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 07 Oct 2021 13:43:11 GMT
Content-Encoding: gzip
Last-Modified: Sun, 11 Mar 2018 04:45:12 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "03c84bdf3b8d31:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=52117
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1935

POST
H/1.1 200
OK bsevent.gif
tps20525.doubleverify.com/ 807 B
1 KB 145ms
12ms Ping
image/gif 213.254.244.17
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: http://tps20525.doubleverify.com/bsevent.gif?impid=0668e4b3ed66449e8015635b55fb0356&vfdur=536&cbust=1633614191930535
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol: HTTP/1.1
Server: 213.254.244.17 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: 78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer: http://www.rinkworks.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Thu, 07 Oct 2021 13:43:11 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: image/gif
Access-Control-Allow-Origin: http://www.rinkworks.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 860
Expires: 10/6/2021 1:43:12 PM

GET
H/1.1 200
OK Cookie set p.media Show response
a.tribalfusion.com/ Frame C542 480 B
1 KB 182ms
182ms Document
text/html 2606:4700::6812:c05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://a.tribalfusion.com/p.media?clickID=a2mTo6mdAtVWJ9YFn71FZbgXayqSUvFTUvSVWvTnFZbxQb7MYa3y4Tfg2TMQmaMB1b39UWjXm67DnVvomHnC5TYh2tyq3PfGpbYEYsfWXsF2XGFNpajW5bv2VrnFUAv3RqMQQGMmQtfr1HvoVAjM2GY20U3ZaVAqo4ABgR6bK2HZbrXW3AmH2m5mM03GvdVc3jVVnhSAZbvUd3QTr735b2uUqjvVbja3d3NuFG7bZc&mediaDataID=9148826&mediaName=frame.html
Requested by: Host: www.rinkworks.com
URL: http://www.rinkworks.com/brainfood/c/logi.shtml
Protocol: HTTP/1.1
Server: 2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e71e564bc9c63b3b2a83d63674bb853eb7ce0452af795ab8ae654a19c70b0a6

Request headers

Host: a.tribalfusion.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://www.rinkworks.com/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.rinkworks.com/

Response headers

Date: Thu, 07 Oct 2021 13:43:12 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="NOI DEVo TAIa OUR BUS"
X-Function: 102
X-Reuse-Index: 3
Pragma: no-cache
Cache-Control: private, no-cache, no-store, proxy-revalidate
Set-Cookie: ANON_ID=aenpe3u4YUsmqcnc4vK3e3kcyIEesLgNJFRwv5R26wMH7pXWv78f; path=/; domain=.tribalfusion.com; expires=Wed, 05-Jan-2022 13:43:12 GMT; SameSite=None; Secure;
Vary: Accept-Encoding
Expires: 0
set-cookie: ANON_ID_old=aenpe3u4YUsmqcnc4vK3e3kcyIEesLgNJFRwv5R26wMH7pXWv78f; path=/; domain=.tribalfusion.com; expires=Wed, 05-Jan-2022 13:43:12 GMT;
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 69a78e9b9c7d4a6d-FRA
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H/1.1 200
OK Cookie set p.media Show response
a.tribalfusion.com/ Frame C555 510 B
1 KB 164ms
163ms Document
text/html 2606:4700::6812:c05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://a.tribalfusion.com/p.media?clickID=a3mTo636YR3sr9VsY7WsJhPPJuTHvWTFFP3FixVEnvWa3iQqYFRVjZaRFawRW7bUGjU4UmxmHyMXamx4dMESV7G5mFZbmtayVHjhYUf9XFYfXaIrRUrCUrMSVHJ2orJoRbjNYarn5Tfa4T7XmqrGYFZb6WHjWomnJnVjumHnJ3TZbh5tiN46vFnFrGYV3W1cQV1srumEnU3U3PWFjDUA7TREbQQWfs3EJZcvR3Xur&mediaDataID=8039566&mediaName=frame.html
Requested by: Host: www.rinkworks.com
URL: http://www.rinkworks.com/brainfood/c/logi.shtml
Protocol: HTTP/1.1
Server: 2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4aba62b02da764bf5d80948a7d6082fc8c63d2354e5cbda7ccb5072d80b0cb2

Request headers

Host: a.tribalfusion.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://www.rinkworks.com/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.rinkworks.com/

Response headers

Date: Thu, 07 Oct 2021 13:43:12 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="NOI DEVo TAIa OUR BUS"
X-Function: 102
X-Reuse-Index: 4
Pragma: no-cache
Cache-Control: private, no-cache, no-store, proxy-revalidate
Set-Cookie: ANON_ID=asnpe3xZduBnRApTpshjiAmiTEwJvZcTkZbyHRkUMMZbaiUUr7XWvaxu; path=/; domain=.tribalfusion.com; expires=Wed, 05-Jan-2022 13:43:12 GMT; SameSite=None; Secure;
Vary: Accept-Encoding
Expires: 0
set-cookie: ANON_ID_old=asnpe3xZduBnRApTpshjiAmiTEwJvZcTkZbyHRkUMMZbaiUUr7XWvaxu; path=/; domain=.tribalfusion.com; expires=Wed, 05-Jan-2022 13:43:12 GMT;
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 69a78e9b98954a7f-FRA
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H/1.1 200
OK Cookie set p.media Show response
a.tribalfusion.com/ Frame 4D29 648 B
1 KB 178ms
178ms Document
text/html 2606:4700::6812:c05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://a.tribalfusion.com/p.media?clickID=a5mTo6VWJ60bnaYFjg1EIqPbMZcTrU2WHnWmU7uQbfNXqQO5qZba5a32oa7LYbU6WWrRmPvBncfuoWnB5EUg5daq4ArZapb3E0VU0XVF11VvxpTFU2FMRVbZbZcWm75REMXSVUMQWbu1tFuVPbv2VJ1XbUKVmyr26U6PmnI4WUO0HBKpdAo4ABT4sreUcr6Ucf8S6JxTtZbVUrb22bArUqjvTTJlQbbZc5bZbvx2X2O0&mediaDataID=6719746&mediaName=frame.html
Requested by: Host: www.rinkworks.com
URL: http://www.rinkworks.com/brainfood/c/logi.shtml
Protocol: HTTP/1.1
Server: 2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b0aaeb583dee0957016d4389f3a69dff9d2245e544f40ee39a2c97e46a5a45e4

Request headers

Host: a.tribalfusion.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://www.rinkworks.com/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.rinkworks.com/

Response headers

Date: Thu, 07 Oct 2021 13:43:12 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="NOI DEVo TAIa OUR BUS"
X-Function: 102
X-Reuse-Index: 3
Pragma: no-cache
Cache-Control: private, no-cache, no-store, proxy-revalidate
Set-Cookie: ANON_ID=aUnpe3ON6Jv8ZbUxpcij5EZcGUEfZb1G9fyrIywUbQjEq1VjrXWv7BO; path=/; domain=.tribalfusion.com; expires=Wed, 05-Jan-2022 13:43:12 GMT; SameSite=None; Secure;
Vary: Accept-Encoding
Expires: 0
set-cookie: ANON_ID_old=aUnpe3ON6Jv8ZbUxpcij5EZcGUEfZb1G9fyrIywUbQjEq1VjrXWv7BO; path=/; domain=.tribalfusion.com; expires=Wed, 05-Jan-2022 13:43:12 GMT;
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 69a78e9baeab6958-FRA
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H/1.1 200
OK Cookie set p.media Show response
a.tribalfusion.com/ Frame E98E 922 B
1 KB 175ms
175ms Document
text/html 2606:4700::6812:c05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://a.tribalfusion.com/p.media?clickID=a6mTo63sr7VcQdWVn6RPZbxWdMRUF725UauWT3wWaUlPaUGSsJCQrEtPtMlWcbV2UenmtaOXT6n2tMHSGjH263ZbpdTsVHbh0rUkXbYk1qqtPbYATrUQVtrWmFQmRUjt1q3y5qbf4a3RmaMCYU3dUtbQoAvZcpsvooWbL5EU73dmq3AbGmUbKXcrVYc31XGjnmarW2FZbWVFfCVAMYREbQScZbMQGnNWEbDwSgbC1&mediaDataID=5207316&mediaName=frame.html
Requested by: Host: www.rinkworks.com
URL: http://www.rinkworks.com/brainfood/c/logi.shtml
Protocol: HTTP/1.1
Server: 2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d87b74c1c928e3a25011b9a9a00168f2c11c69881625598be3664fbd6e2fde87

Request headers

Host: a.tribalfusion.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://www.rinkworks.com/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.rinkworks.com/

Response headers

Date: Thu, 07 Oct 2021 13:43:12 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="NOI DEVo TAIa OUR BUS"
X-Function: 102
X-Reuse-Index: 1
Pragma: no-cache
Cache-Control: private, no-cache, no-store, proxy-revalidate
Set-Cookie: ANON_ID=agnpe3SkTsvAutoskaLgA4ZcWI8F1ZcI8ZbYZaVYUD0Xa1Qb3kXWvihy; path=/; domain=.tribalfusion.com; expires=Wed, 05-Jan-2022 13:43:12 GMT; SameSite=None; Secure;
Vary: Accept-Encoding
Expires: 0
set-cookie: ANON_ID_old=agnpe3SkTsvAutoskaLgA4ZcWI8F1ZcI8ZbYZaVYUD0Xa1Qb3kXWvihy; path=/; domain=.tribalfusion.com; expires=Wed, 05-Jan-2022 13:43:12 GMT;
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 69a78e9baaaa0ebb-FRA
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f4a388a3234ae316bd3680065bda88e40313acea24aca92b566678614c31bc38

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.rinkworks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 18ms
17ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.rinkworks.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.rinkworks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 07 Oct 2021 13:43:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 18ms
17ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.rinkworks.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.rinkworks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 07 Oct 2021 13:43:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3DBD 430 B
270 B 81ms
81ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1382747617792961&output=html&h=90&adk=1995636810&adf=1180108593&w=200&lmt=1633614191&channel=2246335018%209065640222&format=200x90_0ads_al_s&color_bg=FFFFFF&color_border=FFFFFF&color_link=3333AA&color_text=000000&color_url=3333AA&url=http%3A%2F%2Fwww.rinkworks.com%2Fbrainfood%2Fc%2Flogi.shtml&flash=0&wgl=1&dt=1633614191936&bpp=3&bdt=2408&idt=3&shv=r20211005&mjsv=m202109290101&ptt=5&saldr=sa&abxe=1&cookie=ID%3Dcea0a363a96f4906-2228263ee8ca006b%3AT%3D1633614191%3ART%3D1633614191%3AS%3DALNI_MYaw9BzM-dV1C3apZv0SgEUtTVWAQ&prev_fmts=728x15_0ads_al_s%2C468x15_0ads_al_s&correlator=6914367198100&pv_ch=2246335018%2B9065640222%2B&frm=20&pv=1&ga_vid=959011563.1633614191&ga_sid=1633614191&ga_hid=1809547132&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=937&ady=826&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423&oid=2&pvsid=1330004267916991&pem=842&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=eeW0zg1Z0F&p=http%3A//www.rinkworks.com&dtd=7

