urlscan.io logo urlscan.io
SecurityTrails logo

controlc.com Open in urlscan Pro
188.114.97.3  Public Scan

Go To Rescan Add Verdict Report
URL: http://controlc.com/c867d83d
Submission: On November 17 via manual from CN — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 106 IPs in 12 countries across 103 domains to perform 362 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is controlc.com. The Cisco Umbrella rank of the primary domain is 520585.
This is the only time controlc.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 25 188.114.97.3 13335 (CLOUDFLAR...)
9 104.18.21.206 13335 (CLOUDFLAR...)
1 142.250.186.72 15169 (GOOGLE)
13 34.160.152.31 396982 (GOOGLE-CL...)
5 34.110.189.112 396982 (GOOGLE-CL...)
1 216.239.34.36 15169 (GOOGLE)
1 74.125.206.156 15169 (GOOGLE)
1 172.217.16.131 15169 (GOOGLE)
1 18.66.112.44 16509 (AMAZON-02)
2 34.111.152.239 396982 (GOOGLE-CL...)
8 216.58.206.34 15169 (GOOGLE)
1 172.64.144.166 13335 (CLOUDFLAR...)
1 1 172.67.74.207 13335 (CLOUDFLAR...)
1 172.67.41.60 13335 (CLOUDFLAR...)
1 104.18.43.90 13335 (CLOUDFLAR...)
2 178.250.1.11 44788 (ASN-CRITE...)
1 172.67.36.110 13335 (CLOUDFLAR...)
4 172.67.23.234 13335 (CLOUDFLAR...)
8 3.33.220.150 16509 (AMAZON-02)
5 7 91.228.74.159 16509 (AMAZON-02)
28 142.250.186.162 15169 (GOOGLE)
3 142.250.184.225 15169 (GOOGLE)
9 34.107.140.113 396982 (GOOGLE-CL...)
3 9 185.89.210.122 29990 (ASN-APPNEX)
2 3.67.63.57 16509 (AMAZON-02)
2 213.19.162.43 26667 (RUBICONPR...)
2 185.64.189.112 62713 (AS-PUBMATIC)
1 4 35.186.253.211 15169 (GOOGLE)
6 54.74.177.179 16509 (AMAZON-02)
3 130.211.23.194 396982 (GOOGLE-CL...)
2 104.26.2.70 13335 (CLOUDFLAR...)
2 142.250.186.102 15169 (GOOGLE)
2 2 63.251.14.3 14744 (INTERNAP-...)
1 11 216.52.2.30 32475 (SINGLEHOP...)
14 216.58.206.33 15169 (GOOGLE)
2 216.58.212.170 15169 (GOOGLE)
3 184.30.17.67 16625 (AKAMAI-AS)
4 172.217.16.130 15169 (GOOGLE)
1 2 18.66.97.81 16509 (AMAZON-02)
1 213.227.153.223 60781 (LEASEWEB-...)
1 104.22.4.69 13335 (CLOUDFLAR...)
2 142.250.185.228 15169 (GOOGLE)
1 1 184.30.24.22 16625 (AKAMAI-AS)
8 9 69.173.144.165 26667 (RUBICONPR...)
1 2 82.145.213.8 39832 (NO-OPERA)
3 3 185.184.8.90 204995 (RTB-HOUSE...)
2 6 52.94.222.140 16509 (AMAZON-02)
18 32 142.250.185.226 15169 (GOOGLE)
3 3 3.65.116.7 16509 (AMAZON-02)
1 1 8.43.72.97 26667 (RUBICONPR...)
3 3 208.93.169.131 46244 (WEBMD-IDC...)
3 184.30.16.195 16625 (AKAMAI-AS)
3 185.64.190.78 62713 (AS-PUBMATIC)
4 11 13.248.245.213 16509 (AMAZON-02)
4 142.250.186.66 15169 (GOOGLE)
9 11 18.195.61.190 16509 (AMAZON-02)
1 18.192.135.64 16509 (AMAZON-02)
1 178.250.1.39 44788 (ASN-CRITE...)
1 16.171.99.149 16509 (AMAZON-02)
1 185.29.132.245 30419 (MEDIAMATH...)
2 178.250.1.9 44788 (ASN-CRITE...)
9 185.64.191.210 62713 (AS-PUBMATIC)
1 12 198.47.127.205 62713 (AS-PUBMATIC)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
2 2 54.165.29.149 14618 (AMAZON-AES)
7 7 52.18.217.211 16509 (AMAZON-02)
1 1 185.86.138.146 201081 (SMARTADSE...)
1 1 35.214.189.64 15169 (GOOGLE)
2 3 151.101.2.49 54113 (FASTLY)
2 72.251.241.206 32475 (SINGLEHOP...)
1 1 64.202.112.223 22075 (AS-OUTBRAIN)
3 3 193.0.160.131 54312 (ROCKETFUEL)
2 2 213.155.156.167 1299 (TWELVE99 ...)
1 35.186.193.173 15169 (GOOGLE)
1 195.5.165.20 44968 (IPROM-AS)
3 4 34.250.99.225 16509 (AMAZON-02)
1 2 34.111.129.221 396982 (GOOGLE-CL...)
3 4 52.50.95.14 16509 (AMAZON-02)
5 6 37.157.2.229 198622 (ADFORM)
1 2 35.204.74.118 396982 (GOOGLE-CL...)
4 4 3.75.62.37 16509 (AMAZON-02)
1 4 198.47.127.20 3257 (GTT-BACKB...)
2 5 52.19.114.225 16509 (AMAZON-02)
2 2 98.98.134.243 21859 (ZEN-ECN)
6 6 89.207.16.140 41041 (VCLK-EU-SE)
2 2 46.228.164.11 56396 (AMOBEE)
1 1 188.166.17.21 14061 (DIGITALOC...)
2 13.107.42.14 8068 (MICROSOFT...)
2 2 35.158.43.241 16509 (AMAZON-02)
2 2 172.64.151.101 13335 (CLOUDFLAR...)
3 10 104.18.36.155 13335 (CLOUDFLAR...)
1 1 193.135.9.127 48314 (IP-PROJECTS)
1 1 193.135.9.135 48314 (IP-PROJECTS)
13 172.217.18.6 15169 (GOOGLE)
3 88.99.219.174 24940 (HETZNER-AS)
3 3 54.164.160.224 14618 (AMAZON-AES)
1 1 46.228.164.13 56396 (AMOBEE)
2 2 13.32.27.28 16509 (AMAZON-02)
2 3 35.244.174.68 396982 (GOOGLE-CL...)
1 1 34.96.71.22 396982 (GOOGLE-CL...)
1 151.101.129.108 54113 (FASTLY)
1 13 35.244.159.8 15169 (GOOGLE)
2 95.101.149.233 16625 (AKAMAI-AS)
2 2 185.64.190.79 62713 (AS-PUBMATIC)
1 34.102.253.54 396982 (GOOGLE-CL...)
1 5 138.201.63.150 24940 (HETZNER-AS)
2 3.65.142.57 16509 (AMAZON-02)
2 142.250.181.226 15169 (GOOGLE)
2 2 35.210.53.219 19527 (GOOGLE-2)
1 13.32.27.108 16509 (AMAZON-02)
2 3 23.56.205.163 16625 (AKAMAI-AS)
1 104.18.186.224 13335 (CLOUDFLAR...)
1 35.157.49.61 16509 (AMAZON-02)
1 34.96.105.8 396982 (GOOGLE-CL...)
1 1 35.190.0.66 15169 (GOOGLE)
1 1 154.59.122.79 174 (COGENT-174)
1 1 89.149.192.197 60781 (LEASEWEB-...)
1 1 35.208.249.213 19527 (GOOGLE-2)
1 3 108.138.1.25 16509 (AMAZON-02)
7 10 69.173.144.139 26667 (RUBICONPR...)
2 209.54.182.161 16509 (AMAZON-02)
1 23.48.23.8 20940 (AKAMAI-ASN1)
1 2 34.111.113.62 396982 (GOOGLE-CL...)
1 2 172.64.146.152 13335 (CLOUDFLAR...)
1 2 104.18.24.173 13335 (CLOUDFLAR...)
1 1 141.94.242.204 16276 (OVH)
2 2 146.59.148.16 16276 (OVH)
1 162.55.120.196 24940 (HETZNER-AS)
1 52.49.140.195 16509 (AMAZON-02)
4 4 46.228.174.117 56396 (AMOBEE)
1 104.22.24.87 13335 (CLOUDFLAR...)
1 2 77.243.51.121 42697 (NETIC-AS)
4 4 141.94.171.212 16276 (OVH)
1 69.192.160.219 16625 (AKAMAI-AS)
1 104.17.25.14 13335 (CLOUDFLAR...)
1 104.19.241.24 13335 (CLOUDFLAR...)
1 67.202.105.23 32748 (STEADFAST)
2 142.250.181.227 15169 (GOOGLE)
1 108.138.9.235 16509 (AMAZON-02)
1 108.128.8.255 16509 (AMAZON-02)
3 78.140.185.32 35415 (WEBZILLA)
1 65.9.66.116 16509 (AMAZON-02)
3 142.250.186.106 15169 (GOOGLE)
362 106
25    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
controlc.com
9    104.18.21.206 (None, )

ASN13335 (CLOUDFLARENET, US)
a.pub.network
1    142.250.186.72 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f8.1e100.net
www.googletagmanager.com
13    34.160.152.31 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 31.152.160.34.bc.googleusercontent.com
d.pub.network
c.pub.network
5    34.110.189.112 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 112.189.110.34.bc.googleusercontent.com
flutteringfireman.com
1    216.239.34.36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    74.125.206.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wk-in-f156.1e100.net
stats.g.doubleclick.net
1    172.217.16.131 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f131.1e100.net
www.google.ch
1    18.66.112.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-44.fra56.r.cloudfront.net
static.adsafeprotected.com
2    34.111.152.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.152.111.34.bc.googleusercontent.com
optimise.net
8    216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f2.1e100.net
securepubads.g.doubleclick.net
1    172.64.144.166 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.confiant-integrations.net
1    172.67.74.207 (United States)

ASN13335 (CLOUDFLARENET, US)
freestar-io.videoplayerhub.com
1    172.67.41.60 (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
1    104.18.43.90 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.confiant-integrations.net
2    178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    172.67.36.110 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.hadronid.net
4    172.67.23.234 (United States)

ASN13335 (CLOUDFLARENET, US)
id.hadron.ad.gt
8    3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
7    91.228.74.159 (United Kingdom)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
cms.quantserve.com
pixel.quantserve.com
28    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
pagead2.googlesyndication.com
3    142.250.184.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f1.1e100.net
df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com
9    34.107.140.113 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 113.140.107.34.bc.googleusercontent.com
s2s.t13.io
9    185.89.210.122 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
2    3.67.63.57 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-67-63-57.eu-central-1.compute.amazonaws.com
grid.bidswitch.net
2    213.19.162.43 (United Kingdom)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
2    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
4    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
6    54.74.177.179 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-74-177-179.eu-west-1.compute.amazonaws.com
ads.yieldmo.com
3    130.211.23.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
2    104.26.2.70 (None, )

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
2    142.250.186.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f6.1e100.net
ad.doubleclick.net
2    63.251.14.3 (United States)

ASN14744 (INTERNAP-BLOCK-4, US)
PTR: 3.14.251.63.unassigned.ord.singlehop.net
ap.lijit.com
11    216.52.2.30 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ce.lijit.com
14    216.58.206.33 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f1.1e100.net
tpc.googlesyndication.com
2    216.58.212.170 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f10.1e100.net
fonts.googleapis.com
3    184.30.17.67 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-17-67.deploy.static.akamaitechnologies.com
widgets.outbrain.com
4    172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net
www.googletagservices.com
2    18.66.97.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-81.fra56.r.cloudfront.net
rules.quantcount.com
1    213.227.153.223 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
b1t-eudc1.zemanta.com
1    104.22.4.69 (None, )

ASN13335 (CLOUDFLARENET, US)
a.ad.gt
2    142.250.185.228 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f4.1e100.net
www.google.com
1    184.30.24.22 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-22.deploy.static.akamaitechnologies.com
hbx.media.net
9    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
token.rubiconproject.com
2    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
3    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
6    52.94.222.140 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
32    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
cm.g.doubleclick.net
3    3.65.116.7 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-65-116-7.eu-central-1.compute.amazonaws.com
rtb.mfadsrvr.com
1    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
3    208.93.169.131 (United States)

ASN46244 (WEBMD-IDC1-AS, US)
bh.contextweb.com
3    184.30.16.195 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-16-195.deploy.static.akamaitechnologies.com
ads.pubmatic.com
3    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
11    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
4    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
googleads.g.doubleclick.net
11    18.195.61.190 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-61-190.eu-central-1.compute.amazonaws.com
aws-fr-sync.bidswitch.net
x.bidswitch.net
1    18.192.135.64 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-135-64.eu-central-1.compute.amazonaws.com
media.grid.bidswitch.net
1    178.250.1.39 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
grid-mercury.criteo.com
1    16.171.99.149 (Stockholm, Sweden)

ASN16509 (AMAZON-02, US)
PTR: ec2-16-171-99-149.eu-north-1.compute.amazonaws.com
protected-by.clarium.io
1    185.29.132.245 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
9    185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
12    198.47.127.205 (United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
1    85.114.159.118 (Loerrach, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    54.165.29.149 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-165-29-149.compute-1.amazonaws.com
sync.srv.stackadapt.com
7    52.18.217.211 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-217-211.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    185.86.138.146 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
1    35.214.189.64 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 64.189.214.35.bc.googleusercontent.com
csync.loopme.me
3    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    72.251.241.206 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
1    64.202.112.223 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
3    193.0.160.131 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
2    213.155.156.167 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
d5p.de17a.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
4    34.250.99.225 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-99-225.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
2    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
4    52.50.95.14 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-95-14.eu-west-1.compute.amazonaws.com
a.audrte.com
6    37.157.2.229 (Denmark)

ASN198622 (ADFORM, DK)
dmp.adform.net
c1.adform.net
2    35.204.74.118 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com
um.simpli.fi
4    3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
4    198.47.127.20 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image4.pubmatic.com
simage4.pubmatic.com
5    52.19.114.225 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-114-225.eu-west-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
2    98.98.134.243 (United States)

ASN21859 (ZEN-ECN, US)
pixel-sync.sitescout.com
6    89.207.16.140 (Amsterdam, Netherlands)

ASN41041 (VCLK-EU-SE, US)
PTR: ams03-nessy-float2.dotomi.com
pubmatic-match.dotomi.com
casale-match.dotomi.com
openx2-match.dotomi.com
2    46.228.164.11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
1    188.166.17.21 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
2    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
2    35.158.43.241 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-43-241.eu-central-1.compute.amazonaws.com
a.sportradarserving.com
2    172.64.151.101 (United States)

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
10    104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
dsum.casalemedia.com
1    193.135.9.127 (Germany)

ASN48314 (IP-PROJECTS, DE)
ads.smartstream.tv
1    193.135.9.135 (Germany)

ASN48314 (IP-PROJECTS, DE)
cm.adsafety.net
13    172.217.18.6 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f6.1e100.net
s0.2mdn.net
3    88.99.219.174 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.174.219.99.88.clients.your-server.de
hal9000.redintelligence.net
3    54.164.160.224 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-164-160-224.compute-1.amazonaws.com
i.liadm.com
1    46.228.164.13 (United Kingdom)

ASN56396 (AMOBEE, GB)
d.turn.com
2    13.32.27.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-28.fra56.r.cloudfront.net
live.rezync.com
3    35.244.174.68 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
1    34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com
s.company-target.com
1    151.101.129.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
13    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
freestar-d.openx.net
us-u.openx.net
eu-u.openx.net
u.openx.net
2    95.101.149.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-233.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    185.64.190.79 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
1    34.102.253.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
5    138.201.63.150 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.150.63.201.138.clients.your-server.de
hal90008.redintelligence.net
2    3.65.142.57 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-65-142-57.eu-central-1.compute.amazonaws.com
match.sharethrough.com
2    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
googleads4.g.doubleclick.net
2    35.210.53.219 (Brussels, Belgium)

ASN19527 (GOOGLE-2, US)
PTR: 219.53.210.35.bc.googleusercontent.com
pool.admedo.com
1    13.32.27.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-108.fra56.r.cloudfront.net
cdn.springserve.com
3    23.56.205.163 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-205-163.deploy.static.akamaitechnologies.com
www.awin1.com
1    104.18.186.224 (None, )

ASN13335 (CLOUDFLARENET, US)
www.conrad.ch
1    35.157.49.61 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-49-61.eu-central-1.compute.amazonaws.com
t23.intelliad.de
1    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
1    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
1    154.59.122.79 (Schiphol, Netherlands)

ASN174 (COGENT-174, US)
ums.acuityplatform.com
1    89.149.192.197 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
ssbsync.smartadserver.com
1    35.208.249.213 (Council Bluffs, United States)

ASN19527 (GOOGLE-2, US)
PTR: 213.249.208.35.bc.googleusercontent.com
trace.mediago.io
3    108.138.1.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-1-25.fra56.r.cloudfront.net
c.amazon-adsystem.com
10    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    209.54.182.161 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    23.48.23.8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-23-8.deploy.static.akamaitechnologies.com
hb.yahoo.net
2    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
2    172.64.146.152 (United States)

ASN13335 (CLOUDFLARENET, US)
capi.connatix.com
2    104.18.24.173 (None, )

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    141.94.242.204 (France)

ASN16276 (OVH, FR)
PTR: bixel-10.cloudy.ovh
green.erne.co
2    146.59.148.16 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-2.cloudy.ovh
pixel-eu.onaudience.com
1    162.55.120.196 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.196.120.55.162.clients.your-server.de
matching.truffle.bid
1    52.49.140.195 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-140-195.eu-west-1.compute.amazonaws.com
sync-pm.ads.yieldmo.com
4    46.228.174.117 (United Kingdom)

ASN56396 (AMOBEE, GB)
sync.1rx.io
sync.targeting.unrulymedia.com
1    104.22.24.87 (None, )

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
2    77.243.51.121 (Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
4    141.94.171.212 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-4.cloudy.ovh
pixel.onaudience.com
1    69.192.160.219 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com
stags.bluekai.com
1    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    104.19.241.24 (None, )

ASN13335 (CLOUDFLARENET, US)
ct.conrad.ch
1    67.202.105.23 (United States)

ASN32748 (STEADFAST, US)
PTR: ip23.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
2    142.250.181.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f3.1e100.net
fonts.gstatic.com
1    108.138.9.235 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-9-235.fra56.r.cloudfront.net
aax.amazon-adsystem.com
1    108.128.8.255 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-8-255.eu-west-1.compute.amazonaws.com
vid.springserve.com
3    78.140.185.32 (Netherlands)