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d4c1cbd4d7e144b97150e19ada57aa51925c2fafa21ea669804da74d2101fd5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1382747617792961&output=html&h=90&adk=1995636810&adf=1180108593&w=200&lmt=1633614191&channel=2246335018%209065640222&format=200x90_0ads_al_s&color_bg=FFFFFF&color_border=FFFFFF&color_link=3333AA&color_text=000000&color_url=3333AA&url=http%3A%2F%2Fwww.rinkworks.com%2Fbrainfood%2Fc%2Flogi.shtml&flash=0&wgl=1&dt=1633614191936&bpp=3&bdt=2408&idt=3&shv=r20211005&mjsv=m202109290101&ptt=5&saldr=sa&abxe=1&cookie=ID%3Dcea0a363a96f4906-2228263ee8ca006b%3AT%3D1633614191%3ART%3D1633614191%3AS%3DALNI_MYaw9BzM-dV1C3apZv0SgEUtTVWAQ&prev_fmts=728x15_0ads_al_s%2C468x15_0ads_al_s&correlator=6914367198100&pv_ch=2246335018%2B9065640222%2B&frm=20&pv=1&ga_vid=959011563.1633614191&ga_sid=1633614191&ga_hid=1809547132&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=937&ady=826&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423&oid=2&pvsid=1330004267916991&pem=842&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=eeW0zg1Z0F&p=http%3A//www.rinkworks.com&dtd=7
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.rinkworks.com/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUlRfrBYXTagj0STCxkHeSnmXyaZDIm63cR60Q-buGL_jJI_YUJmmS25GzAHbeg
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.rinkworks.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 07 Oct 2021 13:43:12 GMT
server: cafe
content-length: 207
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H/1.1 200
OK bsevent.gif
tps20525.doubleverify.com/ 807 B
1 KB 128ms
12ms Ping
image/gif 213.254.244.17
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: http://tps20525.doubleverify.com/bsevent.gif?impid=0668e4b3ed66449e8015635b55fb0356&pltfrm=Linux%20x86_64&dvp_or1=1&cbust=1633614191947115
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol: HTTP/1.1
Server: 213.254.244.17 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: 78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer: http://www.rinkworks.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Thu, 07 Oct 2021 13:43:11 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: image/gif
Access-Control-Allow-Origin: http://www.rinkworks.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 860
Expires: 10/6/2021 1:43:12 PM

POST
H/1.1 200
OK bsevent.gif
tps20525.doubleverify.com/ 807 B
1 KB 128ms
11ms Ping
image/gif 213.254.244.17
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: http://tps20525.doubleverify.com/bsevent.gif?impid=0668e4b3ed66449e8015635b55fb0356&dvp_or2=1&cbust=1633614191947440
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol: HTTP/1.1
Server: 213.254.244.17 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: 78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer: http://www.rinkworks.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Thu, 07 Oct 2021 13:43:11 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: image/gif
Access-Control-Allow-Origin: http://www.rinkworks.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 860
Expires: 10/6/2021 1:43:12 PM

POST
H/1.1 200
OK rum Show response
a.tribalfusion.com/cdn-cgi/ Frame 998B 0
480 B 10ms
9ms XHR
text/plain 2606:4700::6812:c05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://a.tribalfusion.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js

Protocol

HTTP/1.1

Server

2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://a.tribalfusion.com/p.media?clickID=a2mTo6mdAtVWJ60rM81FUgXaAmPrQATUvSVWvTnFZbxQb7MYa3y4Tfg2TMQmEMB1b39UWjXm67DnVvomHnC5TYh2tao3mBGpbYEYsfWXsF2XGFwnEBS5Fv2VrnFUAv3RqMQQGMmQtfr1HvoVAjM2GY20U3ZaVAqo4ABgR6bK2HZbrXW3AmH2O4mMT4cbdVc3jVVnhSAZbvUd3QTr735b2uUqjvVbja3d3Nx7hlWU&mediaDataID=6546596&mediaName=frame.html
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/json

Response headers

Date: Thu, 07 Oct 2021 13:43:11 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cloudflare
X-Frame-Options: DENY
access-control-allow-methods: POST,OPTIONS
Content-Type: text/plain
access-control-allow-origin: http://a.tribalfusion.com
access-control-max-age: 86400
Transfer-Encoding: chunked
Connection: keep-alive
access-control-allow-credentials: true
CF-RAY: 69a78e9bbb5b4e55-FRA
vary: Origin

POST
H/1.1 200
OK rum Show response
a.tribalfusion.com/cdn-cgi/ Frame 542F 0
480 B 13ms
13ms XHR
text/plain 2606:4700::6812:c05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://a.tribalfusion.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js

Protocol

HTTP/1.1

Server

2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://a.tribalfusion.com/p.media?clickID=a0mTo6pdEv36YR4Vb7Tc3aUcJjPAMwTWM3UUZbS2UAuVEvwVqQlPTMLQcZbBPFumPWfcWGr54bevmtit0qmu4tnFPG7A2A3HmtayUdQcYrfa1UJ71a6pRFrZbUbBXTtQ4oFJxPrFpYEvy5aUk4Ef2mabB1rFcWtbPmPbDpGvwoWfD5EQ72Wmp5AFKnbrJ0GM0XVJ51VnwnT7R2UYQTFnZcUA7TPrB03UQGpE65Za6&mediaDataID=6347136&mediaName=frame.html
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/json

Response headers

Date: Thu, 07 Oct 2021 13:43:11 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cloudflare
X-Frame-Options: DENY
access-control-allow-methods: POST,OPTIONS
Content-Type: text/plain
access-control-allow-origin: http://a.tribalfusion.com
access-control-max-age: 86400
Transfer-Encoding: chunked
Connection: keep-alive
access-control-allow-credentials: true
CF-RAY: 69a78e9bbb0e5b6e-FRA
vary: Origin

POST
H/1.1 200
OK rum Show response
a.tribalfusion.com/cdn-cgi/ Frame 3016 0
480 B 9ms
9ms XHR
text/plain 2606:4700::6812:c05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://a.tribalfusion.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js

Protocol

HTTP/1.1

Server

2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://a.tribalfusion.com/p.media?clickID=a3mTo636YR3sr6TGMcVcFhPPnmTWZbVUbFP3FixVEnvWa3iQqYFRVjZaRFawRt7bUGjU4UmxmHyMXamx4dMESV7G5m3LmWeyVHjhYUf9XFYfXaIsSbYATbMSVHJ2orJoRbjNYarn5Tfa4T7XmqrGYFZb6WHjWomnJnVjumHnJ3TZbh5tiN46vLpFvIYs3W1cQV1srumEnU3U3PWFjDUA7TREbQQWfs3EJZcs3X47x&mediaDataID=6807466&mediaName=frame.html
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/json

Response headers

Date: Thu, 07 Oct 2021 13:43:11 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cloudflare
X-Frame-Options: DENY
access-control-allow-methods: POST,OPTIONS
Content-Type: text/plain
access-control-allow-origin: http://a.tribalfusion.com
access-control-max-age: 86400
Transfer-Encoding: chunked
Connection: keep-alive
access-control-allow-credentials: true
CF-RAY: 69a78e9beb515b6e-FRA
vary: Origin

POST
H/1.1 200
OK rum Show response
a.tribalfusion.com/cdn-cgi/ Frame 3A80 0
480 B 11ms
11ms XHR
text/plain 2606:4700::6812:c05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://a.tribalfusion.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js

Protocol

HTTP/1.1

Server

2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://a.tribalfusion.com/p.media?clickID=a6mTo63sr7VcQcWcb7P6nxWdvUUUZbR2bauWT3wWaUlPaUGSsJCQrEtPtMlWcbV2UenmtaOXT6n2tMHSGjH263ZbpdZamVHZbh0rUkXbYk1qqtPbYETFJYWWrWmFQmRUjt1q3y5qbf4a3RmaMCYU3dUtbQoAvZcpsvooWbL5EU73dmq3AbGmUbLXsQWYcZb1XGjnmarW2FZbWVFfCVAMYREbQScZbMQGnNWEbDuLlIEL&mediaDataID=4056396&mediaName=frame.html
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/json

Response headers

Date: Thu, 07 Oct 2021 13:43:11 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cloudflare
X-Frame-Options: DENY
access-control-allow-methods: POST,OPTIONS
Content-Type: text/plain
access-control-allow-origin: http://a.tribalfusion.com
access-control-max-age: 86400
Transfer-Encoding: chunked
Connection: keep-alive
access-control-allow-credentials: true
CF-RAY: 69a78e9bfb855b6e-FRA
vary: Origin

POST
H/1.1 200
OK rum Show response
a.tribalfusion.com/cdn-cgi/ Frame D930 0
480 B 9ms
9ms XHR
text/plain 2606:4700::6812:c05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://a.tribalfusion.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js

Protocol

HTTP/1.1

Server

2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://a.tribalfusion.com/p.media?clickID=a4mTo6prMZd0GnPYGnT1cnupTfU2bnPTrJZcW6QWQqvQPVYNQWZbr0tFsTPvm2GB20FFJT6yw4mFgPmbC4WUqXHUKmdIN3PZbY3cQgUVJ6VsMePPQwUHQWUUBP3U2pUqrmTaQlQqnISVjCPFupRdf8WcMV2FmqoWitXaan4dMZdQVrG2mUHpHXrUWJ9Ybv91UZb91TuqSrBGUUY5WtU0orQxRUrNYr7tSdJ5tF79rf&mediaDataID=2713736&mediaName=frame.html
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/json

Response headers

Date: Thu, 07 Oct 2021 13:43:12 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cloudflare
X-Frame-Options: DENY
access-control-allow-methods: POST,OPTIONS
Content-Type: text/plain
access-control-allow-origin: http://a.tribalfusion.com
access-control-max-age: 86400
Transfer-Encoding: chunked
Connection: keep-alive
access-control-allow-credentials: true
CF-RAY: 69a78e9c0c164e55-FRA
vary: Origin

POST
H/1.1 200
OK rum Show response
a.tribalfusion.com/cdn-cgi/ Frame 8970 0
480 B 10ms
10ms XHR
text/plain 2606:4700::6812:c05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://a.tribalfusion.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js

Protocol

HTTP/1.1

Server

2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://a.tribalfusion.com/p.media?clickID=a9mTo6VcQcUcbgRPMOTtJTWrF33rZanVaUvVqviPa3FRcFBPU6vSH38Ucv24r6ootyrXaup2HjZbQVjE2mQZamtZasUWFd0rMk1Fb91TqmSrJHWUQ5VWM3mbjxPbrr1E3r3aZba4EQ5mTBIYFU9UdrVmmnIpGnrmtnB3TB95teN5PvZaprvEYcfTXVU11sjypTj42bJUWUvFWAvXQEv2ScZbMStUr1G3p0SvIv6LQRh&mediaDataID=5436426&mediaName=frame.html
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/json

Response headers

Date: Thu, 07 Oct 2021 13:43:12 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cloudflare
X-Frame-Options: DENY
access-control-allow-methods: POST,OPTIONS
Content-Type: text/plain
access-control-allow-origin: http://a.tribalfusion.com
access-control-max-age: 86400
Transfer-Encoding: chunked
Connection: keep-alive
access-control-allow-credentials: true
CF-RAY: 69a78e9c0bc05b6e-FRA
vary: Origin

POST
H/1.1 200
OK rum Show response
a.tribalfusion.com/cdn-cgi/ Frame 85C1 0
480 B 12ms
12ms XHR
text/plain 2606:4700::6812:c05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://a.tribalfusion.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js

Protocol

HTTP/1.1

Server

2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://a.tribalfusion.com/p.media?clickID=a1mU0h3A7ZbprMLXsbQXsr5XGBMmarU2FM2VbBZbVmMTQqnRQGUMPtfxYHbxVPbw4cJ5XF3DTPau4AU6R6bB4HYr1WUZapW6o3mMY4GjdUsJdUcjkSPvxUdv3UUn25UiwUEjrVTY7PTnFSGFBPbumSHUaVcbT2FuootZaqXayp2dYZaQVbG2ABHotXsVWJhXUf91U7j1aurSUMZbUrB2TH3YobZbpPFFoYqny3TUa2a7Ytq7pHhpJ6c&mediaDataID=5578346&mediaName=frame.html
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/json

Response headers

Date: Thu, 07 Oct 2021 13:43:12 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cloudflare
X-Frame-Options: DENY
access-control-allow-methods: POST,OPTIONS
Content-Type: text/plain
access-control-allow-origin: http://a.tribalfusion.com
access-control-max-age: 86400
Transfer-Encoding: chunked
Connection: keep-alive
access-control-allow-credentials: true
CF-RAY: 69a78e9c5c985b6e-FRA
vary: Origin

GET
H2 200 beacon.min.js Show response
static.cloudflareinsights.com/ Frame C555 13 KB
5 KB 48ms
47ms Script
text/javascript 2606:4700::6810:5e41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js
Requested by: Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/p.media?clickID=a3mTo636YR3sr9VsY7WsJhPPJuTHvWTFFP3FixVEnvWa3iQqYFRVjZaRFawRW7bUGjU4UmxmHyMXamx4dMESV7G5mFZbmtayVHjhYUf9XFYfXaIrRUrCUrMSVHJ2orJoRbjNYarn5Tfa4T7XmqrGYFZb6WHjWomnJnVjumHnJ3TZbh5tiN46vFnFrGYV3W1cQV1srumEnU3U3PWFjDUA7TREbQQWfs3EJZcvR3Xur&mediaDataID=8039566&mediaName=frame.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5e41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: acd89c8dd5cc9cf47ee574302ec883993c33d419da8840ddb05763b857f1f09f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://a.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 13:43:12 GMT
content-encoding: gzip
last-modified: Wed, 22 Sep 2021 16:39:17 GMT
server: cloudflare
etag: W/2021.9.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 69a78e9cb8a8178e-FRA

GET
H2

200

dspreply
public-prod-dspcookiematching.dmxleo.com/ Frame C555
Redirect Chain

https://a.tribalfusion.com/i.match?p=b24&u=18072662307738034791&redirect=https%3A%2F%2Fpublic-prod-dspcookiematching.dmxleo.com%2Fdspreply%3FdspId%3D15%26dspUserId%3D%24TF_USER_ID_ENC%24
https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=15&dspUserId=18072662307738052621
https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=15&dspUserId=18072662307738052621&cookieRequired=true

0
115 B

18ms
17ms

Image
text/plain

188.65.124.38
DAILYMOTION For p...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=15&dspUserId=18072662307738052621&cookieRequired=true

Requested by

Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/p.media?clickID=a3mTo636YR3sr9VsY7WsJhPPJuTHvWTFFP3FixVEnvWa3iQqYFRVjZaRFawRW7bUGjU4UmxmHyMXamx4dMESV7G5mFZbmtayVHjhYUf9XFYfXaIrRUrCUrMSVHJ2orJoRbjNYarn5Tfa4T7XmqrGYFZb6WHjWomnJnVjumHnJ3TZbh5tiN46vFnFrGYV3W1cQV1srumEnU3U3PWFjDUA7TREbQQWfs3EJZcvR3Xur&mediaDataID=8039566&mediaName=frame.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.65.124.38 L'Haÿ-les-Roses, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),

Reverse DNS

icscale-01-pub-ix7.vip.dailymotion.com

Software

nginx/1.15.6 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://a.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-dm-lb-name: icscale-01-02
date: Thu, 07 Oct 2021 13:43:12 GMT
server: nginx/1.15.6
content-length: 0
strict-transport-security: max-age=15724800; includeSubDomains

Redirect headers

location: /dspreply?dspId=15&dspUserId=18072662307738052621&cookieRequired=true
date: Thu, 07 Oct 2021 13:43:12 GMT
server: nginx/1.15.6
content-length: 113
strict-transport-security: max-age=15724800; includeSubDomains
x-dm-lb-name: icscale-01-02
content-type: text/html; charset=utf-8

GET
H/1.1 200
OK hmac-sha1.js Show response
cdnx.tribalfusion.com/media/5207316/ Frame E98E 5 KB
3 KB 16ms
15ms Script
application/x-javascript 2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://cdnx.tribalfusion.com/media/5207316/hmac-sha1.js
Requested by: Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/p.media?clickID=a6mTo63sr7VcQdWVn6RPZbxWdMRUF725UauWT3wWaUlPaUGSsJCQrEtPtMlWcbV2UenmtaOXT6n2tMHSGjH263ZbpdTsVHbh0rUkXbYk1qqtPbYATrUQVtrWmFQmRUjt1q3y5qbf4a3RmaMCYU3dUtbQoAvZcpsvooWbL5EU73dmq3AbGmUbKXcrVYc31XGjnmarW2FZbWVFfCVAMYREbQScZbMQGnNWEbDwSgbC1&mediaDataID=5207316&mediaName=frame.html
Protocol: HTTP/1.1
Server: 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 373015d4e34dbf73ecb406228a102a191bf689ab1531ad0afa629e97b6a4a7bd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://a.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 07 Oct 2021 13:43:12 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 3738
Transfer-Encoding: chunked
P3P: CP="NOI DEVo TAIa OUR BUS"
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
X-Function: 301
Last-Modified: Thu, 08 Feb 2018 21:10:28 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: application/x-javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public
CF-RAY: 69a78e9cdcdd6933-FRA
Expires: Tue, 31 Dec 2030 00:00:00 GMT

GET
H2 200 beacon.min.js Show response
static.cloudflareinsights.com/ Frame E98E 13 KB
5 KB 52ms
51ms Script
text/javascript 2606:4700::6810:5e41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js
Requested by: Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/p.media?clickID=a6mTo63sr7VcQdWVn6RPZbxWdMRUF725UauWT3wWaUlPaUGSsJCQrEtPtMlWcbV2UenmtaOXT6n2tMHSGjH263ZbpdTsVHbh0rUkXbYk1qqtPbYATrUQVtrWmFQmRUjt1q3y5qbf4a3RmaMCYU3dUtbQoAvZcpsvooWbL5EU73dmq3AbGmUbKXcrVYc31XGjnmarW2FZbWVFfCVAMYREbQScZbMQGnNWEbDwSgbC1&mediaDataID=5207316&mediaName=frame.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5e41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: acd89c8dd5cc9cf47ee574302ec883993c33d419da8840ddb05763b857f1f09f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://a.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 13:43:12 GMT
content-encoding: gzip
last-modified: Wed, 22 Sep 2021 16:39:17 GMT
server: cloudflare
etag: W/2021.9.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 69a78e9cd8d5178e-FRA

GET
H2 200 beacon.min.js Show response
static.cloudflareinsights.com/ Frame 4D29 13 KB
5 KB 52ms
51ms Script
text/javascript 2606:4700::6810:5e41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js
Requested by: Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/p.media?clickID=a5mTo6VWJ60bnaYFjg1EIqPbMZcTrU2WHnWmU7uQbfNXqQO5qZba5a32oa7LYbU6WWrRmPvBncfuoWnB5EUg5daq4ArZapb3E0VU0XVF11VvxpTFU2FMRVbZbZcWm75REMXSVUMQWbu1tFuVPbv2VJ1XbUKVmyr26U6PmnI4WUO0HBKpdAo4ABT4sreUcr6Ucf8S6JxTtZbVUrb22bArUqjvTTJlQbbZc5bZbvx2X2O0&mediaDataID=6719746&mediaName=frame.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5e41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: acd89c8dd5cc9cf47ee574302ec883993c33d419da8840ddb05763b857f1f09f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://a.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 13:43:12 GMT
content-encoding: gzip
last-modified: Wed, 22 Sep 2021 16:39:17 GMT
server: cloudflare
etag: W/2021.9.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 69a78e9cd8d6178e-FRA

GET
H2

200

i.match
a.tribalfusion.com/ Frame 4D29
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%253A//simage2.pubmatic.com/AdServer/Pug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%2526piggybackCookie%253D180726623077...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%253A//simage2.pubmatic.com/AdServer/Pug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%2526piggybackCookie%253D180726623077...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw&piggybackCookie=18072662307738034791&r=https%3A//a.tribalfusion.com/i.match%3Fp%3Db11%26u%3D%24%7BPUBMATIC_U...
https://a.tribalfusion.com/i.match?p=b11&u=0EA03DC6-1D13-4B95-8597-EB178F6A9CE2

43 B
719 B

167ms
167ms

Image
image/gif

2606:4700::6812:c05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b11&u=0EA03DC6-1D13-4B95-8597-EB178F6A9CE2
Requested by: Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/p.media?clickID=a5mTo6VWJ60bnaYFjg1EIqPbMZcTrU2WHnWmU7uQbfNXqQO5qZba5a32oa7LYbU6WWrRmPvBncfuoWnB5EUg5daq4ArZapb3E0VU0XVF11VvxpTFU2FMRVbZbZcWm75REMXSVUMQWbu1tFuVPbv2VJ1XbUKVmyr26U6PmnI4WUO0HBKpdAo4ABT4sreUcr6Ucf8S6JxTtZbVUrb22bArUqjvTTJlQbbZc5bZbvx2X2O0&mediaDataID=6719746&mediaName=frame.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://a.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Oct 2021 13:43:12 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 69a78e9dfe506969-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
content-type: image/gif; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://a.tribalfusion.com/i.match?p=b11&u=0EA03DC6-1D13-4B95-8597-EB178F6A9CE2
date: Thu, 07 Oct 2021 13:43:12 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug019:0:2363
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 beacon.min.js Show response
static.cloudflareinsights.com/ Frame C542 13 KB
5 KB 41ms
41ms Script
text/javascript 2606:4700::6810:5e41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js
Requested by: Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/p.media?clickID=a2mTo6mdAtVWJ9YFn71FZbgXayqSUvFTUvSVWvTnFZbxQb7MYa3y4Tfg2TMQmaMB1b39UWjXm67DnVvomHnC5TYh2tyq3PfGpbYEYsfWXsF2XGFNpajW5bv2VrnFUAv3RqMQQGMmQtfr1HvoVAjM2GY20U3ZaVAqo4ABgR6bK2HZbrXW3AmH2m5mM03GvdVc3jVVnhSAZbvUd3QTr735b2uUqjvVbja3d3NuFG7bZc&mediaDataID=9148826&mediaName=frame.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5e41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: acd89c8dd5cc9cf47ee574302ec883993c33d419da8840ddb05763b857f1f09f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://a.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 13:43:12 GMT
content-encoding: gzip
last-modified: Wed, 22 Sep 2021 16:39:17 GMT
server: cloudflare
etag: W/2021.9.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 69a78e9cd8d7178e-FRA

GET
H2

200

i.match
a.tribalfusion.com/ Frame C542
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=8731&uid=18072662307738034791&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db19%26u%3D$SPOTX_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=8731&uid=18072662307738034791&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db19%26u%3D$SPOTX_USER_ID&__user_check__=1&sync_id=83c6d638-2774-11e...
https://a.tribalfusion.com/i.match?p=b19&u=83c6d5c7-2774-11ec-8b86-1384e0ef0406

43 B
434 B

171ms
171ms

Image
image/gif

2606:4700::6812:c05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b19&u=83c6d5c7-2774-11ec-8b86-1384e0ef0406
Requested by: Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/p.media?clickID=a2mTo6mdAtVWJ9YFn71FZbgXayqSUvFTUvSVWvTnFZbxQb7MYa3y4Tfg2TMQmaMB1b39UWjXm67DnVvomHnC5TYh2tyq3PfGpbYEYsfWXsF2XGFNpajW5bv2VrnFUAv3RqMQQGMmQtfr1HvoVAjM2GY20U3ZaVAqo4ABgR6bK2HZbrXW3AmH2m5mM03GvdVc3jVVnhSAZbvUd3QTr735b2uUqjvVbja3d3NuFG7bZc&mediaDataID=9148826&mediaName=frame.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://a.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Oct 2021 13:43:12 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 69a78e9dad896969-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
content-type: image/gif; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Thu, 07 Oct 2021 13:43:12 GMT
Server: nginx
Location: https://a.tribalfusion.com/i.match?p=b19&u=83c6d5c7-2774-11ec-8b86-1384e0ef0406
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 129
Connection: keep-alive
Content-Length: 43

GET
H2 204 v1
ads.yahoo.com/cms/ Frame E98E 0
612 B 37ms
9ms Image
text/plain 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10001105643&eid=18072662307738034791&sigv=1&esig=2~7060809cd44dc143cb72cf7aa4dc8bb2589f601c