ASN35415 (WEBZILLA, NL)
PTR: ap8.adplayer.pro
serving.stat-rock.com
1    65.9.66.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-116.fra56.r.cloudfront.net
vpaid.springserve.com
3    142.250.186.106 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f10.1e100.net
imasdk.googleapis.com
Apex Domain
Subdomains		 Transfer
49 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 78
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
ad.doubleclick.net — Cisco Umbrella Rank: 154
cm.g.doubleclick.net — Cisco Umbrella Rank: 245
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 439
pubads.g.doubleclick.net Failed
283 KB
45 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
268 KB
35 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 502
ads.pubmatic.com — Cisco Umbrella Rank: 534
image6.pubmatic.com — Cisco Umbrella Rank: 823
image2.pubmatic.com — Cisco Umbrella Rank: 924
simage2.pubmatic.com — Cisco Umbrella Rank: 843
image4.pubmatic.com — Cisco Umbrella Rank: 1184
image8.pubmatic.com — Cisco Umbrella Rank: 662
simage4.pubmatic.com — Cisco Umbrella Rank: 1289
43 KB
25 controlc.com
controlc.com — Cisco Umbrella Rank: 520585
189 KB
24 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 513
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2394
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1156
eus.rubiconproject.com — Cisco Umbrella Rank: 602
token.rubiconproject.com — Cisco Umbrella Rank: 458
pixel.rubiconproject.com — Cisco Umbrella Rank: 376
29 KB
22 pub.network
a.pub.network — Cisco Umbrella Rank: 4389
d.pub.network — Cisco Umbrella Rank: 4659
c.pub.network — Cisco Umbrella Rank: 4367
411 KB
17 openx.net
rtb.openx.net — Cisco Umbrella Rank: 695
freestar-d.openx.net — Cisco Umbrella Rank: 10102
us-u.openx.net — Cisco Umbrella Rank: 522
eu-u.openx.net — Cisco Umbrella Rank: 2753
u.openx.net — Cisco Umbrella Rank: 659
4 KB
14 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 1165
aws-fr-sync.bidswitch.net — Cisco Umbrella Rank: 29766
x.bidswitch.net — Cisco Umbrella Rank: 351
media.grid.bidswitch.net — Cisco Umbrella Rank: 2611
14 KB
13 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 300
268 KB
13 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 683
ce.lijit.com — Cisco Umbrella Rank: 882
10 KB
12 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 486
dsum.casalemedia.com — Cisco Umbrella Rank: 1396
9 KB
12 amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 890
c.amazon-adsystem.com — Cisco Umbrella Rank: 306
s.amazon-adsystem.com — Cisco Umbrella Rank: 310
aax.amazon-adsystem.com — Cisco Umbrella Rank: 394
74 KB
11 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 417
5 KB
10 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 246
acdn.adnxs.com — Cisco Umbrella Rank: 609
35 KB
9 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 327
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 492
4 KB
9 t13.io
s2s.t13.io — Cisco Umbrella Rank: 1873
2 KB
8 redintelligence.net
hal9000.redintelligence.net — Cisco Umbrella Rank: 38186
hal90008.redintelligence.net — Cisco Umbrella Rank: 263856
46 KB
8 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 353
1 KB
7 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 573
4 KB
7 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 657
sync-pm.ads.yieldmo.com — Cisco Umbrella Rank: 8174
4 KB
7 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1245
cms.quantserve.com — Cisco Umbrella Rank: 764
pixel.quantserve.com — Cisco Umbrella Rank: 964
11 KB
6 onaudience.com
pixel-eu.onaudience.com — Cisco Umbrella Rank: 19303
pixel.onaudience.com — Cisco Umbrella Rank: 3239
3 KB
6 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3483
casale-match.dotomi.com — Cisco Umbrella Rank: 3027
openx2-match.dotomi.com — Cisco Umbrella Rank: 4926
2 KB
6 adform.net
dmp.adform.net — Cisco Umbrella Rank: 3509
c1.adform.net — Cisco Umbrella Rank: 599
4 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
imasdk.googleapis.com — Cisco Umbrella Rank: 447
386 KB
5 ad.gt
id.hadron.ad.gt — Cisco Umbrella Rank: 1601
a.ad.gt — Cisco Umbrella Rank: 1844
60 KB
5 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 454
grid-mercury.criteo.com — Cisco Umbrella Rank: 3312
dis.criteo.com — Cisco Umbrella Rank: 597
1 KB
5 flutteringfireman.com
flutteringfireman.com — Cisco Umbrella Rank: 104411
25 KB
4 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2810
3 KB
4 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 865
1 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 212
257 KB
4 btloader.com
btloader.com — Cisco Umbrella Rank: 877
api.btloader.com — Cisco Umbrella Rank: 948
94 KB
3 stat-rock.com
serving.stat-rock.com — Cisco Umbrella Rank: 17174
496 B
3 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 567
2 KB
3 awin1.com
www.awin1.com — Cisco Umbrella Rank: 18131
2 KB
3 springserve.com
cdn.springserve.com — Cisco Umbrella Rank: 26714
vid.springserve.com — Cisco Umbrella Rank: 7852
vpaid.springserve.com — Cisco Umbrella Rank: 15586
193 KB
3 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 415
1 KB
3 liadm.com
i.liadm.com — Cisco Umbrella Rank: 539
2 KB
3 turn.com
ad.turn.com — Cisco Umbrella Rank: 851
d.turn.com — Cisco Umbrella Rank: 1384
1 KB
3 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 868
3 KB
3 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 709
910 B
3 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 547
3 KB
3 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 1131
2 KB
3 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 592
1 KB
3 outbrain.com
widgets.outbrain.com — Cisco Umbrella Rank: 1799
14 KB
3 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 3040
www.google.com — Cisco Umbrella Rank: 2
1 KB
2 gstatic.com
fonts.gstatic.com
30 KB
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1222
1 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 860
s.tribalfusion.com — Cisco Umbrella Rank: 2311
1 KB
2 connatix.com
capi.connatix.com — Cisco Umbrella Rank: 1113
522 B
2 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 487
1 KB
2 conrad.ch
www.conrad.ch
ct.conrad.ch
2 KB
2 admedo.com
pool.admedo.com — Cisco Umbrella Rank: 5328
745 B
2 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 559
69 B
2 rezync.com
live.rezync.com — Cisco Umbrella Rank: 1922
1 KB
2 sportradarserving.com
a.sportradarserving.com — Cisco Umbrella Rank: 2529
1 KB
2 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 377
791 B
2 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 726
938 B
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 795
1 KB
2 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 24983
497 B
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4905
562 B
2 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1392
565 B
2 smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 733
ssbsync.smartadserver.com — Cisco Umbrella Rank: 774
1 KB
2 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 689
2 KB
2 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 1397
972 B
2 zemanta.com
b1t-eudc1.zemanta.com — Cisco Umbrella Rank: 22764
b1sync.zemanta.com — Cisco Umbrella Rank: 580
530 B
2 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1212
2 KB
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 946
1 KB
2 confiant-integrations.net
cdn.confiant-integrations.net — Cisco Umbrella Rank: 1481
114 KB
2 optimise.net
optimise.net — Cisco Umbrella Rank: 5481
2 KB
1 33across.com
ssc-cms.33across.com — Cisco Umbrella Rank: 923
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 223
22 KB
1 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 921
218 B
1 zeotap.com
mwzeom.zeotap.com — Cisco Umbrella Rank: 3222
439 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1268
527 B
1 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 6588
1 erne.co
green.erne.co — Cisco Umbrella Rank: 31191
412 B
1 yahoo.net
hb.yahoo.net — Cisco Umbrella Rank: 938
315 B
1 mediago.io
trace.mediago.io — Cisco Umbrella Rank: 904
455 B
1 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 1309
684 B
1 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 5683
551 B
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 1824
173 B
1 intelliad.de
t23.intelliad.de — Cisco Umbrella Rank: 143572
555 B
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 4089
260 B
1 company-target.com
s.company-target.com — Cisco Umbrella Rank: 1489
422 B
1 adsafety.net
cm.adsafety.net — Cisco Umbrella Rank: 22807
1 KB
1 smartstream.tv
ads.smartstream.tv — Cisco Umbrella Rank: 31114
823 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2242
555 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 6074
277 B
1 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 5723
360 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 940
226 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1533
524 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 1372
443 B
1 clarium.io
protected-by.clarium.io — Cisco Umbrella Rank: 1459
244 B
1 media.net
hbx.media.net — Cisco Umbrella Rank: 1337
325 B
1 hadronid.net
cdn.hadronid.net — Cisco Umbrella Rank: 1779
10 KB
1 videoplayerhub.com
freestar-io.videoplayerhub.com — Cisco Umbrella Rank: 5424
447 B
1 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 587
481 B
1 google.ch
www.google.ch — Cisco Umbrella Rank: 30247
408 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
79 KB
0 gammaplatform.com Failed
cm-supply-web.gammaplatform.com Failed
0 aura-dsp.com Failed
sync-dmp.aura-dsp.com Failed
0 mrtnsvr.com Failed
ad.mrtnsvr.com Failed
362 103
Domain Requested by
32 cm.g.doubleclick.net 18 redirects ce.lijit.com
eb2.3lift.com
googleads.g.doubleclick.net
ads.yieldmo.com
freestar-d.openx.net
df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com
28 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
controlc.com
df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com
pagead2.googlesyndication.com
www.googletagservices.com
imasdk.googleapis.com
25 controlc.com 2 redirects controlc.com
14 tpc.googlesyndication.com securepubads.g.doubleclick.net
controlc.com
df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
vpaid.springserve.com
13 s0.2mdn.net controlc.com
s0.2mdn.net
imasdk.googleapis.com
12 simage2.pubmatic.com 1 redirects ads.pubmatic.com
12 c.pub.network a.pub.network
11 eb2.3lift.com 4 redirects a.pub.network
eb2.3lift.com
11 ce.lijit.com 1 redirects a.pub.network
ce.lijit.com
ads.pubmatic.com
10 pixel.rubiconproject.com 7 redirects
9 us-u.openx.net freestar-d.openx.net
u.openx.net
9 image2.pubmatic.com ads.pubmatic.com
9 x.bidswitch.net 7 redirects controlc.com
9 ib.adnxs.com 3 redirects a.pub.network
eb2.3lift.com
acdn.adnxs.com
9 s2s.t13.io a.pub.network
ce.lijit.com
eb2.3lift.com
ssum-sec.casalemedia.com
u.openx.net
9 a.pub.network controlc.com
a.pub.network
securepubads.g.doubleclick.net
8 dsum-sec.casalemedia.com 4 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
8 match.adsrvr.org a.pub.network
ads.pubmatic.com
eb2.3lift.com
googleads.g.doubleclick.net
ssum-sec.casalemedia.com
freestar-d.openx.net
df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com
8 securepubads.g.doubleclick.net a.pub.network
securepubads.g.doubleclick.net
controlc.com
www.googletagservices.com
7 token.rubiconproject.com 6 redirects eus.rubiconproject.com
7 match.prod.bidr.io 7 redirects
6 aax-eu.amazon-adsystem.com 2 redirects ce.lijit.com
ads.pubmatic.com
freestar-d.openx.net
6 ads.yieldmo.com a.pub.network
ads.yieldmo.com
5 hal90008.redintelligence.net 1 redirects df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com
hal90008.redintelligence.net
5 pr-bh.ybp.yahoo.com 2 redirects ads.pubmatic.com
ssum-sec.casalemedia.com
freestar-d.openx.net
5 c1.adform.net 4 redirects ads.pubmatic.com
5 cms.quantserve.com 5 redirects
5 flutteringfireman.com a.pub.network
flutteringfireman.com
4 pixel.onaudience.com 4 redirects
4 ups.analytics.yahoo.com 4 redirects
4 a.audrte.com 3 redirects ads.pubmatic.com
4 sync.crwdcntrl.net 3 redirects ads.pubmatic.com
4 googleads.g.doubleclick.net controlc.com
df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com
pagead2.googlesyndication.com
4 www.googletagservices.com controlc.com
securepubads.g.doubleclick.net
df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com
4 rtb.openx.net 1 redirects a.pub.network
freestar-d.openx.net
4 id.hadron.ad.gt a.pub.network
cdn.hadronid.net
3 imasdk.googleapis.com controlc.com
imasdk.googleapis.com
3 serving.stat-rock.com
3 sync.1rx.io 3 redirects
3 c.amazon-adsystem.com 1 redirects c.amazon-adsystem.com
3 www.awin1.com 2 redirects hal90008.redintelligence.net
3 idsync.rlcdn.com 2 redirects ssum-sec.casalemedia.com
3 i.liadm.com 3 redirects
3 hal9000.redintelligence.net df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com
hal90008.redintelligence.net
3 ssum-sec.casalemedia.com 1 redirects a.pub.network
ssum-sec.casalemedia.com
3 p.rfihub.com 3 redirects
3 sync-tm.everesttech.net 2 redirects ads.pubmatic.com
3 image6.pubmatic.com ads.pubmatic.com
3 ads.pubmatic.com ce.lijit.com
ads.pubmatic.com
a.pub.network
3 bh.contextweb.com 3 redirects
3 rtb.mfadsrvr.com 3 redirects
3 creativecdn.com 3 redirects
3 widgets.outbrain.com controlc.com
widgets.outbrain.com
df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com
3 api.btloader.com freestar-io.videoplayerhub.com
3 df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 fonts.gstatic.com fonts.googleapis.com
2 uipglob.semasio.net 1 redirects
2 pixel-eu.onaudience.com 2 redirects
2 capi.connatix.com 1 redirects
2 pixel.tapad.com 1 redirects
2 s.amazon-adsystem.com
2 openx2-match.dotomi.com 2 redirects
2 simage4.pubmatic.com ads.pubmatic.com
2 pool.admedo.com 2 redirects
2 googleads4.g.doubleclick.net controlc.com
2 match.sharethrough.com
2 image8.pubmatic.com 2 redirects
2 eus.rubiconproject.com a.pub.network
eus.rubiconproject.com
2 freestar-d.openx.net 1 redirects a.pub.network
2 casale-match.dotomi.com 2 redirects
2 live.rezync.com 2 redirects
2 a.sportradarserving.com 2 redirects
2 px.ads.linkedin.com eb2.3lift.com
2 ad.turn.com 2 redirects
2 pubmatic-match.dotomi.com 2 redirects
2 pixel-sync.sitescout.com 2 redirects
2 image4.pubmatic.com 1 redirects ads.pubmatic.com
2 um.simpli.fi 1 redirects ads.pubmatic.com
2 cr.frontend.weborama.fr 1 redirects ads.pubmatic.com
2 d5p.de17a.com 2 redirects
2 cm.adgrx.com ads.pubmatic.com
ssum-sec.casalemedia.com
2 sync.srv.stackadapt.com 2 redirects
2 dis.criteo.com ads.pubmatic.com
eb2.3lift.com
2 aws-fr-sync.bidswitch.net 2 redirects
2 t.adx.opera.com 1 redirects ce.lijit.com
2 pixel-eu.rubiconproject.com 2 redirects
2 www.google.com tpc.googlesyndication.com
df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com
2 rules.quantcount.com 1 redirects
2 fonts.googleapis.com df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com
hal90008.redintelligence.net
2 ap.lijit.com 2 redirects
2 ad.doubleclick.net df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com
2 ad-delivery.net
2 hbopenbid.pubmatic.com a.pub.network
2 fastlane.rubiconproject.com a.pub.network
2 grid.bidswitch.net a.pub.network
2 gum.criteo.com a.pub.network
2 cdn.confiant-integrations.net a.pub.network
cdn.confiant-integrations.net
2 optimise.net a.pub.network
1 vpaid.springserve.com cdn.springserve.com
1 vid.springserve.com cdn.springserve.com
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 ssc-cms.33across.com a.pub.network
1 ct.conrad.ch hal90008.redintelligence.net
1 cdnjs.cloudflare.com s0.2mdn.net
1 stags.bluekai.com
1 mwzeom.zeotap.com
1 sync.targeting.unrulymedia.com 1 redirects
1 sync-pm.ads.yieldmo.com ads.pubmatic.com
1 matching.truffle.bid ads.pubmatic.com
1 green.erne.co 1 redirects
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 hb.yahoo.net
1 trace.mediago.io 1 redirects
1 ssbsync.smartadserver.com 1 redirects
1 ums.acuityplatform.com 1 redirects
1 ads.travelaudience.com 1 redirects
1 tr.blismedia.com u.openx.net
1 t23.intelliad.de df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com
1 www.conrad.ch hal90008.redintelligence.net
1 cdn.springserve.com a.pub.network
1 u.openx.net a.pub.network
1 eu-u.openx.net freestar-d.openx.net
1 ads.playground.xyz ads.yieldmo.com
1 acdn.adnxs.com a.pub.network
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 s.company-target.com 1 redirects
1 d.turn.com 1 redirects
1 cm.adsafety.net 1 redirects
1 ads.smartstream.tv 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 dmp.adform.net 1 redirects
1 core.iprom.net ads.pubmatic.com
1 ipac.ctnsnet.com ads.pubmatic.com
1 b1sync.zemanta.com 1 redirects
1 csync.loopme.me 1 redirects
1 rtb-csync.smartadserver.com 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 sync.mathtag.com ads.pubmatic.com
1 pixel.quantserve.com
1 protected-by.clarium.io controlc.com
1 grid-mercury.criteo.com controlc.com
1 media.grid.bidswitch.net controlc.com
1 pixel-us-east.rubiconproject.com 1 redirects
1 hbx.media.net 1 redirects
1 a.ad.gt cdn.hadronid.net
1 b1t-eudc1.zemanta.com df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com
1 secure.quantserve.com a.pub.network
1 cdn.hadronid.net a.pub.network
1 btloader.com
1 freestar-io.videoplayerhub.com 1 redirects
1 static.adsafeprotected.com controlc.com
1 www.google.ch controlc.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 d.pub.network controlc.com
1 www.googletagmanager.com controlc.com
0 pubads.g.doubleclick.net Failed imasdk.googleapis.com
0 cm-supply-web.gammaplatform.com Failed ads.pubmatic.com
0 sync-dmp.aura-dsp.com Failed df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com
0 ad.mrtnsvr.com Failed ads.pubmatic.com
362 161

This site contains links to these domains. Also see Links.