Requested by

Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/p.media?clickID=a6mTo63sr7VcQdWVn6RPZbxWdMRUF725UauWT3wWaUlPaUGSsJCQrEtPtMlWcbV2UenmtaOXT6n2tMHSGjH263ZbpdTsVHbh0rUkXbYk1qqtPbYATrUQVtrWmFQmRUjt1q3y5qbf4a3RmaMCYU3dUtbQoAvZcpsvooWbL5EU73dmq3AbGmUbKXcrVYc31XGjnmarW2FZbWVFfCVAMYREbQScZbMQGnNWEbDwSgbC1&mediaDataID=5207316&mediaName=frame.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://a.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 13:43:12 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

POST
H/1.1 200
OK rum Show response
a.tribalfusion.com/cdn-cgi/ Frame E98E 0
480 B 14ms
14ms XHR
text/plain 2606:4700::6812:c05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://a.tribalfusion.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js

Protocol

HTTP/1.1

Server

2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://a.tribalfusion.com/p.media?clickID=a6mTo63sr7VcQdWVn6RPZbxWdMRUF725UauWT3wWaUlPaUGSsJCQrEtPtMlWcbV2UenmtaOXT6n2tMHSGjH263ZbpdTsVHbh0rUkXbYk1qqtPbYATrUQVtrWmFQmRUjt1q3y5qbf4a3RmaMCYU3dUtbQoAvZcpsvooWbL5EU73dmq3AbGmUbKXcrVYc31XGjnmarW2FZbWVFfCVAMYREbQScZbMQGnNWEbDwSgbC1&mediaDataID=5207316&mediaName=frame.html
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/json

Response headers

Date: Thu, 07 Oct 2021 13:43:12 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cloudflare
X-Frame-Options: DENY
access-control-allow-methods: POST,OPTIONS
Content-Type: text/plain
access-control-allow-origin: http://a.tribalfusion.com
access-control-max-age: 86400
Transfer-Encoding: chunked
Connection: keep-alive
access-control-allow-credentials: true
CF-RAY: 69a78e9d3f374a6d-FRA
vary: Origin

POST
H/1.1 200
OK rum Show response
a.tribalfusion.com/cdn-cgi/ Frame C555 0
480 B 12ms
12ms XHR
text/plain 2606:4700::6812:c05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://a.tribalfusion.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js

Protocol

HTTP/1.1

Server

2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://a.tribalfusion.com/p.media?clickID=a3mTo636YR3sr9VsY7WsJhPPJuTHvWTFFP3FixVEnvWa3iQqYFRVjZaRFawRW7bUGjU4UmxmHyMXamx4dMESV7G5mFZbmtayVHjhYUf9XFYfXaIrRUrCUrMSVHJ2orJoRbjNYarn5Tfa4T7XmqrGYFZb6WHjWomnJnVjumHnJ3TZbh5tiN46vFnFrGYV3W1cQV1srumEnU3U3PWFjDUA7TREbQQWfs3EJZcvR3Xur&mediaDataID=8039566&mediaName=frame.html
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/json

Response headers

Date: Thu, 07 Oct 2021 13:43:12 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cloudflare
X-Frame-Options: DENY
access-control-allow-methods: POST,OPTIONS
Content-Type: text/plain
access-control-allow-origin: http://a.tribalfusion.com
access-control-max-age: 86400
Transfer-Encoding: chunked
Connection: keep-alive
access-control-allow-credentials: true
CF-RAY: 69a78e9e49384a6d-FRA
vary: Origin

POST
H/1.1 200
OK rum Show response
a.tribalfusion.com/cdn-cgi/ Frame C542 0
480 B 12ms
11ms XHR
text/plain 2606:4700::6812:c05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://a.tribalfusion.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js

Protocol

HTTP/1.1

Server

2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://a.tribalfusion.com/p.media?clickID=a2mTo6mdAtVWJ9YFn71FZbgXayqSUvFTUvSVWvTnFZbxQb7MYa3y4Tfg2TMQmaMB1b39UWjXm67DnVvomHnC5TYh2tyq3PfGpbYEYsfWXsF2XGFNpajW5bv2VrnFUAv3RqMQQGMmQtfr1HvoVAjM2GY20U3ZaVAqo4ABgR6bK2HZbrXW3AmH2m5mM03GvdVc3jVVnhSAZbvUd3QTr735b2uUqjvVbja3d3NuFG7bZc&mediaDataID=9148826&mediaName=frame.html
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/json

Response headers

Date: Thu, 07 Oct 2021 13:43:12 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cloudflare
X-Frame-Options: DENY
access-control-allow-methods: POST,OPTIONS
Content-Type: text/plain
access-control-allow-origin: http://a.tribalfusion.com
access-control-max-age: 86400
Transfer-Encoding: chunked
Connection: keep-alive
access-control-allow-credentials: true
CF-RAY: 69a78e9eb9fd4a6d-FRA
vary: Origin

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
50 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa1e7fc7fb301e1df391599cfc07e9500433edb80fded671e95897decd9b003

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.rinkworks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 13:43:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51277
x-xss-protection: 0
server: cafe
etag: 5059383587511590556
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 07 Oct 2021 13:43:12 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
9 KB 45ms
22ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211005&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df493d4e66a0bb2be94fb8a3b0ee851f28763f848432e4017dda98f32ff49bae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.rinkworks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 07 Oct 2021 13:43:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8551
x-xss-protection: 0

POST
H/1.1 200
OK rum Show response
a.tribalfusion.com/cdn-cgi/ Frame 4D29 0
480 B 9ms
9ms XHR
text/plain 2606:4700::6812:c05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://a.tribalfusion.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js

Protocol

HTTP/1.1

Server

2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://a.tribalfusion.com/p.media?clickID=a5mTo6VWJ60bnaYFjg1EIqPbMZcTrU2WHnWmU7uQbfNXqQO5qZba5a32oa7LYbU6WWrRmPvBncfuoWnB5EUg5daq4ArZapb3E0VU0XVF11VvxpTFU2FMRVbZbZcWm75REMXSVUMQWbu1tFuVPbv2VJ1XbUKVmyr26U6PmnI4WUO0HBKpdAo4ABT4sreUcr6Ucf8S6JxTtZbVUrb22bArUqjvTTJlQbbZc5bZbvx2X2O0&mediaDataID=6719746&mediaName=frame.html
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/json

Response headers

Date: Thu, 07 Oct 2021 13:43:12 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cloudflare
X-Frame-Options: DENY
access-control-allow-methods: POST,OPTIONS
Content-Type: text/plain
access-control-allow-origin: http://a.tribalfusion.com
access-control-max-age: 86400
Transfer-Encoding: chunked
Connection: keep-alive
access-control-allow-credentials: true
CF-RAY: 69a78e9f0a934a6d-FRA
vary: Origin

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 53ms
24ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.rinkworks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 13:43:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Thu, 07 Oct 2021 13:43:12 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211005/r20190131/ Frame 63A1 10 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211005/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e59f39fd9be6b3737942676248d273b23f94ab60f7b7e608230d6a107dccb7ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20211005/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.rinkworks.com/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUlRfrBYXTagj0STCxkHeSnmXyaZDIm63cR60Q-buGL_jJI_YUJmmS25GzAHbeg
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.rinkworks.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 06 Oct 2021 20:04:40 GMT
expires: Wed, 20 Oct 2021 20:04:40 GMT
content-type: text/html; charset=UTF-8
etag: 10398570473303663775
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4601
x-xss-protection: 0
age: 63512
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 18ms
17ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.rinkworks.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.rinkworks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 07 Oct 2021 13:43:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 24ms
23ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.rinkworks.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.rinkworks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 07 Oct 2021 13:43:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1D23 146 KB
41 KB 831ms
831ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1382747617792961&output=html&adk=1812271804&adf=3025194257&lmt=1633614192&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&channel=2246335018%209065640222&format=0x0&url=http%3A%2F%2Fwww.rinkworks.com%2Fbrainfood%2Fc%2Flogi.shtml&ea=0&flash=0&pra=7&wgl=1&dt=1633614192551&bpp=1&bdt=3024&idt=1&shv=r20211005&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcea0a363a96f4906-2228263ee8ca006b%3AT%3D1633614191%3ART%3D1633614191%3AS%3DALNI_MYaw9BzM-dV1C3apZv0SgEUtTVWAQ&prev_fmts=728x15_0ads_al_s%2C468x15_0ads_al_s%2C200x90_0ads_al_s&nras=1&correlator=6914367198100&pv_ch=2246335018%2B9065640222%2B&frm=20&pv=1&ga_vid=959011563.1633614191&ga_sid=1633614191&ga_hid=1809547132&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423&oid=2&pvsid=1330004267916991&pem=842&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=4&uci=a!4&fsb=1&dtd=14

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f09d088f55bf8e2591db8bee173993f1ea083dd9a84d48559ae422daf2885fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1382747617792961&output=html&adk=1812271804&adf=3025194257&lmt=1633614192&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&channel=2246335018%209065640222&format=0x0&url=http%3A%2F%2Fwww.rinkworks.com%2Fbrainfood%2Fc%2Flogi.shtml&ea=0&flash=0&pra=7&wgl=1&dt=1633614192551&bpp=1&bdt=3024&idt=1&shv=r20211005&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcea0a363a96f4906-2228263ee8ca006b%3AT%3D1633614191%3ART%3D1633614191%3AS%3DALNI_MYaw9BzM-dV1C3apZv0SgEUtTVWAQ&prev_fmts=728x15_0ads_al_s%2C468x15_0ads_al_s%2C200x90_0ads_al_s&nras=1&correlator=6914367198100&pv_ch=2246335018%2B9065640222%2B&frm=20&pv=1&ga_vid=959011563.1633614191&ga_sid=1633614191&ga_hid=1809547132&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423&oid=2&pvsid=1330004267916991&pem=842&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=4&uci=a!4&fsb=1&dtd=14
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.rinkworks.com/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUlRfrBYXTagj0STCxkHeSnmXyaZDIm63cR60Q-buGL_jJI_YUJmmS25GzAHbeg
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.rinkworks.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 07 Oct 2021 13:43:13 GMT
server: cafe
content-length: 41652
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame F488 12 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.rinkworks.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.rinkworks.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Thu, 07 Oct 2021 11:23:21 GMT
expires: Fri, 07 Oct 2022 11:23:21 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 8391
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 2BCD 783 B
1 KB 42ms
17ms Document
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b7397d559179d9fad6be17806c2c70ab42f4eaf452b06445e5cee28a245aad6a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-+AnqqvkdFiD1Lm8x5+Hrsg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.rinkworks.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.rinkworks.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Thu, 07 Oct 2021 13:43:12 GMT
date: Thu, 07 Oct 2021 13:43:12 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-+AnqqvkdFiD1Lm8x5+Hrsg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 511
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 6hT0VtOiLu9-LOvcCmXY2zCEL5ayT6jMkvIn30Y9geQ.js Show response
pagead2.googlesyndication.com/bg/ Frame F488 35 KB
14 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6hT0VtOiLu9-LOvcCmXY2zCEL5ayT6jMkvIn30Y9geQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea14f456d3a22eef7e2cebdc0a65d8db30842f96b24fa8cc92f227df463d81e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 13:12:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1856
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13445
x-xss-protection: 0
last-modified: Mon, 04 Oct 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Fri, 07 Oct 2022 13:12:16 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2BCD 0
0 60ms
60ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211005&jk=1330004267916991&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 62ms
62ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gda_r20211005&jk=1330004267916991&bg=!FxSlFFDNAAYiB-bNIgc7ACkAdvg8WsrUEHRFCzAcT259V6xguMU-S9YLSsc1oeYAjOnLnDePDOS0RwIAAABfUgAAAAtoAQeZAt2AXfeoX9iRtmFqt0TJ4k16FNlrJaMtZmuJkdSMkmpQMcNiuHg3eeO8gaYGPOg0_qPutcrotX-yiRAViCt09rCcahOgjzUSCfrUYsLG-eOurKRb1TA6a0fuo6plqyy_jpBzma_JPpZv3L_72DUECQXcpQfxLnd_V9GIqN4fi56SpMo4g4mQvwThip9GLj-sLg0d-dCcWMAl7Z5RMLhxzAVYO8g2uo3_wogEcVq0jBH-WKMY9tO2krAspLncRj6aQEHTjQsOhqpEOi05Rr3_YbL1CyW6KhjREq_GZr0qZVGVWuwxIqhtSewh_MQ7k9jFOrjAUk4KwEVyzmH9hQvKrq5YJStmQRzG6G9LQZwa5t9WaffsErmN2H_3FJGoRqhmhNvcuR7e42fUmp4On7LWYd1985HenrUD02av8NNyrkUSnXZm15b4-yOYfQqJF4v34uJVLorUzgMbJ9socHIUBbtQeTqzX5Cz0uPeT077JiPqX9HA01UE4UCbGqfqIjCTG05HRtv2doLVn0J5JwF5-6jjw9f6QNasw10Bh6N5pWh4sBtECz_tiivs0lJr52_55XWryUwTydXDvvlHyzyubqMnqISW8ETqRRkqaxbCm9IdRb1k9urgrCrzAbzcWqaYdKwsSIwDpqTDLGDie4iGkMCgElU90N03JS2ub6_qJ0Xco4-vp8J4-alGESTsq3_MTocEWyUhD-SCYIgHhygix2wd-84mmU3A80Fh01V-jZq2eGBf7JYCd-hhrzrgqeAEz1vhyM3sLLY9ek_P4hMcfRZv1Lt3qA5ucYMV8-XEqK589m9rcsXfCQPQxQoO2-veZe1sV1tHAXUcC35yEamBIttWTIYs-AQRNTQ64di1pYi1l2bYO5fxXmYnkpJilOkvfG5q-llmcDfLflcFlwU4p6XeeNH3v6-rLdpSk2LZoi5uHtNw4Kv7y_toYYCV7bYni_Gri-SqtNIEf8rAe3-Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.rinkworks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