Domain
ads.freestar.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-02-26 -
2024-02-25		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
d.pub.network
GTS CA 1D4		 2023-10-07 -
2024-01-05		 3 months crt.sh
flutteringfireman.com
R3		 2023-10-14 -
2024-01-12		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.google.ch
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2023-07-07 -
2024-08-04		 a year crt.sh
optimise.net
GTS CA 1D4		 2023-09-21 -
2023-12-20		 3 months crt.sh
confiant-integrations.net
GTS CA 1P5		 2023-09-20 -
2023-12-19		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2023-12-23		 3 months crt.sh
hadronid.net
GTS CA 1P5		 2023-10-05 -
2024-01-03		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
quantserve.com
R3		 2023-10-28 -
2024-01-26		 3 months crt.sh
c.pub.network
GTS CA 1D4		 2023-10-06 -
2024-01-04		 3 months crt.sh
s2s.t13.io
GTS CA 1D4		 2023-11-12 -
2024-02-10		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.yieldmo.com
Amazon RSA 2048 M01		 2023-04-04 -
2024-05-02		 a year crt.sh
api.btloader.com
GTS CA 1D4		 2023-10-10 -
2024-01-08		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-09 -
2024-02-11		 a year crt.sh
*.zemanta.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-16 -
2024-09-05		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.adx.opera.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-22 -
2024-06-20		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
media.grid.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-08-11 -
2024-08-11		 a year crt.sh
protected-by.clarium.io
Amazon RSA 2048 M03		 2023-11-16 -
2024-12-15		 a year crt.sh
*.mathtag.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-30 -
2024-04-29		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-11 -
2024-09-11		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-03 -
2024-03-31		 a year crt.sh
*.ctnsnet.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-13 -
2024-11-10		 a year crt.sh
*.iprom.net
R3		 2023-11-13 -
2024-02-11		 3 months crt.sh
*.simpli.fi
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-07 -
2024-12-07		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2023-11-03 -
2024-05-03		 6 months crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
redintelligence.net
R3		 2023-10-10 -
2024-01-08		 3 months crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2023-03-27 -
2024-04-26		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
*.springserve.com
Amazon RSA 2048 M02		 2023-03-01 -
2024-03-29		 a year crt.sh
www.conrad.ch
Cloudflare Inc ECC CA-3		 2023-03-17 -
2024-03-16		 a year crt.sh
www.awin1.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-10 -
2024-03-09		 a year crt.sh
*.intelliad.de
Thawte TLS RSA CA G1		 2023-07-31 -
2024-08-30		 a year crt.sh
tr.blismedia.com
GTS CA 1D4		 2023-10-04 -
2024-01-02		 3 months crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-06 -
2024-09-19		 a year crt.sh
truffle.bid
R3		 2023-10-24 -
2024-01-22		 3 months crt.sh
*.ads.yieldmo.com
Amazon RSA 2048 M01		 2023-04-04 -
2024-05-02		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-09-30		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
serving.stat-rock.com
R3		 2023-09-17 -
2023-12-16		 3 months crt.sh

This page contains 64 frames:

Primary Page: http://controlc.com/c867d83d
Frame ID: C298E82DDFE76045773068FAFC64F797
Requests: 95 HTTP requests in this frame

Frame: http://controlc.com/c867d83d/fullscreen.php?hash=ddaa47f259ae31360bae0bb92618361e&linenum=false
Frame ID: C12728FB60FB61ABFCD57F6A8EF3644C
Requests: 7 HTTP requests in this frame

Frame: http://controlc.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
Frame ID: B34A48CFF637E42030A0FF9F6130512D
Requests: 2 HTTP requests in this frame

Frame: http://controlc.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
Frame ID: D09EDCFE31E39CEBA1788E0D717293F6
Requests: 2 HTTP requests in this frame

Frame: https://df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 742AE23833F0635F76FE710AF3A7BF18
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&dnr=1
Frame ID: 8C29F8F0E144C10C42AFAF112EF31C5F
Requests: 11 HTTP requests in this frame

Frame: https://df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 91D35AB80563CB681D568E028ECE237D
Requests: 3 HTTP requests in this frame

Frame: https://widgets.outbrain.com/n2d/widget/widget.js
Frame ID: 02738628B0216867D3BF54B27600CDDE
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 89B52BE18A095F31478A7D9EF4E0448D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4F0C042702868A33779E2A89BF9A303D
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Frame ID: 3A29E91AB1E022B337BDC3A5FB7B2431
Requests: 23 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuh9LUoAwbdqCqI5RBZVta6B6MsgtECfO7fD6lovJD0ttbuIANkAo-m3y-mBA1WeLbulgosXKFhksmuaiAfoosu9GLEVzX7pegzqKNppbxys4w8EW6Mx6SOAn4OlT4oqa1bINQI5XRIe3Mef-onVWhnxstHFDFDlTBzxMhtu2VaVoI_YlQFS9bwfpDsFFd48F4oMp9BxdAVYyT3XJztcIPgiFJlHoKL_AtDzcFRywsiITYuQZrj4PcyFya-OoMzcrLnyv9Dth4kOaNkkOR4aM93kFDK_e-vdROK0HjxHygueOpMEM4N6vWa-pcjxEwAZu5TCP0lroAUl80mqCQR7NXT7nvmtm99WII2ecBJ_Jjq5rHYxw&sai=AMfl-YSscwKxC2VTlIfJ8xkmFENOCsJgt30Ws7AxTTz8yo8rgZRrZq3tsPlgjZ5OPb3IaW0ZOHgemBDcvLKkBLYpxz3vB1nJ5fYnUpYgpKWxa_zGTD0YLG1DSo3QkiGqGA&sig=Cg0ArKJSzKBwGNeFjGiwEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: F78DF664FE0C9631508F7A139863CF56
Requests: 25 HTTP requests in this frame

Frame: https://df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0D6C8BE8ACE0840AA613BABCFE87219D
Requests: 19 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
Frame ID: 419F6B8772D8255B998AF41B4A4AA965
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLvJWxDB5IUBGPO6uPkBMAE&v=APEucNUInmTJZimVZisUCgFJlYhhdsf5zmWPDHdEyu1_hpkfwHUhcHoC39Ck7XbO_Pb5lRpJ1xPFRPWLixpOngel6aXjb1zZeAbPHcNVNMQmINpsvGNHiLY
Frame ID: BE189B8485F0A3730FEB6F3C4FDE0A30
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjDvYjGATAB&v=APEucNUTPYN3xKEJ8UXokgTn-vAyFUichf5umopHA4tnMJgEUDVVp4kS-VwPHmyiCJw7pUmP0uZbldQGJ4HfNboz5SRoKirgtQ
Frame ID: FE36B14C2B34832C45E578AE16D3B2BC
Requests: 4 HTTP requests in this frame

Frame: https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D
Frame ID: F049058BF590F521C4860C4CA8462758
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: B2F705DE9A0D61C2406730FB85960392
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=0D6E816A-664C-47F1-814A-17779A42A949&redir=true&gdpr=0&gdpr_consent=
Frame ID: AD5C78A093EF7800E5AB976B2787EE3B
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=XEwvkQ9BKMNHGn7BU083kFxOeJNHSnyWWk_IzKRZ
Frame ID: 28683A551C802D0A1453DD9046417C3E
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6445747934427449614&gdpr=0&gdpr_consent=
Frame ID: E7454F3AFA7143D83D2F5438452375E6
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7302279134389139599&gdpr=0&gdpr_consent=
Frame ID: 15AD972DFE8CBEB7BCD27B7FB775B24D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=hqOB4ZSOXJJ7g5sYTYSGaU3vKkc&gdpr=0&gdpr_consent=
Frame ID: 2FD8FED7E150ABB504045723639B7C2A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=618a9eb3-5ba8-4691-8c50-55dd42f94a36&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Frame ID: C4111829D888ABE655D6A681F49A670E
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABtSE7KrdAAABU8cM6m8w&gdpr=0&gdpr_consent=
Frame ID: B56EDFFCCFC65DB87A210C623123148B
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUb95334c93fbf4649b8c05728128875c9
Frame ID: CAD02F994DD2D7449604AC9F719B09B2
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: D8A562A3D36D04BC42E49F713AFB6C8A
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZVboLwAAOeqJBQBU
Frame ID: B36DEDDF9BB0A4BF736BA41F178B3A1B
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 506E2A1BE3951C1164ECF71E31332EC0
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0
Frame ID: 887DDD71D9524A4B59D2348526D64546
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5134455422232211553
Frame ID: 10B977A9881B39E8194774D247195D00
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6377349369375825056
Frame ID: 1F05A734A205D0A8A49ACD63F93DA1CB
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: B0AE353D4DAB1D304AD5D56C69AA1254
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: B16E12772E6FCE5F0F8C682FF0300A9D
Requests: 1 HTTP requests in this frame

Frame: https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Frame ID: 0A790B05432694FFE5BA274F7C91D5C6
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=71&3pid=0D6E816A-664C-47F1-814A-17779A42A949
Frame ID: 67D0CF9C95CB45C6964F47E1B42E36B6
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fgpp%3D%26gpp_sid%3D%26bidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D&gdpr=&gdpr_consent=&gpp=&gpp_sid=&s=184674&us_privacy=&C=1
Frame ID: A6665FE72F93CABB0D2BD9083F16E842
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 634C3ECDC28B6AD1BC7CC2CFD9256254
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: BF58F19EF49FA72CD7562DFAF45CD16F
Requests: 3 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 4B0A125BE3265103E59F180BCED5CAE9
Requests: 1 HTTP requests in this frame

Frame: https://freestar-d.openx.net/w/1.0/pd?cc=1
Frame ID: 93664C294331C34281F2CB413A498FAF
Requests: 11 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Frame ID: 35DDD00EEF1A51841BA2B1DA97147DC0
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: DAE8D9531E2B06322119487FD204868A
Requests: 19 HTTP requests in this frame

Frame: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Frame ID: 2EB5D9B9A6A74796BE83DD98A2A1C446
Requests: 6 HTTP requests in this frame

Frame: http://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: B8182C321AAAD7A152371BB84B6AC468
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17160266661673041920/Performance_300x250_S3_DE/index.html?ev=01_250
Frame ID: AC2E84A18136A13C545372EF02E6FFE4
Requests: 12 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Frame ID: DC6B159A4389DDB2E13301C4F83CBB55
Requests: 8 HTTP requests in this frame

Frame: https://www.conrad.ch/ztpv.php?awc=11467_414915_1700194353_886b62d0-84ff-11ee-819e-22341370d01f&insert=AW&gdpr=&gdpr_consent=
Frame ID: 385670C80380CA863F8FB108E0FF311B
Requests: 1 HTTP requests in this frame

Frame: https://www.awin1.com/cshow.php?s=2476255&v=15168&q=372492&r=414915&pref1=89475100008044604438466012511008&pv=1
Frame ID: AB01A4433AE6AE41BDC95069A548168B
Requests: 1 HTTP requests in this frame

Frame: https://hal90008.redintelligence.net/request_content.php?s=89475100008044604438466012511008&a=83534387
Frame ID: 978A895D9065BC111C3CA691A58C75E8
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5862C3B644EBC4576C3768D626B38188
Requests: 9 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=0D6E816A-664C-47F1-814A-17779A42A949&gdpr=0&gdpr_consent=
Frame ID: 85E5135234561B8DFC8E51EFBBFA51C4
Requests: 1 HTTP requests in this frame

Frame: https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Frame ID: 49CD5938D6BF150FA17F9358E8314DA0
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: B77368A46E095D11D1E9B13E466D5948
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=woK5xk2lhMaXjSQggnXWahnU&gdpr=0&gdpr_consent=
Frame ID: 2CB62C1D13D1EFA526B64FE834E53F21
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 33652C453A02B4FE0B01F5090704AC66
Requests: 1 HTTP requests in this frame

Frame: https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=0D6E816A-664C-47F1-814A-17779A42A949&gdpr=0&gdpr_consent=
Frame ID: 441C0C4C304F27EB9F846C099CA44AD3
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-9e1da839-44d2-4792-838f-455eac3facfc-003
Frame ID: A9602EE09F088F53D2B21E09E1A4C624
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=71&3pid=0D6E816A-664C-47F1-814A-17779A42A949
Frame ID: FCCE60FDC7485E453C1D9CA4AB3440F8
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D33XUSERID33X
Frame ID: A250F540182BDD052D564A56CAB2E80C
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_ef07200f.js
Frame ID: 7DEC7F976B64DB19836506D7F6712DB5
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fiu%3D/15184186,23008567153/freestar_springserve_adx_video_outstream_controlc_6234%26description_url%3Dhttp%253A%252F%252Fcontrolc.com%252Fc867d83d%26tfcd%3D%26npa%3D0%26sz%3D1x1%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26impl%3Ds%26correlator%3D1700194355463%26nofb%3D1%26ord%3D1700194355463%26channel%3Dvastadp
Frame ID: B07AE9B3746D37643D4757D689591E85
Requests: 4 HTTP requests in this frame

Frame: http://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Frame ID: 58D4E2DE8D8BA6EE84C851C8C562AF2E
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 7D56EB049A76A19B12693381D1C8825E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

c867d83d - Finally, in a subcutaneous tumor design,...