POST
H/1.1 200
OK bsevent.gif
tps20524.doubleverify.com/ 807 B
1 KB 8ms
8ms Ping
image/gif 213.254.244.17
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: http://tps20524.doubleverify.com/bsevent.gif?impid=72145f1db1b5473a8e48bb40d6482ee1&pltfrm=Linux%20x86_64&cbust=1633614192842749
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol: HTTP/1.1
Server: 213.254.244.17 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: 78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer: http://www.rinkworks.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Thu, 07 Oct 2021 13:43:12 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: image/gif
Access-Control-Allow-Origin: http://www.rinkworks.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 860
Expires: 10/6/2021 1:43:12 PM

GET
H2 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109290101/ 142 KB
51 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109290101/reactive_library_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5bccbbf39f46905558190fd7f8e6aaf9686bd32fef7f243b01f019d1bc95a3ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.rinkworks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 13:43:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52306
x-xss-protection: 0
server: cafe
etag: 1327222315113741855
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Oct 2021 13:43:13 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 17ms
17ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.rinkworks.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.rinkworks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 07 Oct 2021 13:43:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 16ms
16ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.rinkworks.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.rinkworks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 07 Oct 2021 13:43:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211005/r20110914/ Frame 58CA 10 KB
5 KB 8ms
8ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211005/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e59f39fd9be6b3737942676248d273b23f94ab60f7b7e608230d6a107dccb7ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20211005/r20110914/zrt_lookup.html?fsb=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.rinkworks.com/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUlRfrBYXTagj0STCxkHeSnmXyaZDIm63cR60Q-buGL_jJI_YUJmmS25GzAHbeg
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.rinkworks.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 06 Oct 2021 20:05:13 GMT
expires: Wed, 20 Oct 2021 20:05:13 GMT
content-type: text/html; charset=UTF-8
etag: 10398570473303663775
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4601
x-xss-protection: 0
age: 63480
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 css2
fonts.googleapis.com/ Frame 58CA 4 KB
1 KB 39ms
16ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211005/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 07 Oct 2021 12:33:02 GMT
server: ESF
date: Thu, 07 Oct 2021 13:43:13 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Thu, 07 Oct 2021 13:43:13 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 58CA 205 B
765 B 32ms
7ms Image
image/png 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211005/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 08:19:39 GMT
x-content-type-options: nosniff
age: 105814
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 06 Oct 2022 08:19:39 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 58CA 604 B
696 B 32ms
8ms Image
image/png 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211005/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:15:21 GMT
x-content-type-options: nosniff
age: 422872
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 02 Oct 2022 16:15:21 GMT

GET
H2 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211005/r20110914/elements/html/ Frame 58CA 17 KB
8 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211005/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211005/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9d4b879e7fb9539f59e30a0c8b0fe2fa020c99e58caa9a7e616d459a5e017e03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 13:31:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 715
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7627
x-xss-protection: 0
server: cafe
etag: 14532344818667626787
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Oct 2021 13:31:18 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 18D9 3 KB
653 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211005/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 07 Oct 2021 12:38:15 GMT
server: ESF
date: Thu, 07 Oct 2021 13:43:13 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Thu, 07 Oct 2021 13:43:13 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211005/r20110914/client/ Frame 18D9 1 KB
944 B 7ms
7ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211005/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211005/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6500bd4cd278cdd0e00b473891ec40860e4dde8e5a7f02ab1d2ad6e30dfb0ce4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 13:37:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 366
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 837
x-xss-protection: 0
server: cafe
etag: 7640065535275194769
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Oct 2021 13:37:07 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211005/r20110914/ Frame 18D9 18 KB
8 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211005/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211005/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2df1e67459f1d7eda2c4c5af7e07c73f911f6c898f3d061d8f3e9a32ad63fe31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 13:42:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7605
x-xss-protection: 0
server: cafe
etag: 4152153861754824712
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Oct 2021 13:42:06 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211005/r20110914/client/ Frame 18D9 3 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211005/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211005/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5120f35e394e169ac0839405dbd6e680163a4e02f060f5a6a833ebfacf35d966

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 13:41:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1344
x-xss-protection: 0
server: cafe
etag: 10107448882299530629
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Oct 2021 13:41:54 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 18D9 122 KB
38 KB 52ms
17ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211005/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb35e2fc6b44a1ba314358847a3ecffb044ac056ff0b374ec17856062cc75ee3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 13:43:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37846
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1632957210746890"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 07 Oct 2021 13:43:13 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211005/r20110914/client/ Frame 18D9 14 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211005/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211005/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85d8dd4789aef864dde1bea614b5ceec78e9d19c30cc2a14b4a358fa63df8ace

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 13:41:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 117
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6206
x-xss-protection: 0
server: cafe
etag: 15755272758842173338
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Oct 2021 13:41:16 GMT

GET
H2 200 8400539943eb1c96fa551c508d61e34e.js Show response
www.gstatic.com/mysidia/ Frame 18D9 26 KB
11 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8400539943eb1c96fa551c508d61e34e.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211005/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd1aa1b17ad107887c38eedf2e24ab209a184dfd3abdae3484d36e10d74cbbb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:07:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 192952
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11136
x-xss-protection: 0
last-modified: Wed, 29 Sep 2021 18:59:01 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Mon, 03 Jan 2022 08:07:21 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 7094 1 KB
868 B 7ms
7ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211005/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 07 Oct 2021 08:58:57 GMT
expires: Fri, 08 Oct 2021 08:58:57 GMT
content-type: text/html; charset=ISO-8859-1
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 17056
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 dpixel
cms.quantserve.com/ Frame 7094 35 B
464 B 39ms
11ms Image
image/gif 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELYqzO9K_fGxyBeUG0BiSWA&google_cver=1&google_push=AYg5qPKbrSaYnhXJFTVEqPNkDJjbOO7o0wFB-95EZuWvDx6fRSJxZgbdjye6cgtUmpugyLZiZsd5_MnSKYMliKeXDbv6xYXQcg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211005/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Oct 2021 13:43:13 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 7094 43 B
609 B 37ms
17ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEGlxsupUcfQNQC-FwQLK_XQ&google_push=AYg5qPKjgeUBDqMxXnCCcsMm6nMqlO_1Ke33rGqBWLw5pvc-FiPjr3qbWKb0mTWJcHb2S4fHZxp_6TIU3OscWcojSpoa7DBhZtA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211005/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Oct 2021 13:43:13 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7094
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEC8dVqYwVLIGUK-VPcxE13Q&google_cver=1&google_push=AYg5qPLyNNh1Cbep9DGjMn8X2lTRHTNZBokirI0PpqGCRehQAjB_S345VVrITln4Po_8naYXwWS_lhs91k8P-xLLMvIXoPhFMnc
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLyNNh1Cbep9DGjMn8X2lTRHTNZBokirI0PpqGCRehQAjB_S345VVrITln4Po_8naYXwWS_lhs91k8P-xLLMvIXoPhFMnc&google_hm=NW1uQpgPyrsz65AKkplmLQ==

170 B
188 B

17ms
17ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLyNNh1Cbep9DGjMn8X2lTRHTNZBokirI0PpqGCRehQAjB_S345VVrITln4Po_8naYXwWS_lhs91k8P-xLLMvIXoPhFMnc&google_hm=NW1uQpgPyrsz65AKkplmLQ==

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211005/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Oct 2021 13:43:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 07 Oct 2021 13:43:12 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLyNNh1Cbep9DGjMn8X2lTRHTNZBokirI0PpqGCRehQAjB_S345VVrITln4Po_8naYXwWS_lhs91k8P-xLLMvIXoPhFMnc&google_hm=NW1uQpgPyrsz65AKkplmLQ==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: au151h8k21vvhrb57be4ghf1484a5lvu

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 7094
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=DqA9xh0TS5WFl-sXj2qc4g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
243 B

18ms
18ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=DqA9xh0TS5WFl-sXj2qc4g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKPnddH4uPNhD4AcOL-VU2FTxUBrEbw1avlo3KbmXvMk653zD7dbSo6Rqs-EOLKE3MxV9muIjmWqrH76C2s7yhQYEps1wc

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211005/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Oct 2021 13:43:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=DqA9xh0TS5WFl-sXj2qc4g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKPnddH4uPNhD4AcOL-VU2FTxUBrEbw1avlo3KbmXvMk653zD7dbSo6Rqs-EOLKE3MxV9muIjmWqrH76C2s7yhQYEps1wc
date: Thu, 07 Oct 2021 13:43:13 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7094
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIJ4ZFcwR3YXMAdmNgeobnI&google_cver=1&google_push=AYg5qPI4Mx3DKSGDQWu7Yd8ECYz48_nw4SRyNRC3VJjBGn7W9t-K6pe--_ZnmIDaj6MMFvUnna_...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VHWlBOMFQtMjYtQUIwTA==&google_push=AYg5qPI4Mx3DKSGDQWu7Yd8ECYz48_nw4SRyNRC3VJjBGn7W9t-K6pe--_ZnmIDaj6MMFvUnna_YKKsGrpxYNkvAZ4fgz4rJ7-w

170 B
188 B

18ms
17ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VHWlBOMFQtMjYtQUIwTA==&google_push=AYg5qPI4Mx3DKSGDQWu7Yd8ECYz48_nw4SRyNRC3VJjBGn7W9t-K6pe--_ZnmIDaj6MMFvUnna_YKKsGrpxYNkvAZ4fgz4rJ7-w