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

362
Requests

68 %
HTTPS

0 %
IPv6

103
Domains

161
Subdomains

106
IPs

12
Countries

2981 kB
Transfer

8468 kB
Size

177
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16
  • http://controlc.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • http://controlc.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
Request Chain 24
  • http://controlc.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • http://controlc.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
Request Chain 38
  • https://freestar-io.videoplayerhub.com/gallery.js HTTP 301
  • https://btloader.com/tag?h=freestar-io&upapi=true
Request Chain 80
  • https://ap.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID HTTP 301
  • https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID HTTP 302
  • https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&dnr=1
Request Chain 95
  • http://rules.quantcount.com/rules-p-UeXruRVtZz7w6.js HTTP 301
  • https://rules.quantcount.com/rules-p-UeXruRVtZz7w6.js
Request Chain 103
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&redirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dmedianet%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%3Cvsid%3E HTTP 302
  • https://s2s.t13.io/setuid?bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=i&uid=0000EEA
Request Chain 106
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=83&3pid=LP23TFKZ-1F-2JRM&gdpr=0
Request Chain 108
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=&tc=1 HTTP 302
  • https://ce.lijit.com/merge?pid=86&3pid=ULvzg6dxdpm5jGsoqb4hRA0d8WqCco-6wuF269C1IyA&pi=sovrn&gdpr=0&gdpr_consent=&tc=1
Request Chain 109
  • https://aax-eu.amazon-adsystem.com/s/x/ae12848777b41970a5f2?gdpr=0&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=0&gdpr_consent=&dcc=t
Request Chain 110
  • https://cms.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=CAq8oVsHu_MTXO3xBwmkoAgI66MTDO-mDgmQSgXb
Request Chain 111
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=SHExOHVUWkg3aExvZ1lWWFJPeVVDeGdC&gdpr=0
Request Chain 112
  • https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=87&3pid=031db250-f8fe-4eaf-828e-073140af5da2
Request Chain 113
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LP23TFKZ-1F-2JRM&gdpr=0
Request Chain 114
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=49&3pid=wRap5GlMEgyp&ev=1&pid=558511&gdpr_consent=&gdpr=0
Request Chain 123
  • https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID HTTP 302
  • https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
Request Chain 128
  • https://aws-fr-sync.bidswitch.net/sync?ssp=themediagrid&dsp_id=16&imp=1 HTTP 302
  • https://aws-fr-sync.bidswitch.net/ul_cb/sync?ssp=themediagrid&dsp_id=16&imp=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=themediagrid&bsw_param=618a9eb3-5ba8-4691-8c50-55dd42f94a36&google_hm=NjE4YTllYjMtNWJhOC00NjkxLThjNTAtNTVkZDQyZjk0YTM2 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEC5gCgkWzI0wpBqtp6EPdgM&google_cver=1&ssp=themediagrid&bsw_param=618a9eb3-5ba8-4691-8c50-55dd42f94a36
Request Chain 146
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=XEwvkQ9BKMNHGn7BU083kFxOeJNHSnyWWk_IzKRZ
Request Chain 147
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6445747934427449614&gdpr=0&gdpr_consent=
Request Chain 148
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7302279134389139599&gdpr=0&gdpr_consent=
Request Chain 149
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=hqOB4ZSOXJJ7g5sYTYSGaU3vKkc&gdpr=0&gdpr_consent=
Request Chain 150
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=618a9eb3-5ba8-4691-8c50-55dd42f94a36&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=031db250-f8fe-4eaf-828e-073140af5da2&ssp=pubmatic&gdpr=0 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=618a9eb3-5ba8-4691-8c50-55dd42f94a36&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Request Chain 151
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCdFNFN0tyZEFBQUJVOGNNNm04dw&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AABtSE7KrdAAABU8cM6m8w&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AABtSE7KrdAAABU8cM6m8w&pid=558502&do=add&gdpr=0 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AABtSE7KrdAAABU8cM6m8w&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=6168569590249815123&gdpr=0&gdpr_consent= HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABtSE7KrdAAABU8cM6m8w&gdpr=0&gdpr_consent=
Request Chain 152
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUb95334c93fbf4649b8c05728128875c9
Request Chain 153
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 154
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZVboLwAAOeqJBQBU
Request Chain 156
  • https://b1sync.zemanta.com/usersync/pubmatic/?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0
Request Chain 157
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5134455422232211553
Request Chain 158
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6377349369375825056
Request Chain 163
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=DW6BamZMR_GBShd3mkKpSQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 164
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=0D6E816A-664C-47F1-814A-17779A42A949&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=0D6E816A-664C-47F1-814A-17779A42A949&gdpr=0&gdpr_consent=&ct=y
Request Chain 165
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=810828802
Request Chain 166
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=0D6E816A-664C-47F1-814A-17779A42A949 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=Mzkza0o1LS1Gai1RWE92WE9CLXZNd2lIUQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=5391045297437159480&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
  • https://a.audrte.com/p
Request Chain 167
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MEQ2RTgxNkEtNjY0Qy00N0YxLTgxNEEtMTc3NzlBNDJBOTQ5&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 168
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGErtJIPOdJWYpjfODEQxAA&google_cver=1
Request Chain 170
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5391045297437159480
Request Chain 172
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=0D6E816A-664C-47F1-814A-17779A42A949&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=0D6E816A-664C-47F1-814A-17779A42A949&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-iewQjvJE2uWdDRZw8nPDm5sWQZpMrZY-~A&gdpr=0
Request Chain 174
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=424f8257-bf4b-47aa-bd06-0cf50d1a948a-6556e82f-4348&gdpr=0&gdpr_consent=
Request Chain 175
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=0D6E816A-664C-47F1-814A-17779A42A949&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=1724224eb72918fd&is_secure=true&networkId=17100&version=1&nuid=0D6E816A-664C-47F1-814A-17779A42A949&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAH2-1_9rTdYQN9elkZAAAAAAA&expiration=1700280751&nuid=0D6E816A-664C-47F1-814A-17779A42A949&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 176
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3659974528374296936&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 177
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:dfa634a4-55db-4c11-89c5-1cec3e9a3de0&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 179
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzcwMjc2NDE3ODM4MDQyMzc4NzczOQ%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 180
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEMpM9woxovzRHiyQrdOf3cM&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 181
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzcwMjc2NDE3ODM4MDQyMzc4NzczOQ%3D%3D
Request Chain 183
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/3702764178380423787739?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-uO.IsU5E2oRLVKmm9RzGikVxkJoC.rrVPC68ntOVSQ--~A&dongle=0883
Request Chain 184
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=3702764178380423787739&gdpr=0&gdpr_consent=${GDPR_CONSENT} HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=dec256e1-9d52-4e49-bba6-c7248d7b9d8b&ssp=triplelift HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=618a9eb3-5ba8-4691-8c50-55dd42f94a36&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 186
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=6445747934427449614&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 196
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHWfqEllLDIsnD-d2BncmFY&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHWfqEllLDIsnD-d2BncmFY&google_cver=1&C=1
Request Chain 197
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZVboL2W604ow4w.0eyPOEgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHWfqEllLDIsnD-d2BncmFY&google_cver=1&google_hm=2
Request Chain 198
  • https://cm.g.doubleclick.net/pixel?google_nid=smartstreamtv_dbm&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://ads.smartstream.tv/cm/?cmsrc=dcm&gdpr=0&google_gid=CAESEJxfFr4njTraRWOYso3Ulaw&google_cver=1 HTTP 302
  • https://cm.adsafety.net/?_cmsrc=dcm&testmidt=1&testdid=CAESEJxfFr4njTraRWOYso3Ulaw&idt=0&did=0&data[stv][midt]=100&data[stv][mdid]=79d2b1fa57fcf812964e2c2b768a8c3a&uid=79d2b1fa57fcf812964e2c2b768a8c3a&data[stv][idt_did_status]=added&gdpr_consent=&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=
Request Chain 202
  • https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&cb=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fgpp%3D%26gpp_sid%3D%26bidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D&gdpr=&gdpr_consent=&gpp=&gpp_sid=&s=184674&us_privacy=&C=1
Request Chain 212
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZVboL2W604ow4w.0eyPOEgAA%265192&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZVboL2W604ow4w.0eyPOEgAA%265192&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=6172120c6aba4df19357838d57b80eb5 HTTP 303
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D HTTP 302
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=3659974528374296936 HTTP 303
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=6172120c-6aba-4df1-9357-838d57b80eb5 HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=1427ad7e-2971-4e8c-b8b7-d84c9f6c4c87%3A1700194354.4357219&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D1427ad7e-2971-4e8c-b8b7-d84c9f6c4c87%253A1700194354.4357219%26_%3D1700194354.4382672&cb=1700194354.4383051 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5134455422232211553&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D1427ad7e-2971-4e8c-b8b7-d84c9f6c4c87%253A1700194354.4357219%26_%3D1700194354.4382672 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=1427ad7e-2971-4e8c-b8b7-d84c9f6c4c87%3A1700194354.4357219&_=1700194354.4382672 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CM3PHhJBCj0IARAFGjcxNDI3YWQ3ZS0yOTcxLTRlOGMtYjhiNy1kODRjOWY2YzRjODc6MTcwMDE5NDM1NC40MzU3MjE5EAAaDQiz0NuqBhIFCOgHEABCAEoA HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEDqE76Ixi3bwwX4E7z4wrrc&google_cver=1
Request Chain 213
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZVboL2W604ow4w-0eyPOEgAAFEgAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEDynfTpH7Db6cL02RUrZzD8&google_cver=1
Request Chain 215
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZVboL2W604ow4w.0eyPOEgAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHWfqEllLDIsnD-d2BncmFY&google_cver=1&google_hm=2
Request Chain 217
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1715919152&external_user_id=10c2b80d-f892-4c5c-baaa-020121cb8029
Request Chain 218
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=31e1c7f33a11848&is_secure=true&networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAIYBaz_8rGkAMuxs1sAAAAAAA&expiration=1700280752&is_secure=true
Request Chain 226
  • https://freestar-d.openx.net/w/1.0/pd HTTP 302
  • https://freestar-d.openx.net/w/1.0/pd?cc=1
Request Chain 230
  • https://x.bidswitch.net/sync?ssp=themediagrid HTTP 302
  • https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=themediagrid&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=themediagrid&gdpr=0&user_id=IKf2NXOq8Wc78adlL6TuNCCloTc7oaUyJqSbKDd8
Request Chain 234
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=yieldmo HTTP 302
  • https://ads.yieldmo.com/sync?pn_id=rc&id=LP23TFKZ-1F-2JRM
Request Chain 235
  • https://ib.adnxs.com/getuid?https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an HTTP 302
  • https://ads.yieldmo.com/v000/sync?userid=6445747934427449614&pn_id=an
Request Chain 236
  • https://bh.contextweb.com/bh/rtset?pid=561118&ev=1&rurl=https%3a%2f%2fads.yieldmo.com/v000/sync?userid=%%VGUID%%&pn_id=pp&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&us_privacy= HTTP 302
  • https://ads.yieldmo.com/v000/sync?userid=wRap5GlMEgyp&ev=1&pn_id=pp&gpp_sid=&gpp=&us_privacy=&pid=561118&gdpr_consent=&gdpr=0
Request Chain 237
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160648&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.yieldmo.com%252Fsync%253Fpn_id%253Dpub%2526id%253D%2523PMUID%2526gdpr%253DPM_GDPR%2526gdpr_consent%253DPM_CONSENT HTTP 302
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
Request Chain 238
  • https://hal90008.redintelligence.net/request.php?zone=29okurnprew3&nw=20&renderingType=javascript&namespace=e6d88a1cf6&subid=&uid=0dd61bed6e89ca23&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCZRmCLehWZduyNeiT1PIPwKCb0ASRwdCbaZvog5LcD_AuEAEg2tfFOWD1hYCA4ATIAQmpAleMhPXaNbI-qAMByAObBKoEjwJP0OexRdn9KMCMKtMwalH_gByi0hp-GfRU8vrgToDMqaI5YU-lm4_fgoddPgCIECP8R2TKXKbFmK-Kjj2vULOKL0qhtyRMsNgAjgvvzH_SJAJIsz1rdIlFtUfkJ-QhToGInsnsw2dO0PtxN1AHP_mV62qwxEMYxikyu5-IVqGM8-Weh3_XK3_tmzOxGLCdoTIIPOBQD15F67Rrw1sZg9E0stGXrt3oKFSk3qbROs07gWu0eJHeogPkk5oW4JebYllDEepulFmn0X2OBf2DBgyJW1kny7zw7l9FfN1fX0JMu8wdAgA0EUAAUgVH42mtOQuyCI7LiMBHIlj6mwKT502ki13cwlKbxvAjjDXfoIDVwAT6xouO_APgBAOIBcHeovg9kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgGEQARgdMgKKAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaIMGCoWChTktLEC7rWxArW4sQLktLEC7rWxAqoNAkNI4g0TCLuh8MGVyoIDFegJVQgdQNAGSrATlbXRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNxp8Gdaw_2ICrKTKkB4c3OYYmSY36R7y3-uG7XEgp2TjC8FmSSFSiszsyUwiKe02Zc5AexdZ8GAE%26sig%3DAOD64_31VPK9s6Vdbln99eoOvxZ-xVCRbA%26client%3Dca-pub-3605257360853185%26dbm_c%3DAKAmf-AhWRonK-yUb9V6euquy8qJUn6_hFaJtPpwLCDbid_nNqhQsKPyv3KaX9DmTJ5qCKREiRmSre50fulMzG06iZExKvqmZqcJhC3Tj7rYGEvAR3eMYpMoYFIqvvVQy5N_Um_1FuYfHJFO0Zb4gF4rmWCaR7QTiEeCUftGCc5_CVbpFQXeoeo%26cry%3D1%26dbm_d%3DAKAmf-DLNmQBL0UU7jJQhTU8MXJwI2POa_PxLdpU9x85_oGI_WxvHpfUqayOcVZZxxUlK1eMBrGIu7qbgWPJ81tIOjtmvFNbW-NCapZnDC7BtMHdkjbKBydphyDjkaTmE6s-FCGDzuy3EhZjWvcaEdYaZcYe31fq-KH-9PdOxwGiJPLPvtIUZb7tfjJwedD8vw51dOqnUcGO8wlZW46m6Qb4dTtQJpL_8oq3kBBqrFS30WiyDPLTjKlwgUyuepcxHWdySht600Lh-tCZFOOAoPOpLiWFuagPMroRjwSKLrt1SB2HCO8sYSD4o5puvqox33adj_OU3yznB0MGhMPeQkCVvY65WOkAC8kGW96wCb6GZFV4DcW_NFwcVAn_3i-iG3wfmeoH0JR38Dvk8_e2V2lXFW7QCj1Zy0QB1rmZ8sGAIiXoqDVvlX3AUiuAO5NfAm9YWjkUpieO1m5GX12rGOwerFycX1qHWGyREy-1BZL_mOdeAiXGTjf85hzMdjillJID2lEChm8u0-clmWVTW4W6m_a4IPKGNeA3W2lnQeu1Q2ijXpPBwXk%26adurl%3D&documentReferer=http%3A%2F%2Fcontrolc.com%2F&ancestorOrigins=http%3A%2F%2Fcontrolc.com&random=9160935830927&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal90008.redintelligence.net/request.php?zone=29okurnprew3&nw=20&renderingType=javascript&namespace=e6d88a1cf6&subid=&uid=0dd61bed6e89ca23&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCZRmCLehWZduyNeiT1PIPwKCb0ASRwdCbaZvog5LcD_AuEAEg2tfFOWD1hYCA4ATIAQmpAleMhPXaNbI-qAMByAObBKoEjwJP0OexRdn9KMCMKtMwalH_gByi0hp-GfRU8vrgToDMqaI5YU-lm4_fgoddPgCIECP8R2TKXKbFmK-Kjj2vULOKL0qhtyRMsNgAjgvvzH_SJAJIsz1rdIlFtUfkJ-QhToGInsnsw2dO0PtxN1AHP_mV62qwxEMYxikyu5-IVqGM8-Weh3_XK3_tmzOxGLCdoTIIPOBQD15F67Rrw1sZg9E0stGXrt3oKFSk3qbROs07gWu0eJHeogPkk5oW4JebYllDEepulFmn0X2OBf2DBgyJW1kny7zw7l9FfN1fX0JMu8wdAgA0EUAAUgVH42mtOQuyCI7LiMBHIlj6mwKT502ki13cwlKbxvAjjDXfoIDVwAT6xouO_APgBAOIBcHeovg9kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgGEQARgdMgKKAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaIMGCoWChTktLEC7rWxArW4sQLktLEC7rWxAqoNAkNI4g0TCLuh8MGVyoIDFegJVQgdQNAGSrATlbXRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNxp8Gdaw_2ICrKTKkB4c3OYYmSY36R7y3-uG7XEgp2TjC8FmSSFSiszsyUwiKe02Zc5AexdZ8GAE%26sig%3DAOD64_31VPK9s6Vdbln99eoOvxZ-xVCRbA%26client%3Dca-pub-3605257360853185%26dbm_c%3DAKAmf-AhWRonK-yUb9V6euquy8qJUn6_hFaJtPpwLCDbid_nNqhQsKPyv3KaX9DmTJ5qCKREiRmSre50fulMzG06iZExKvqmZqcJhC3Tj7rYGEvAR3eMYpMoYFIqvvVQy5N_Um_1FuYfHJFO0Zb4gF4rmWCaR7QTiEeCUftGCc5_CVbpFQXeoeo%26cry%3D1%26dbm_d%3DAKAmf-DLNmQBL0UU7jJQhTU8MXJwI2POa_PxLdpU9x85_oGI_WxvHpfUqayOcVZZxxUlK1eMBrGIu7qbgWPJ81tIOjtmvFNbW-NCapZnDC7BtMHdkjbKBydphyDjkaTmE6s-FCGDzuy3EhZjWvcaEdYaZcYe31fq-KH-9PdOxwGiJPLPvtIUZb7tfjJwedD8vw51dOqnUcGO8wlZW46m6Qb4dTtQJpL_8oq3kBBqrFS30WiyDPLTjKlwgUyuepcxHWdySht600Lh-tCZFOOAoPOpLiWFuagPMroRjwSKLrt1SB2HCO8sYSD4o5puvqox33adj_OU3yznB0MGhMPeQkCVvY65WOkAC8kGW96wCb6GZFV4DcW_NFwcVAn_3i-iG3wfmeoH0JR38Dvk8_e2V2lXFW7QCj1Zy0QB1rmZ8sGAIiXoqDVvlX3AUiuAO5NfAm9YWjkUpieO1m5GX12rGOwerFycX1qHWGyREy-1BZL_mOdeAiXGTjf85hzMdjillJID2lEChm8u0-clmWVTW4W6m_a4IPKGNeA3W2lnQeu1Q2ijXpPBwXk%26adurl%3D&documentReferer=http%3A%2F%2Fcontrolc.com%2F&ancestorOrigins=http%3A%2F%2Fcontrolc.com&random=9160935830927&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 248
  • https://rtb.openx.net/sync/dds HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=2UWo9sBOjdOqTlqn3I6BJA==&ox_sc=1&ox_init=1 HTTP 302
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Request Chain 250
  • https://x.bidswitch.net/sync?ssp=openx HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_custom_parameter=618a9eb3-5ba8-4691-8c50-55dd42f94a36 HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_custom_parameter=618a9eb3-5ba8-4691-8c50-55dd42f94a36 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=8d61d914-2525-40b6-aba1-9efa7482174e&user_group=1&ssp=openx&bsw_param=618a9eb3-5ba8-4691-8c50-55dd42f94a36 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=618a9eb3-5ba8-4691-8c50-55dd42f94a36&gdpr=&gdpr_consent=&us_privacy=
Request Chain 251
  • https://creativecdn.com/cm-notify?pi=openx&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073053&val=ULvzg6dxdpm5jGsoqb4hRA0d8WqCco-6wuF269C1IyA&pi=openx&gdpr=0
Request Chain 252
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=rOvogv_m79C3vbnSo-jwg6zpv4C37buFqujfG9sL
Request Chain 253
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5391045297437159480
Request Chain 257
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEkt6ZdgPluWPFIAEujYTYs&google_cver=1
Request Chain 259
  • https://cms.quantserve.com/pixel/p-N04C2m09Yy8f8.gif?idmatch=0&gdpr=&gdpr_consent=&us_privacy=&redir= HTTP 302
  • https://s2s.t13.io/setuid?bidder=quantcastfsx&gdpr=0&uid=MyXRU2Ao1gEoc4ADPCbJUjMnhlEoI4JUNSbKGTAl
Request Chain 265
  • https://www.awin1.com/cshow.php?s=2246412&v=11467&q=346432&r=414915&pref1=89475100008044604438466012511008&pv=1 HTTP 302
  • https://www.conrad.ch/ztpv.php?awc=11467_414915_1700194353_886b62d0-84ff-11ee-819e-22341370d01f&insert=AW&gdpr=&gdpr_consent=
Request Chain 272
  • https://p.rfihub.com/cm?pub=25&in=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073062&val=5134455422232211553
Request Chain 273
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0&gdpr=0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZVboLwAAOeqJBQBU
Request Chain 275
  • https://match.prod.bidr.io/cookie-sync/ox HTTP 303
  • https://us-u.openx.net/w/1.0/sd?val=AABtSE7KrdAAABU8cM6m8w&id=537125688
Request Chain 276
  • https://openx2-match.dotomi.com/match/bounce/current?networkId=15900&version=1&nuid={OX_USER_ID} HTTP 302
  • https://openx2-match.dotomi.com/match/bounce/current?DotomiTest=48e13e6bd8d18c1&is_secure=true&networkId=15900&version=1&nuid=%7BOX_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAAIY6Qykz-BkQMKq3HSAAAAAAA&expiration=1700280753&nuid={OX_USER_ID}&is_secure=true
Request Chain 277
  • https://sync.srv.stackadapt.com/sync?nid=268&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537082476&val=hqOB4ZSOXJJ7g5sYTYSGaU3vKkc
Request Chain 279
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEIoZVjZB4uz0PwbECvukjik&google_cver=1&google_push=AXcoOmTwnBgYWRxzUkCDnxr_FbGCZXV90StmCRQD6yXYGTQ1B94BFFc7G1XsqHZxnjwf5mKSb2P7vq2QrfsnAQZ_boObR4gBdaw HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=DsshPnssR2UiYS3UO8I28w&google_push=AXcoOmTwnBgYWRxzUkCDnxr_FbGCZXV90StmCRQD6yXYGTQ1B94BFFc7G1XsqHZxnjwf5mKSb2P7vq2QrfsnAQZ_boObR4gBdaw
Request Chain 280
  • https://ums.acuityplatform.com/tum?umid=4&uid=CAESEAyLUmxLpMTStciMzFALi0o&google_cver=1&google_push=AXcoOmRAYoDibsVW8Jomz9nXw70ZUo2PrXzZCSB5j0erWqrwGG6LvBhVua6F25FsIk7umWCUxmRXWsidkJepLHrtHngLo_IaiYV- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=853313337714&us_privacy=1---
Request Chain 281
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEAuhk3YmrDyrTL35Oo8dmhI&google_cver=1&google_push=AXcoOmQHwqqx-fHQt625kg3wFuwNxBZX0QV1UZqbBV4mCZwAd8unvMlrKB-LB4t0JAJusP0p_8Qku3P-3m5dLLzri1dSIReXErbK HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzcwMjc2NDE3ODM4MDQyMzc4NzczOQ%3D%3D&google_push=AXcoOmQHwqqx-fHQt625kg3wFuwNxBZX0QV1UZqbBV4mCZwAd8unvMlrKB-LB4t0JAJusP0p_8Qku3P-3m5dLLzri1dSIReXErbK
Request Chain 282
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEPdV6qgMOcTIwm62bpKvq5Q&google_cver=1&google_push=AXcoOmQJ_5ikxxwKpY4eh0Y9z-OIAskEtNXAptybAQitb5V7PT7k6Lf9hqzLmusE03HXISqq5MyhM9X4HIUPAvMcdxcHweh9aEmT HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmQJ_5ikxxwKpY4eh0Y9z-OIAskEtNXAptybAQitb5V7PT7k6Lf9hqzLmusE03HXISqq5MyhM9X4HIUPAvMcdxcHweh9aEmT&google_hm=NjE2ODU2OTU5MDI0OTgxNTEyMw%3D%3D
Request Chain 284
  • https://trace.mediago.io/cs/google?google_gid=CAESEL5H3hn08CRRB2GMcPibmeY&google_cver=1&google_push=AXcoOmRFZbUHZ0XqXyav6PSo4kKXNpK4a1ZFYBubn-QZ71qMWQE5MnccR0nuq3FlYjhDaX_G9EH2jLSVYXVs5UnMZxLhxad8qY94nw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmRFZbUHZ0XqXyav6PSo4kKXNpK4a1ZFYBubn-QZ71qMWQE5MnccR0nuq3FlYjhDaX_G9EH2jLSVYXVs5UnMZxLhxad8qY94nw&google_hm=f34e96994d774bcc181fz400lp23tjzg
Request Chain 287
  • http://c.amazon-adsystem.com/aax2/apstag.js HTTP 301
  • https://c.amazon-adsystem.com/aax2/apstag.js
Request Chain 289
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=rJ7sZt4nQjiL5oCDfOosGg&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=rJ7sZt4nQjiL5oCDfOosGg
Request Chain 290
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELL46YOPYSEJF1U2PFAEF-0&google_cver=1
Request Chain 291
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LP23TFKZ-1F-2JRM
Request Chain 292
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjMyYTgwNTE5YTY3OGFlMWUzY2Q3MWI3OWI4YjhlMGJlOTRmZTk0Yg
Request Chain 294
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFAyM1RGS1otMUYtMkpSTQ== HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKqIuJIUTIj-VE1QDDORQP8&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFAyM1RGS1otMUYtMkpSTQ==&google_push=
Request Chain 296
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LP23TFKZ-1F-2JRM&ex=d-rubiconproject.com&status=ok
Request Chain 297
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/9rV_NxpzbcmTruqLcutZgcn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-Xr0.ahhE2oJ6u2mvWwYrQVrNmbooW7Rw9NjtDQ--~A
Request Chain 298
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp HTTP 303
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AABtSE7KrdAAABU8cM6m8w&expires=30
Request Chain 299
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LP23TFKZ-1F-2JRM&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LP23TFKZ-1F-2JRM&redir=true HTTP 302
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1tQkRLUGtORTJ1RS43dnJ5emtNVlpGWGVfck12bDZ4X35B&ovsid=LP23TFKZ-1F-2JRM&dpid=58160
Request Chain 300
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LP23TFKZ-1F-2JRM
Request Chain 301
  • https://token.rubiconproject.com/token?pid=37556&a=1 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LP23TFKZ-1F-2JRM HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LP23TFKZ-1F-2JRM
Request Chain 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LP23TFKZ-1F-2JRM
Request Chain 303
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564 HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LP23TFKZ-1F-2JRM&pId=11&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LP23TFKZ-1F-2JRM&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
Request Chain 304
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LP23TFKZ-1F-2JRM
Request Chain 307
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 308
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D0%26gdpr_consent%3D%25_gdpr_consent HTTP 302
  • https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DwoK5xk2lhMaXjSQggnXWahnU%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=3cb0bf8ec8f3d1d92b360e9d009ed1fa&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3DwoK5xk2lhMaXjSQggnXWahnU%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=woK5xk2lhMaXjSQggnXWahnU&gdpr=0&gdpr_consent=
Request Chain 310
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:C678A7A34944497693A6916DA9EC23EB&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160648&pmc=1&pr=https%3A%2F%2Fsync-pm.ads.yieldmo.com%2Fsync%3Fpn_id%3Dpub%26id%3D0D6E816A-664C-47F1-814A-17779A42A949%26gdpr%3D0%26gdpr_consent%3D&us_privacy=%24%7BUS_PRIVACY%7D HTTP 302
  • https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=0D6E816A-664C-47F1-814A-17779A42A949&gdpr=0&gdpr_consent=
Request Chain 311
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1700194354368 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=6597316601 HTTP 302
  • https://sync.1rx.io/usersync/turn/3659974528374296936?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-9e1da839-44d2-4792-838f-455eac3facfc-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-9e1da839-44d2-4792-838f-455eac3facfc-003 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-9e1da839-44d2-4792-838f-455eac3facfc-003
Request Chain 314
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=0D6E816A-664C-47F1-814A-17779A42A949&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=0D6E816A-664C-47F1-814A-17779A42A949&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 315
  • https://pixel.onaudience.com/?partner=214&mapped=0D6E816A-664C-47F1-814A-17779A42A949&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=bf02c8daae240be6/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=3cb0bf8ec8f3d1d92b360e9d009ed1fa&gdpr=0 HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=1242&redirect=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D68%26icm%26cver%26mapped%3D__ADFUID__%26gdpr%3D0 HTTP 302
  • https://pixel.onaudience.com/?partner=68&icm&cver&mapped=5391045297437159480&gdpr=0 HTTP 302
  • https://pixel.onaudience.com/?partner=282&icm&cver&gdpr=0&smartmap=1&redirect=stags.bluekai.com%2Fsite%2F52799%3Fid%3D%25m HTTP 302
  • https://stags.bluekai.com/site/52799?id=d8216fb57777d2e5
Request Chain 330
  • https://www.awin1.com/cshow.php?s=2246412&v=11467&q=346432&r=414915&pref1=89475100008044604438466012511008&pv=0 HTTP 302
  • https://ct.conrad.ch/content-chb2c/affiliate/banner/logo1/Conrad_Logo_120x60.png