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211005/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Oct 2021 13:43:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VHWlBOMFQtMjYtQUIwTA==&google_push=AYg5qPI4Mx3DKSGDQWu7Yd8ECYz48_nw4SRyNRC3VJjBGn7W9t-K6pe--_ZnmIDaj6MMFvUnna_YKKsGrpxYNkvAZ4fgz4rJ7-w
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 611afce88997db6fdd35eb213e662871
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame 7094
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKof5Ujz4blBxfE9EtgquLg&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YV75bzTwiWJEPHqE8PupDQAABH8AAAIB&google_push=AYg5qPKo8_YtNkb9mVral0yqzotTryMF1ufcTfMmVN9xlqZ0S8-Gae2CNxONItTGVgQwB9kGlVZ4B8-hwmnn7HU6Zy...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YV75bzTwiWJEPHqE8PupDQAABH8AAAIB&google_push=AYg5qPKo8_YtNkb9mVral0yqzotTryMF1ufcTfMmVN9xlqZ0S8-Gae2CNxONItTGVgQwB9kGlVZ4B8-hwmnn7HU6Zy...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YV75bzTwiWJEPHqE8PupDQAABH8AAAIB&google_push=AYg5qPKo8_YtNkb9mVral0yqzotTryMF1ufcTfMmVN9xlqZ0S8-Gae2CNxONItTGVgQwB9kGlVZ4B8-hwmnn7HU6Zy...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YV75bzTwiWJEPHqE8PupDQAABH8AAAIB&google_push=AYg5qPKo8_YtNkb9mVral0yqzotTryMF1ufcTfMmVN9xlqZ0S8-Gae2CNxONItTGVgQwB9kGlVZ4B8-hwmnn7HU6Zy...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YV75bzTwiWJEPHqE8PupDQAABH8AAAIB&google_push=AYg5qPKo8_YtNkb9mVral0yqzotTryMF1ufcTfMmVN9xlqZ0S8-Gae2CNxONItTGVgQwB9kGlVZ4B8-hwmnn7HU6Zy...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YV75bzTwiWJEPHqE8PupDQAABH8AAAIB&google_push=AYg5qPKo8_YtNkb9mVral0yqzotTryMF1ufcTfMmVN9xlqZ0S8-Gae2CNxONItTGVgQwB9kGlVZ4B8-hwmnn7HU6Zy...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YV75bzTwiWJEPHqE8PupDQAABH8AAAIB&google_push=AYg5qPKo8_YtNkb9mVral0yqzotTryMF1ufcTfMmVN9xlqZ0S8-Gae2CNxONItTGVgQwB9kGlVZ4B8-hwmnn7HU6Zy...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YV75bzTwiWJEPHqE8PupDQAABH8AAAIB&google_push=AYg5qPKo8_YtNkb9mVral0yqzotTryMF1ufcTfMmVN9xlqZ0S8-Gae2CNxONItTGVgQwB9kGlVZ4B8-hwmnn7HU6Zy...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YV75bzTwiWJEPHqE8PupDQAABH8AAAIB&google_push=AYg5qPKo8_YtNkb9mVral0yqzotTryMF1ufcTfMmVN9xlqZ0S8-Gae2CNxONItTGVgQwB9kGlVZ4B8-hwmnn7HU6Zy...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YV75bzTwiWJEPHqE8PupDQAABH8AAAIB&google_push=AYg5qPKo8_YtNkb9mVral0yqzotTryMF1ufcTfMmVN9xlqZ0S8-Gae2CNxONItTGVgQwB9kGlVZ4B8-hwmnn7HU6Zy...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YV75bzTwiWJEPHqE8PupDQAABH8AAAIB&google_push=AYg5qPKo8_YtNkb9mVral0yqzotTryMF1ufcTfMmVN9xlqZ0S8-Gae2CNxONItTGVgQwB9kGlVZ4B8-hwmnn7HU6Zy...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YV75bzTwiWJEPHqE8PupDQAABH8AAAIB&google_push=AYg5qPKo8_YtNkb9mVral0yqzotTryMF1ufcTfMmVN9xlqZ0S8-Gae2CNxONItTGVgQwB9kGlVZ4B8-hwmnn7HU6Zy...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YV75bzTwiWJEPHqE8PupDQAABH8AAAIB&google_push=AYg5qPKo8_YtNkb9mVral0yqzotTryMF1ufcTfMmVN9xlqZ0S8-Gae2CNxONItTGVgQwB9kGlVZ4B8-hwmnn7HU6Zy...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YV75bzTwiWJEPHqE8PupDQAABH8AAAIB&google_push=AYg5qPKo8_YtNkb9mVral0yqzotTryMF1ufcTfMmVN9xlqZ0S8-Gae2CNxONItTGVgQwB9kGlVZ4B8-hwmnn7HU6Zy...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YV75bzTwiWJEPHqE8PupDQAABH8AAAIB&google_push=AYg5qPKo8_YtNkb9mVral0yqzotTryMF1ufcTfMmVN9xlqZ0S8-Gae2CNxONItTGVgQwB9kGlVZ4B8-hwmnn7HU6Zy...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YV75bzTwiWJEPHqE8PupDQAABH8AAAIB&google_push=AYg5qPKo8_YtNkb9mVral0yqzotTryMF1ufcTfMmVN9xlqZ0S8-Gae2CNxONItTGVgQwB9kGlVZ4B8-hwmnn7HU6Zy...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YV75bzTwiWJEPHqE8PupDQAABH8AAAIB&google_push=AYg5qPKo8_YtNkb9mVral0yqzotTryMF1ufcTfMmVN9xlqZ0S8-Gae2CNxONItTGVgQwB9kGlVZ4B8-hwmnn7HU6Zy...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YV75bzTwiWJEPHqE8PupDQAABH8AAAIB&google_push=AYg5qPKo8_YtNkb9mVral0yqzotTryMF1ufcTfMmVN9xlqZ0S8-Gae2CNxONItTGVgQwB9kGlVZ4B8-hwmnn7HU6Zy...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YV75bzTwiWJEPHqE8PupDQAABH8AAAIB&google_push=AYg5qPKo8_YtNkb9mVral0yqzotTryMF1ufcTfMmVN9xlqZ0S8-Gae2CNxONItTGVgQwB9kGlVZ4B8-hwmnn7HU6Zy...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YV75bzTwiWJEPHqE8PupDQAABH8AAAIB&google_push=AYg5qPKo8_YtNkb9mVral0yqzotTryMF1ufcTfMmVN9xlqZ0S8-Gae2CNxONItTGVgQwB9kGlVZ4B8-hwmnn7HU6Zy...

0
0

GET
H2 200 trk
ag.innovid.com/ Frame 7094 43 B
297 B 405ms
96ms Image
image/gif 2600:1f18:445b:901:5dde:90cc:842c:e1f
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEOaJs8png3YyLFB20SKT25M&google_cver=1&google_push=AYg5qPL33PdoHqPInUikytCN_4WEbW34fzRw2NbXtyitC-aK0AlMcjaCIS5QGcdAvO1-0C_Tvuk7G_UM16F8PkpcFLhUlyl-aw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211005/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:445b:901:5dde:90cc:842c:e1f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Oct 2021 13:43:13 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 1
expires: -1

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 7094 0
50 B 16ms
15ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LDQXnao8rHl9rgWCe_gw00yJShN_vKbXadDdMlHbevUp8y6lEpCzENyUBuKeWW6h_VN9D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211005/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 13:43:13 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 redir.html Show response
p4-eg5aqklr6p6l2-vyvq4xizfo45opni-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 1D06 247 B
979 B 73ms
17ms Document
text/html 142.250.186.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-eg5aqklr6p6l2-vyvq4xizfo45opni-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211005/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

sffe /

Resource Hash

4ce868fba539e73043e53a8ad1ae908321b5cee08fca25f3901c7c8e8e910c3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: p4-eg5aqklr6p6l2-vyvq4xizfo45opni-if-v6exp3-v4.metric.gstatic.com
:scheme: https
:path: /v6exp3/redir.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
content-security-policy-report-only: script-src 'nonce-DqjxtsTLKKKtOUOpWNvFtQ' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 200
date: Thu, 07 Oct 2021 13:43:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
last-modified: Mon, 02 Dec 2019 20:15:00 GMT
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 iframe.html Show response
p4-eg5aqklr6p6l2-vyvq4xizfo45opni-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 1D06 4 KB
2 KB 31ms
16ms Document
text/html 142.250.186.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-eg5aqklr6p6l2-vyvq4xizfo45opni-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html

Requested by

Host: p4-eg5aqklr6p6l2-vyvq4xizfo45opni-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-eg5aqklr6p6l2-vyvq4xizfo45opni-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

sffe /

Resource Hash

e67c1d29576c6599364dacd1929252c1fa9dec2ec5a01f6eb4cd72e1869bef5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: p4-eg5aqklr6p6l2-vyvq4xizfo45opni-if-v6exp3-v4.metric.gstatic.com
:scheme: https
:path: /v6exp3/iframe.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://p4-eg5aqklr6p6l2-vyvq4xizfo45opni-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://p4-eg5aqklr6p6l2-vyvq4xizfo45opni-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
content-security-policy-report-only: script-src 'nonce-x6g2XKx7ZzzXy2PoaaHYTQ' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1863
date: Thu, 07 Oct 2021 13:43:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
last-modified: Thu, 29 Apr 2021 21:38:00 GMT
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 6hT0VtOiLu9-LOvcCmXY2zCEL5ayT6jMkvIn30Y9geQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 2064 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6hT0VtOiLu9-LOvcCmXY2zCEL5ayT6jMkvIn30Y9geQ.js

Requested by

Host: www.rinkworks.com
URL: http://www.rinkworks.com/brainfood/c/logi.shtml

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea14f456d3a22eef7e2cebdc0a65d8db30842f96b24fa8cc92f227df463d81e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 13:12:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1857
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13445
x-xss-protection: 0
last-modified: Mon, 04 Oct 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Fri, 07 Oct 2022 13:12:16 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YV75bzTwiWJEPHqE8PupDQAABH8AAAIB&google_push=AYg5qPKo8_YtNkb9mVral0yqzotTryMF1ufcTfMmVN9xlqZ0S8-Gae2CNxONItTGVgQwB9kGlVZ4B8-hwmnn7HU6Zyoz0Abrf1A&google_gid=CAESEKof5Ujz4blBxfE9EtgquLg&google_cver=1

Verdicts & Comments Add Verdict or Comment

246 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

31 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.rinkworks.com/	1970-01-20 07:08:30	Name: __gads Value: ID=cea0a363a96f4906-2228263ee8ca006b:T=1633614191:RT=1633614191:S=ALNI_MYaw9BzM-dV1C3apZv0SgEUtTVWAQ
.openx.net/	1970-01-20 06:32:30	Name: i Value: 3997db27-980e-4c62-8f49-145525a76f6a\|1633614191
.casalemedia.com/	1970-01-20 06:32:30	Name: CMID Value: YV75bzTwiWJEPHqE8PupDQAA
.casalemedia.com/	1970-01-19 23:56:30	Name: CMPS Value: 5206
.advertising.com/	1970-01-20 06:33:56	Name: APID Value: UP8359c292-2774-11ec-83da-02a5fb3287ae
.casalemedia.com/	1970-01-19 23:56:30	Name: CMPRO Value: 1151
.casalemedia.com/	1970-01-20 06:32:30	Name: CMRUM3 Value: 83615ef96f276018072662307738034791
.yahoo.com/	1970-01-20 06:32:51	Name: A3 Value: d=AQABBG_5XmECEHSpbKdKmj-Uc0OCmgNVDwgFEgEBAQFKYGFoYQAAAAAA_eMAAA&S=AQAAAgs55r4aczYukUaQE-t59fA
.analytics.yahoo.com/	1970-01-20 06:33:56	Name: IDSYNC Value: 18gs~20tp
.yahoo.com/	1970-01-19 23:49:55	Name: APID Value: UP8359c292-2774-11ec-83da-02a5fb3287ae
.yahoo.com/	1970-01-19 21:48:20	Name: APIDTS Value: 1633614191
.doubleclick.net/	1970-01-20 07:08:30	Name: IDE Value: AHWqTUlRfrBYXTagj0STCxkHeSnmXyaZDIm63cR60Q-buGL_jJI_YUJmmS25GzAHbeg
.agkn.com/	1970-01-20 06:32:30	Name: ab Value: 0001%3AawBp%2F%2FH46a6%2B1A%2BeCDHt5%2BCn0oMDKy%2F%2B
.demdex.net/	1970-01-20 02:06:06	Name: demdex Value: 89202911527399109383820841340399940051
.dpm.demdex.net/	1970-01-20 02:06:06	Name: dpm Value: 89202911527399109383820841340399940051
.krxd.net/	1970-01-20 02:06:06	Name: _kuid_ Value: OaB64ja4
.pubmatic.com/	1970-01-19 21:48:20	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-19 23:56:30	Name: KADUSERCOOKIE Value: 0EA03DC6-1D13-4B95-8597-EB178F6A9CE2
.spotxchange.com/	1970-01-20 06:32:34	Name: audience Value: 83c6d5c7-2774-11ec-8b86-1384e0ef0406
.pubmatic.com/	1970-01-19 22:30:06	Name: KRTBCOOKIE_1051 Value: 22884-18072662307738034791
.pubmatic.com/	1970-01-19 22:30:06	Name: PugT Value: 1633614192
.pubmatic.com/	1970-01-19 23:56:30	Name: PUBMDCID Value: 3
.dmxleo.com/	1970-01-20 04:58:54	Name: dmxId Value: 21FCAB549DF181000BHUUBOTEFZQUBRQR
.tribalfusion.com/	1970-01-19 23:56:30	Name: ANON_ID Value: amnwYSy4ZawEBA9MAJW7hSZaP17s5xNA9x7DPW98QambmIvEXuxqsSIZa0Ax7RQyFhZa4Oatl6ZdGfAnMq2hsDC8kg98Zc7kraUHZaUZbUYloGYWq3AZcaAR86MYk3njI0CiP
.mookie1.com/	1970-01-20 07:15:42	Name: id Value: 10813213075337287255
.mookie1.com/	1970-01-20 07:15:42	Name: mdata Value: 1\|10813213075337287255\|1633614193632
.mookie1.com/	1970-01-20 07:15:42	Name: ov Value: 44cc655aec1b8d470e89028c5a8b741a
.quantserve.com/	1970-01-19 23:56:30	Name: d Value: EAoBCQG2JIEA
.quantserve.com/	1970-01-20 07:17:08	Name: mc Value: 615ef971-9b677-bba0b-5e8a7
.casalemedia.com/	1970-01-19 21:48:20	Name: CMST Value: YV75b2Fe+XEA
.innovid.com/	1970-01-19 23:56:30	Name: uuid Value: a2f9d3c3-4469-450f-9ddd-1cbb55ff8c31-20211007 09:43:13