362 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request c867d83d
controlc.com/ 		8 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://controlc.com/c867d83d
Protocol
HTTP/1.1
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.5.38
Resource Hash
f7f6c3dab1c81ddde75da0debbb56f0694e6afbff0ec4762d8d37df89f8b0a13

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
8275229a59fd0e9f-MXP
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Fri, 17 Nov 2023 04:12:24 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Pragma
no-cache
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ayb%2FLzrxCzcNASBKNbsQmgvSu8thLSHEyFfYE30EgTdXwMUcKwD%2BRH2t%2B6BCOJ%2BJV8Tyrx%2BID5Z2NwImB7NATJ7J7UPf5liqHKq2Yssjw9nb9D2ukYQa9%2Fd0xADYH6U%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Powered-By
PHP/5.5.38
alt-svc
h3=":443"; ma=86400
global.css
controlc.com/public/css/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://controlc.com/public/css/global.css
Requested by
Host: controlc.com
URL: http://controlc.com/c867d83d
Protocol
HTTP/1.1
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
770a5be4937bf757134b47d4845e28c82e6dda0c7eee72875fda2ad3dbc93718

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://controlc.com/c867d83d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 17 Nov 2023 04:12:24 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Cf-Polished
origSize=15109
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Cf-Bgj
minify
Last-Modified
Mon, 11 May 2015 23:23:26 GMT
Server
cloudflare
ETag
W/"555139ee-3b05"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u7TjS20TEd479czkzzs35%2BkUOO9a2VZIRq9P9upO%2BlivaN%2BocGkElBur%2Fio4oMXBjyvmYmIId5XXlFHUGOTGg7l6bSy4CwJ7LCYkavXZRE31FAr5hV%2BO%2FSSZki4QwMA%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Cache-Control
max-age=14400
CF-RAY
8275229b0a290e9f-MXP
bootstrap.css
controlc.com/public/css/ 		80 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://controlc.com/public/css/bootstrap.css
Requested by
Host: controlc.com
URL: http://controlc.com/c867d83d
Protocol
HTTP/1.1
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10d260de958aa225f5add9155e9194221b65c1c991ec3bc9132a40d4f4fabff2

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://controlc.com/c867d83d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 17 Nov 2023 04:12:24 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
1148
Cf-Polished
origSize=99036
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Cf-Bgj
minify
Last-Modified
Mon, 11 May 2015 23:23:26 GMT
Server
cloudflare
ETag
W/"555139ee-182dc"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LgLcHkUzVDmBTsd0oUz0nLZDcNStsv2%2FXbrpeJWsLVS%2BULBa7PRf33F9UEbQTPSS%2BVjvrIdgD2eljiT14SS4U%2BsM3B8tE8xOXcL3dO6oc4qVKbQj81lqPgORWHtD0SI%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Cache-Control
max-age=14400
CF-RAY
8275229b6d2cbab7-MXP
bootstrap-responsive.css
controlc.com/public/css/ 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://controlc.com/public/css/bootstrap-responsive.css
Requested by
Host: controlc.com
URL: http://controlc.com/c867d83d
Protocol
HTTP/1.1
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
439211cb90e7da0f52c80f15dc2ca868ac9419e83350a1ff2d0372031f359986

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://controlc.com/c867d83d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 17 Nov 2023 04:12:24 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Cf-Polished
origSize=14308
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Cf-Bgj
minify
Last-Modified
Mon, 11 May 2015 23:23:26 GMT
Server
cloudflare
ETag
W/"555139ee-37e4"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OWrEfeLks2WmG90jePcqpvzDFOqy2z6ivXEgn2BrAHmvjbaTzDR%2Fqd6aFKObpLQmp%2FAE6s9I5fgXSIIpjfzgara4RJknlv0wYIDDQ4rl9E3H4pU404TI9R0oZMwJ%2BME%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Cache-Control
max-age=14400
CF-RAY
8275229b7a5f0e9f-MXP
view.css
controlc.com/public/css/ 		806 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://controlc.com/public/css/view.css
Requested by
Host: controlc.com
URL: http://controlc.com/c867d83d
Protocol
HTTP/1.1
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04011cfc7eda18e8567f9c27899514e871cf823d1101bbedb9f270767d98f14e

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://controlc.com/c867d83d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 17 Nov 2023 04:12:24 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Cf-Polished
origSize=1010
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Cf-Bgj
minify
Last-Modified
Mon, 23 Oct 2023 20:46:50 GMT
Server
cloudflare
ETag
W/"6536dbba-3f2"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DK3SYz9rRF%2B5PsvgW9vdxe206siOnE%2Ba42d%2FqsGFwI2IZzGlYyHu8uAhYLeYwEkqw17yX03mAh705eEt%2FlNWsgwSuW0WdujEVdRke%2BbJjuwYXrsJxLurE1lraUn1nYo%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Cache-Control
max-age=14400
CF-RAY
8275229bad3ebab7-MXP
jquery.js
controlc.com/public/js/ 		148 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://controlc.com/public/js/jquery.js
Requested by
Host: controlc.com
URL: http://controlc.com/c867d83d
Protocol
HTTP/1.1
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6438c63069c5b897cbab71927f7069ec113a2917e0f1e7bc4ffb2fc4e03bccd

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://controlc.com/c867d83d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 17 Nov 2023 04:12:24 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
1148
Cf-Polished
origSize=153534
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Cf-Bgj
minify
Last-Modified
Mon, 11 May 2015 23:23:26 GMT
Server
cloudflare
ETag
W/"555139ee-257be"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=federJVC7dYPdb2qLbTanHseB57lcxEh7GiKYqCC%2F1ut73dRr3J6nHOD8hSUGas%2BHCEoyTHJV4zZKV8fzQYGf30%2B9vIOgCZbhnn0vUYkZCprHv9QhM115aPxjAvftDc%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
max-age=14400
CF-RAY
8275229beaa00e9f-MXP
view.js
controlc.com/public/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://controlc.com/public/js/view.js?x=1700194344
Requested by
Host: controlc.com
URL: http://controlc.com/c867d83d
Protocol
HTTP/1.1
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
956718e46d7ed67273205318bb008c5b6acdf6591ea49de517889cadc1f9b15f

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://controlc.com/c867d83d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 17 Nov 2023 04:12:24 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Last-Modified
Mon, 23 Oct 2023 20:12:24 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
ETag
W/"6536d3a8-622"
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7BAiwzCCsxsHNFdIzIftielK4d8vNF3R5eKzokhKbW3gapbCubDMiHm5Lpo3uarWapgTBRRxEPU%2Fuve0hAmvBtb2kOE84JhIaYBxgn6AMgf4WAaQ8JirmAVaPBvurC8%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Connection
keep-alive
CF-RAY
8275229c2d6bbab7-MXP
alt-svc
h3=":443"; ma=86400
cls.css
a.pub.network/controlc-com/ 		461 B
471 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/controlc-com/cls.css
Requested by
Host: controlc.com
URL: http://controlc.com/c867d83d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.21.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
304632f6cdd1c554543203bcafb40a06c857b21a51069a888a2bbd67a109feed

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://controlc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:12:24 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
x-guploader-uploadid
ABPtcPoJcWqOx2NnPXyjPit2O__9R3FBflPImpxNEF-Rh35loV42Uore-IDJBWMCuuAwspGPU9g
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
last-modified
Wed, 15 Nov 2023 22:20:20 GMT
server
cloudflare
etag
W/"4b7e083c091eff0747141d8bfa9b9e21"
vary
Accept-Encoding
x-goog-hash
crc32c=PWe2RQ==, md5=S34IPAke/wdHFB2L+pueIQ==
x-goog-generation
1699034044349575
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=1800
x-goog-stored-content-length
461
cf-ray
8275229d6a3723af-ZRH
expires
Fri, 17 Nov 2023 04:42:24 GMT
pubfig.min.js
a.pub.network/controlc-com/ 		121 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/controlc-com/pubfig.min.js
Requested by
Host: controlc.com
URL: http://controlc.com/c867d83d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.21.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e07671e8ba9c10d4c3d1f455dc391061fed58524c612b9edc7151269067f0e03

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://controlc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:12:24 GMT
content-encoding
gzip
cf-cache-status
HIT
age
20710
x-guploader-uploadid
ABPtcPrBxs2AO3tgBg_nkoIIxoylhKAF1MpPiMLDiTw6mpwqEGpyjnl5ePEgt1SrllWvi8_Gzdc
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
last-modified
Wed, 15 Nov 2023 22:20:20 GMT
server
cloudflare
etag
W/"2df88b4402b5ce492d968cf8f99c55ce"
vary
Accept-Encoding
x-goog-hash
crc32c=/nKa0A==, md5=LfiLRAK1zkktloz4+ZxVzg==
x-goog-generation
1700086820532785
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=1800
x-goog-stored-content-length
123689
cf-ray
8275229d6a3823af-ZRH
link
<https://d.pub.network/v2/sites/controlc-com/configs?env=PROD>; rel="preload"; as="fetch"; crossorigin="use-credentials", <https://optimise.net>; rel="preconnect", <https://api.floors.dev>; rel="preconnect"
expires
Fri, 17 Nov 2023 04:42:24 GMT
getpaid.png
controlc.com/public/images/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://controlc.com/public/images/getpaid.png
Requested by
Host: controlc.com
URL: http://controlc.com/c867d83d
Protocol
HTTP/1.1
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07702d076f8c28644a2b09299dac52af3abbf7bd5d3c6d23c6c8ea6aa133cdea