25 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: http://tags.expo9.exponential.com/tags/RinkWorks/ROS/tags.js(Line 826) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://a.tribalfusion.com/displayAd.js?dver=0.9&th=7822345132, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://tags.expo9.exponential.com/tags/RinkWorks/ROS/tags.js(Line 826) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://a.tribalfusion.com/displayAd.js?dver=0.9&th=7822345132, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://tags.expo9.exponential.com/tags/RinkWorks/ROS/tags.js(Line 1693) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://a.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=7822345132&tagKey=2630619931&site=rinkworks&adSpace=ros&center=1&size=728x90,468x60&env=display&url=http%3A%2F%2Fwww.rinkworks.com%2Fbrainfood%2Fc%2Flogi.shtml&f=0&p=14113205&tKey=ammneM5Tj1nErDYrZbbTH7UyprwSdEWme&a=1&adContainerId=richmedia_2&rnd=14117484, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://tags.expo9.exponential.com/tags/RinkWorks/ROS/tags.js(Line 1693) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://a.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=7822345132&tagKey=2630619931&site=rinkworks&adSpace=ros&center=1&size=728x90,468x60&env=display&url=http%3A%2F%2Fwww.rinkworks.com%2Fbrainfood%2Fc%2Flogi.shtml&f=0&p=14113205&tKey=ammneM5Tj1nErDYrZbbTH7UyprwSdEWme&a=1&adContainerId=richmedia_2&rnd=14117484, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://a.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=7822345132&tagKey=2630619931&site=rinkworks&adSpace=ros&center=1&size=728x90,468x60&env=display&url=http%3A%2F%2Fwww.rinkworks.com%2Fbrainfood%2Fc%2Flogi.shtml&f=0&p=14113205&tKey=ammneM5Tj1nErDYrZbbTH7UyprwSdEWme&a=1&adContainerId=richmedia_2&rnd=14117484 Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.doubleverify.com/dvbs_src.js?ctx=3758893&cmp=26291800&plc=311302239&sid=5745037&dvregion=0&unit=728x90, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://a.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=7822345132&tagKey=2630619931&site=rinkworks&adSpace=ros&center=1&size=728x90,468x60&env=display&url=http%3A%2F%2Fwww.rinkworks.com%2Fbrainfood%2Fc%2Flogi.shtml&f=0&p=14113205&tKey=ammneM5Tj1nErDYrZbbTH7UyprwSdEWme&a=1&adContainerId=richmedia_2&rnd=14117484 Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.doubleverify.com/dvbs_src.js?ctx=3758893&cmp=26291800&plc=311302239&sid=5745037&dvregion=0&unit=728x90, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=3758893&cmp=26291800&plc=311302239&sid=5745037&dvregion=0&unit=728x90(Line 3) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.doubleverify.com/dvbs_src_internal99.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=3758893&cmp=26291800&plc=311302239&sid=5745037&dvregion=0&unit=728x90(Line 3) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.doubleverify.com/dvbs_src_internal99.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://cdn.doubleverify.com/dvbs_src_internal99.js(Line 306) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://rtb0.doubleverify.com/verify.js?jsCallback=__verify_callback_232017382193&jsTagObjCallback=__tagObject_callback_232017382193&num=6&ctx=3758893&cmp=26291800&plc=311302239&sid=5745037&advid=&adsrv=&unit=728x90&isdvvid=&uid=232017382193&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&brid=3&brver=93&bridua=3&dup=null&chro=1&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&srcurlD=0&ssl=0&refD=0&htmlmsging=1&m1=13&noc=4&fcifrms=1&brh=2&fwc=0&flt=21&fec=22&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=147&eparams=DC4FC%3Dl9EEATbpTauTauHHH%5DC%3A%3F%3CH%40C%3CD%5D4%40%3ETau3C2%3A%3F7%40%405Tau4Tau%3D%408%3A%5DD9E%3E%3D&dvp_exetime=10.80&callbackName=__verify_callback_232017382193, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://cdn.doubleverify.com/dvbs_src_internal99.js(Line 306) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://rtb0.doubleverify.com/verify.js?jsCallback=__verify_callback_232017382193&jsTagObjCallback=__tagObject_callback_232017382193&num=6&ctx=3758893&cmp=26291800&plc=311302239&sid=5745037&advid=&adsrv=&unit=728x90&isdvvid=&uid=232017382193&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&brid=3&brver=93&bridua=3&dup=null&chro=1&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&srcurlD=0&ssl=0&refD=0&htmlmsging=1&m1=13&noc=4&fcifrms=1&brh=2&fwc=0&flt=21&fec=22&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=147&eparams=DC4FC%3Dl9EEATbpTauTauHHH%5DC%3A%3F%3CH%40C%3CD%5D4%40%3ETau3C2%3A%3F7%40%405Tau4Tau%3D%408%3A%5DD9E%3E%3D&dvp_exetime=10.80&callbackName=__verify_callback_232017382193, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://cdn.doubleverify.com/dvbs_src_internal99.js(Line 829) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://tags.expo9.exponential.com/tags/ContentVerification/AdVerificationBackup_DV/tags.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://cdn.doubleverify.com/dvbs_src_internal99.js(Line 829) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://tags.expo9.exponential.com/tags/ContentVerification/AdVerificationBackup_DV/tags.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://tags.expo9.exponential.com/tags/RinkWorks/ROS/tags.js(Line 1693) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://a.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=7822345132&tagKey=2630619931&site=contentverification&adSpace=adverificationbackup_dv&center=1&size=728x90&env=display&url=http%3A%2F%2Fwww.rinkworks.com%2Fbrainfood%2Fc%2Flogi.shtml&f=0&p=14113205&tKey=ammneM5Tj1nErDYrZbbTH7UyprwSdEWme&a=3&adContainerId=richmedia_4&rnd=14119225, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://tags.expo9.exponential.com/tags/RinkWorks/ROS/tags.js(Line 1693) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://a.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=7822345132&tagKey=2630619931&site=contentverification&adSpace=adverificationbackup_dv&center=1&size=728x90&env=display&url=http%3A%2F%2Fwww.rinkworks.com%2Fbrainfood%2Fc%2Flogi.shtml&f=0&p=14113205&tKey=ammneM5Tj1nErDYrZbbTH7UyprwSdEWme&a=3&adContainerId=richmedia_4&rnd=14119225, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://cdn.fastclick.net/js/adcodes/pubcode.min.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://direct.ad.cpe.dotomi.com/w/get.media?sid=24526&m=6&tp=8&d=j&t=n&vcm_acv=1.1&version=1.12&c=0.6748326228555404&vcm_ifr=0&vcm_xy=1282..407&vcm_vv=true&vcm_vm=false&vcm_pr=http%3A//www.rinkworks.com/brainfood/c/logi.shtml&vcm_tr=&vcm_cr=&mo=0, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://cdn.fastclick.net/js/adcodes/pubcode.min.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://direct.ad.cpe.dotomi.com/w/get.media?sid=24526&m=6&tp=8&d=j&t=n&vcm_acv=1.1&version=1.12&c=0.6748326228555404&vcm_ifr=0&vcm_xy=1282..407&vcm_vv=true&vcm_vm=false&vcm_pr=http%3A//www.rinkworks.com/brainfood/c/logi.shtml&vcm_tr=&vcm_cr=&mo=0, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://tags.expo9.exponential.com/tags/RinkWorks/ROS/tags.js(Line 1693) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://a.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=7822345132&tagKey=2630619931&site=rinkworks&adSpace=ros&center=1&size=300x250&env=display&url=http%3A%2F%2Fwww.rinkworks.com%2Fbrainfood%2Fc%2Flogi.shtml&f=0&p=14113205&tKey=ammneM5Tj1nErDYrZbbTH7UyprwSdEWme&a=5&adContainerId=richmedia_6&rnd=14115771, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://tags.expo9.exponential.com/tags/RinkWorks/ROS/tags.js(Line 1693) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://a.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=7822345132&tagKey=2630619931&site=rinkworks&adSpace=ros&center=1&size=300x250&env=display&url=http%3A%2F%2Fwww.rinkworks.com%2Fbrainfood%2Fc%2Flogi.shtml&f=0&p=14113205&tKey=ammneM5Tj1nErDYrZbbTH7UyprwSdEWme&a=5&adContainerId=richmedia_6&rnd=14115771, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://a.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=7822345132&tagKey=2630619931&site=rinkworks&adSpace=ros&center=1&size=300x250&env=display&url=http%3A%2F%2Fwww.rinkworks.com%2Fbrainfood%2Fc%2Flogi.shtml&f=0&p=14113205&tKey=ammneM5Tj1nErDYrZbbTH7UyprwSdEWme&a=5&adContainerId=richmedia_6&rnd=14115771 Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.doubleverify.com/dvbs_src.js?ctx=3758893&cmp=26199431&plc=309961231&sid=6596925&dvregion=0&unit=300x250, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://a.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=7822345132&tagKey=2630619931&site=rinkworks&adSpace=ros&center=1&size=300x250&env=display&url=http%3A%2F%2Fwww.rinkworks.com%2Fbrainfood%2Fc%2Flogi.shtml&f=0&p=14113205&tKey=ammneM5Tj1nErDYrZbbTH7UyprwSdEWme&a=5&adContainerId=richmedia_6&rnd=14115771 Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.doubleverify.com/dvbs_src.js?ctx=3758893&cmp=26199431&plc=309961231&sid=6596925&dvregion=0&unit=300x250, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=3758893&cmp=26199431&plc=309961231&sid=6596925&dvregion=0&unit=300x250(Line 3) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.doubleverify.com/dvbs_src_internal99.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=3758893&cmp=26199431&plc=309961231&sid=6596925&dvregion=0&unit=300x250(Line 3) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.doubleverify.com/dvbs_src_internal99.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://cdn.doubleverify.com/dvbs_src_internal99.js(Line 306) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://rtb0.doubleverify.com/verify.js?jsCallback=__verify_callback_548455462985&jsTagObjCallback=__tagObject_callback_548455462985&num=6&ctx=3758893&cmp=26199431&plc=309961231&sid=6596925&advid=&adsrv=&unit=300x250&isdvvid=&uid=548455462985&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&brid=3&brver=93&bridua=3&dup=null&chro=1&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&srcurlD=0&ssl=0&refD=0&htmlmsging=1&m1=13&noc=4&fcifrms=14&brh=2&fwc=0&fcl=107&flt=21&fec=181&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=147&eparams=DC4FC%3Dl9EEATbpTauTauHHH%5DC%3A%3F%3CH%40C%3CD%5D4%40%3ETau3C2%3A%3F7%40%405Tau4Tau%3D%408%3A%5DD9E%3E%3D&dvp_exetime=10.80&callbackName=__verify_callback_548455462985, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://cdn.doubleverify.com/dvbs_src_internal99.js(Line 306) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://rtb0.doubleverify.com/verify.js?jsCallback=__verify_callback_548455462985&jsTagObjCallback=__tagObject_callback_548455462985&num=6&ctx=3758893&cmp=26199431&plc=309961231&sid=6596925&advid=&adsrv=&unit=300x250&isdvvid=&uid=548455462985&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&brid=3&brver=93&bridua=3&dup=null&chro=1&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&srcurlD=0&ssl=0&refD=0&htmlmsging=1&m1=13&noc=4&fcifrms=14&brh=2&fwc=0&fcl=107&flt=21&fec=181&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=147&eparams=DC4FC%3Dl9EEATbpTauTauHHH%5DC%3A%3F%3CH%40C%3CD%5D4%40%3ETau3C2%3A%3F7%40%405Tau4Tau%3D%408%3A%5DD9E%3E%3D&dvp_exetime=10.80&callbackName=__verify_callback_548455462985, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YV75bzTwiWJEPHqE8PupDQAABH8AAAIB&google_push=AYg5qPKo8_YtNkb9mVral0yqzotTryMF1ufcTfMmVN9xlqZ0S8-Gae2CNxONItTGVgQwB9kGlVZ4B8-hwmnn7HU6Zyoz0Abrf1A&google_gid=CAESEKof5Ujz4blBxfE9EtgquLg&google_cver=1 Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
aa.agkn.com
ads.dotomi.com
ads.yahoo.com
adservice.google.com
adservice.google.de
ag.innovid.com
beacon.krxd.net
cdn.doubleverify.com
cdn.fastclick.net
cdn3.doubleverify.com
cdnx.tribalfusion.com
cm.g.doubleclick.net
cms.quantserve.com
direct.ad.cpe.dotomi.com
dpm.demdex.net
dsum-sec.casalemedia.com
fonts.googleapis.com
googleads.g.doubleclick.net
image6.pubmatic.com
odr.mookie1.com
p4-eg5aqklr6p6l2-vyvq4xizfo45opni-if-v6exp3-v4.metric.gstatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.advertising.com
pixel.rubiconproject.com
public-prod-dspcookiematching.dmxleo.com
rtb.openx.net
rtb0.doubleverify.com
s.tribalfusion.com
simage2.pubmatic.com
static.cloudflareinsights.com
sync.search.spotxchange.com
tags.bluekai.com
tags.expo9.exponential.com
tpc.googlesyndication.com
tps20524.doubleverify.com
tps20525.doubleverify.com
ups.analytics.yahoo.com
us-u.openx.net
www.google.com
www.googletagservices.com
www.gstatic.com
www.rinkworks.com
cm.g.doubleclick.net
104.111.215.191
142.250.184.226
142.250.186.163
172.217.16.130
185.64.189.115
185.64.190.80
185.94.180.125
188.65.124.38
2.16.186.112
2.21.141.232
213.254.244.17
2600:1f18:445b:901:5dde:90cc:842c:e1f
2606:4700::6810:5e41
2606:4700::6812:517
2606:4700::6812:c05
2606:4700::6812:d05
2620:116:800d:21:f916:5049:f87f:108e
2a00:1288:80:800::7000
2a00:1450:4001:800::200a
2a00:1450:4001:808::2002
2a00:1450:4001:808::2004
2a00:1450:4001:80e::2003
2a00:1450:4001:811::2001
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a02:26f0:fe00:48c::4469
2a02:26f0:fe00:4a5::4469
2a02:fa8:8806:12::1400
2a02:fa8:8806:13::1460
3.126.56.137
34.255.169.92
34.98.64.218
34.98.67.61
35.176.195.187
35.186.253.211
50.116.23.195
52.19.186.105
52.59.77.57
69.173.144.138
077652eca3bfdda0282d07f406c24283fc26baee59c9bf9e99c6b7bb045f4891
09052d858b92b95d2609cecee50dcbe39561e1a37632cc44ccfba57ea61a2fd9
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0edbf61cafea63fbb6ffb84a6478b6da11c5d114cf31fb78b91fba5743c59c61
158edd2a7562d2b16eadda8fb990eb8d20e53837dd1abdfd2c890fcc0980ede0
1e9051fc3da4d4338365016172225cc3456c954557693f0fe8e8a9dbec7d74f4
1fdf4fe72c5a7193c96b1c918d20c990ed6afb1f631586e8d9326570fca9b6bd
211c99f43ef93e68c327dcbe3b04118a19dde26b69c99784f061d37d65b5d971
26fd2ddd45d1827edb37595acbb8e0c587206048c245a9f5f32418d3d8c00611
29c68c2bfedd788aa12170e21a7299910122b67df280d9c12820a8f79e9daaa1
2df1e67459f1d7eda2c4c5af7e07c73f911f6c898f3d061d8f3e9a32ad63fe31
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
33ab834e22bc5d5f8b5831f340c054334f5418ff66922dec0fe3f9ccb8443fab
373015d4e34dbf73ecb406228a102a191bf689ab1531ad0afa629e97b6a4a7bd
42977b3f1bf3b11d34a40c50c095d65b3ba8631ef4ebb37b950ccd9c401d2181
471c6845b9b92e9ade5a83127d1a693fa80a74655cdbe4e4d820fa77de860213
4ce868fba539e73043e53a8ad1ae908321b5cee08fca25f3901c7c8e8e910c3d
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
50c0e3de1240eaf0867b34fdb9ee12e7563d11535f53e2b094473ff3ff8e3b16
5120f35e394e169ac0839405dbd6e680163a4e02f060f5a6a833ebfacf35d966
518cc593cea01e7517d74f0e32180770b94f590dc8acafa967189a9ec3dc3cef
55e0d9358cb60205eff06d2ce1215f07b5945abd16d4fda876519421c850ca46
5bccbbf39f46905558190fd7f8e6aaf9686bd32fef7f243b01f019d1bc95a3ec
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
6318c8c91755c560ee5af2aaa0143893d7f750a1727f5fb14c5091523aba85ff
6500bd4cd278cdd0e00b473891ec40860e4dde8e5a7f02ab1d2ad6e30dfb0ce4
6b764ea77ba389516596888847e0fdb73dba3cdaff3b485d5f9b11b641965855
7594a9ae892fe5bd554d9d803b00d5f52c696fe23f2fb67f620ef03386c2e8db
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416
85d8dd4789aef864dde1bea614b5ceec78e9d19c30cc2a14b4a358fa63df8ace
86be5d6a3d661fd3d5d72f254a347dec5c66cad569117f51dad297acba02f558
8aa1e7fc7fb301e1df391599cfc07e9500433edb80fded671e95897decd9b003
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9d4b879e7fb9539f59e30a0c8b0fe2fa020c99e58caa9a7e616d459a5e017e03
9e71e564bc9c63b3b2a83d63674bb853eb7ce0452af795ab8ae654a19c70b0a6
9ef236eb25a31efd2630a9df3a26c376d3e40caa488752360024d55967365b11
9f4a0e692e939562d9722d37f761ba37ceb5ca43e2e7f3472ef590f759a7dfd6
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4aba62b02da764bf5d80948a7d6082fc8c63d2354e5cbda7ccb5072d80b0cb2
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
acd89c8dd5cc9cf47ee574302ec883993c33d419da8840ddb05763b857f1f09f
aeb4e91ace2fa32384064caa3eb3d1355e938bbb7d0a86b0b5280ee649d24544
b0962ee1e9702df5152dbbf348470954f1547d7b7836c014e0732ea0b70d7bc1
b0aaeb583dee0957016d4389f3a69dff9d2245e544f40ee39a2c97e46a5a45e4
b30a3810492a43368d57705e8feaf2b880f4c0b2a923c8e7159175801cefb0f8
b4a696f13df4efed4618edf2536722657ea5cbe8064eee91c2f47c8b4e37f8c1
b7397d559179d9fad6be17806c2c70ab42f4eaf452b06445e5cee28a245aad6a
be7463b338430ef2b5b11c2f9155479f1f67b0209802436402b5921e1aa83923
cd1aa1b17ad107887c38eedf2e24ab209a184dfd3abdae3484d36e10d74cbbb2
d03755898b05a3d69377bf7da16ccb307e789a0f569b4dbbcb7b29bdecf967c5
d099d1fec025d8af7d71db732c1b29e203ff4ee6525c0c71c1194cac60957bfa
d4a734d6dbdfc354949ce2f9d9c960583e49097857c04f5144691f4f8c7ef5aa
d4c1cbd4d7e144b97150e19ada57aa51925c2fafa21ea669804da74d2101fd5a
d64fbf9622c2c2ac1f3c95e3c56d062a2ae2d2604af7ca7a6e70d00f5f66e059
d87b74c1c928e3a25011b9a9a00168f2c11c69881625598be3664fbd6e2fde87
dc8a6d207206dd154c14909a114ac96def42b913a4635648a9bf9ff35be125f1
df493d4e66a0bb2be94fb8a3b0ee851f28763f848432e4017dda98f32ff49bae
df98aaf7444a19538c3d6cd3de279510848752986080c3749f28b8a2138c857a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4c7c01c5ce917bd8f45e242b7792dc23e1af72b991096da70ee20f7c86f790d
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e59f39fd9be6b3737942676248d273b23f94ab60f7b7e608230d6a107dccb7ac
e67c1d29576c6599364dacd1929252c1fa9dec2ec5a01f6eb4cd72e1869bef5f
ea14f456d3a22eef7e2cebdc0a65d8db30842f96b24fa8cc92f227df463d81e4
eb35e2fc6b44a1ba314358847a3ecffb044ac056ff0b374ec17856062cc75ee3
f09d088f55bf8e2591db8bee173993f1ea083dd9a84d48559ae422daf2885fc5
f4a388a3234ae316bd3680065bda88e40313acea24aca92b566678614c31bc38
ff087dab72b63c6e2dbd8c3c061a26480a9f8090be851e849183e77afdc99a42

www.rinkworks.com Open in urlscan Pro 50.116.23.195 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

131 Requests

62 %HTTPS

49 %IPv6

30 Domains

44 Subdomains

32 IPs

7 Countries

697 kBTransfer

1682 kBSize

31 Cookies

2 Outgoing links

Redirected requests

131 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.rinkworks.com Open in urlscan Pro
50.116.23.195 Public Scan

Screenshot
Live screenshot

Full Image

131
Requests

62 %
HTTPS

49 %
IPv6

30
Domains

44
Subdomains

32
IPs

7
Countries

697 kB
Transfer

1682 kB
Size

31
Cookies

131 HTTP transactions
1 data transactions