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://controlc.com/c867d83d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 17 Nov 2023 04:12:24 GMT
CF-Cache-Status
REVALIDATED
Last-Modified
Mon, 11 May 2015 23:23:26 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
ETag
"555139ee-196e"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DbVX9Vj%2BZwU%2FVX%2BU00pthYKLS42GjFVhjn8eOtvWiScn%2F2%2FAeeUu5hiuamj1LW5Zob4ZV5e1yZjopGNZXMm05kaGiZFTtFKGjQqHfHMbyAmj0UAjAd9SvHwYhSta9s4%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
8275229c3abb0e9f-MXP
alt-svc
h3=":443"; ma=86400
Content-Length
6510
logo.png
controlc.com/public/images/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://controlc.com/public/images/logo.png
Requested by
Host: controlc.com
URL: http://controlc.com/c867d83d
Protocol
HTTP/1.1
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bafbed60844c7113252124ca42cf6cb3ab28905fac0c1260a7202dedf9025bf2

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://controlc.com/c867d83d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 17 Nov 2023 04:12:24 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
1148
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Content-Length
12078
Last-Modified
Thu, 19 Sep 2019 14:03:25 GMT
Server
cloudflare
ETag
"5d838aad-2f2e"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZXCVP9gAwOC35rUP8e%2Fv%2FPZ8j2mWPBN%2FIpKOMGSWz0%2BK0tYyKMylNh4dECOxMSziKSCzsor0wiLm8Vb51VLkI92nV1koWUGD5%2BhcBddMpTbnUtHYkZWwfbO7%2Fq8zqR4%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
8275229cad95bab7-MXP
js
www.googletagmanager.com/gtag/ 		223 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-3KD3DPS4TE
Requested by
Host: controlc.com
URL: http://controlc.com/c867d83d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
a6e4f5791b28024452bd6f440e74709608dd12e4c5db86483cdf7580893df282
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://controlc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:12:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
81001
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 17 Nov 2023 04:12:25 GMT
configs
d.pub.network/v2/sites/controlc-com/ 		26 KB
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://d.pub.network/v2/sites/controlc-com/configs?env=PROD
Requested by
Host: controlc.com
URL: http://controlc.com/c867d83d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
a4c41da879603c2cab554c16a0979686f277feb3a5bb3d4439f895d32be65180

Request headers

Referer
http://controlc.com/
Origin
http://controlc.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:12:25 GMT
content-encoding
gzip
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
content-type
application/json
access-control-allow-origin
http://controlc.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
fullscreen.php
controlc.com/c867d83d/ Frame C127 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://controlc.com/c867d83d/fullscreen.php?hash=ddaa47f259ae31360bae0bb92618361e&linenum=false
Requested by
Host: controlc.com
URL: http://controlc.com/c867d83d
Protocol
HTTP/1.1
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.5.38
Resource Hash
243f880b68d91b07742b30f0d9fe0846f407eed1d3567c77a0592a057ec91e8c

Request headers

Referer
http://controlc.com/c867d83d
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
827522a0bc320e9f-MXP
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Fri, 17 Nov 2023 04:12:25 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Pragma
no-cache
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BtUhp%2B8nHR%2Ff1eFsN6aA0QSjtg1cX9hsczxB3AYNHvycREq2yLlnO73tZXZ1ufIon8zuLT7pqCZM2sxz76Vjh9qcy%2F8aa9Tj0Dl77YsT1ZIabe7SrvnqscMU3W7mDhI%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Powered-By
PHP/5.5.38
alt-svc
h3=":443"; ma=86400
bg.png
controlc.com/public/images/ 		987 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://controlc.com/public/images/bg.png
Requested by
Host: controlc.com
URL: http://controlc.com/public/css/bootstrap.css
Protocol
HTTP/1.1
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a11c133fc51a4bdbf16a612562fd43d160e9e4b27006127d4e1325b02a027d6

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://controlc.com/public/css/bootstrap.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 17 Nov 2023 04:12:24 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
1147
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Content-Length
987
Last-Modified
Mon, 11 May 2015 23:23:26 GMT
Server
cloudflare
ETag
"555139ee-3db"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ulLWcLnd9YV6Jx%2BtSS9%2FE7YYWqX6tlcoTz2MT8pg3CbaxQPTYwnWxFWHoPVD3CGo9iJ0InOxcHucdTVEyeJKVElmKpp9zgGNr1jPmOsrqdsWD6c4VQ0oDmuGB4aZWGQ%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
8275229ffeccbab7-MXP
glyphicons-halflings.png
controlc.com/img/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://controlc.com/img/glyphicons-halflings.png
Requested by
Host: controlc.com
URL: http://controlc.com/public/css/bootstrap.css
Protocol
HTTP/1.1
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86924cd006db30b9d4f1418e06cd7bd83eef2be768a10f27d2cff26e6977cced

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://controlc.com/public/css/bootstrap.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 17 Nov 2023 04:12:24 GMT
CF-Cache-Status
REVALIDATED
Last-Modified
Mon, 11 May 2015 23:23:26 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
ETag
"555139ee-3602"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HFWNohn16kei5ID9z6ZCh%2BkLI2Jt4FNjn4CTGGoz0X%2FxMVEXrr9WCTQj4DJTP69%2Bl6TXF00xo9pt23bZDZEWkz9E%2BE4COtl7jB5qKg1jHYfbPzYbinoEj1yQAOgj7vU%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
8275229ffbef0e9f-MXP
alt-svc
h3=":443"; ma=86400
Content-Length
13826
e1672454692c02f6bebfffccbd445f8adb9e83.index.js
flutteringfireman.com/ 		68 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://flutteringfireman.com/e1672454692c02f6bebfffccbd445f8adb9e83.index.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/controlc-com/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.110.189.112 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
112.189.110.34.bc.googleusercontent.com
Software
/
Resource Hash
810f6742860e4873f9bee456b76055c7a365d4059aa02b366789a2fc9454fb1d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://controlc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
via
1.1 google
date
Fri, 17 Nov 2023 04:12:25 GMT
x-datacenter
gce-europe-west1
etag
"99f2cd5be6817629fb8bddb57f285dea75c3f5a0ed7192515f7064bcbd6a6a70"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-europe-west1-spot-t7vj
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
x-buildnumber
1072352451
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
main.js
controlc.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/ Frame B34A
Redirect Chain
  • http://controlc.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • http://controlc.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://controlc.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
Requested by
Host: controlc.com
URL: http://controlc.com/c867d83d
Protocol
HTTP/1.1
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b9072104b9806e02fe6397cfc8e04a63b42382b29e95b28781e1408cf43942f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 17 Nov 2023 04:12:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
vary
accept-encoding
Content-Type
application/javascript; charset=UTF-8
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kSg5DTjq7PZjRttdoHjCjIrihPmDJ%2BJsSg2V%2FRENe9jEHjwZcoLhPvEvNGKrC7wkPd0s0wMu1kBdY13gW%2FdMUrMHVRe1Cg3g%2BzhNPn6CFMwPec1S5ecOhgXYLENxroM%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400, public
Connection
keep-alive
CF-RAY
827522a0ef1ebab7-MXP
alt-svc
h3=":443"; ma=86400

Redirect headers

Date
Fri, 17 Nov 2023 04:12:25 GMT
content-encoding
gzip
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
vary
accept-encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FGQkfD3u9d1bvmEodIc1d4pkbFWH%2BKSWn58%2FXfU7SkGC320ZXa14Hdec0d1vIcGJG0Ed8lOKk4dMnN%2B5PpEeAGH2zjZzZxBk%2BEZA6GNn5jiReRK44LkVkWi%2BdrJdp0k%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
cache-control
max-age=300, public
Connection
keep-alive
CF-RAY
827522a0bf0ebab7-MXP
alt-svc
h3=":443"; ma=86400
global.css
controlc.com/public/css/ Frame C127 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://controlc.com/public/css/global.css
Requested by
Host: controlc.com
URL: http://controlc.com/c867d83d/fullscreen.php?hash=ddaa47f259ae31360bae0bb92618361e&linenum=false
Protocol
HTTP/1.1
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
770a5be4937bf757134b47d4845e28c82e6dda0c7eee72875fda2ad3dbc93718

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://controlc.com/c867d83d/fullscreen.php?hash=ddaa47f259ae31360bae0bb92618361e&linenum=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 17 Nov 2023 04:12:25 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
1
Cf-Polished
origSize=15109
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Cf-Bgj
minify
Last-Modified
Mon, 11 May 2015 23:23:26 GMT
Server
cloudflare
ETag
W/"555139ee-3b05"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OamH1KPJ7U1tTIuuvq9zHRK2FrgZGR65Xt5cBC6qS0xUA%2B5B6AS5c6zWxAE%2F2pJBg%2BvyAfb4SITnBPRIq%2BNpMHvagXFpbkC%2FKyV1b%2FVenfq0wQipzujfZ%2BR0q5oiUwo%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Cache-Control
max-age=14400
CF-RAY
827522a13c550e9f-MXP
prettify.css
controlc.com/public/js/prettify/ Frame C127 		631 B
965 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://controlc.com/public/js/prettify/prettify.css
Requested by
Host: controlc.com
URL: http://controlc.com/c867d83d/fullscreen.php?hash=ddaa47f259ae31360bae0bb92618361e&linenum=false
Protocol
HTTP/1.1
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45c513de1b36b18482e9302311d174cd6a9a0e0d8a2bfc23060f8344ae12872a

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://controlc.com/c867d83d/fullscreen.php?hash=ddaa47f259ae31360bae0bb92618361e&linenum=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 17 Nov 2023 04:12:25 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Mon, 11 May 2015 23:23:26 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
ETag
W/"555139ee-277"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lFCRLm446h0sEHoNE1wyHNPYuzwJK93cYr7YLIDjt4B3dSNrDrTVkUEmV%2BS%2BxrG05H1KxylXOdzvag98xtZD9sH%2BmX3o5tyRAqoR96csdHTtShd0iBCuNMRM5yI7grc%3D"}],"group":"cf-nel","max_age":604800}
Cache-Control
max-age=14400
Connection
keep-alive
CF-RAY
827522a139ff4c4e-MXP
alt-svc
h3=":443"; ma=86400
fullscreen.css
controlc.com/public/css/ Frame C127 		312 B
990 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://controlc.com/public/css/fullscreen.css
Requested by
Host: controlc.com
URL: http://controlc.com/c867d83d/fullscreen.php?hash=ddaa47f259ae31360bae0bb92618361e&linenum=false
Protocol
HTTP/1.1
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f403fad3806ce3425ef5364d1d161f63e7e23534eec42ac3be831d6a9cb6ba6b

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://controlc.com/c867d83d/fullscreen.php?hash=ddaa47f259ae31360bae0bb92618361e&linenum=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 17 Nov 2023 04:12:25 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Cf-Polished
origSize=426
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Cf-Bgj
minify
Last-Modified
Mon, 11 May 2015 23:23:26 GMT
Server
cloudflare
ETag
W/"555139ee-1aa"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HCPPyS4G1Wsw%2F3BK4ItfayRfUHhWhCpHMAQkN6wR4WZdAxqsNYeAUPOhmmtQr3HAgkqQzG8ZTuIA3Dwp7%2BTxI86W99nzV4Kb1HYKiKX7AwGiqjmx5H4FdTJmvdgdfLo%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Cache-Control
max-age=14400
CF-RAY
827522a1395a4be5-MXP
jquery.js
controlc.com/public/js/ Frame C127 		148 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://controlc.com/public/js/jquery.js
Requested by
Host: controlc.com
URL: http://controlc.com/c867d83d/fullscreen.php?hash=ddaa47f259ae31360bae0bb92618361e&linenum=false
Protocol
HTTP/1.1
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6438c63069c5b897cbab71927f7069ec113a2917e0f1e7bc4ffb2fc4e03bccd

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://controlc.com/c867d83d/fullscreen.php?hash=ddaa47f259ae31360bae0bb92618361e&linenum=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 17 Nov 2023 04:12:25 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
1149
Cf-Polished
origSize=153534
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Cf-Bgj
minify
Last-Modified
Mon, 11 May 2015 23:23:26 GMT
Server
cloudflare
ETag
W/"555139ee-257be"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nQUUM8xIck%2BoCP%2FDEPjFzbJnp%2BXitXDcC9Owj%2F%2B3bXfpuxZDCR3HZksU89bngsyB3GbIYkvmy4D%2BULDvdF9h66LmFZ82U%2Bqb3DRXKRzRPEmYgyksrCjzNgI5rlC4wBk%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
max-age=14400
CF-RAY
827522a14ad40e71-MXP
tinypaste.js
controlc.com/public/js/ Frame C127 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://controlc.com/public/js/tinypaste.js
Requested by
Host: controlc.com
URL: http://controlc.com/c867d83d/fullscreen.php?hash=ddaa47f259ae31360bae0bb92618361e&linenum=false
Protocol
HTTP/1.1
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72b59d9449d39bb7d7a4d3637e3b9e3d5040aee7efd14872b3f52982295e73a9

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://controlc.com/c867d83d/fullscreen.php?hash=ddaa47f259ae31360bae0bb92618361e&linenum=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 17 Nov 2023 04:12:25 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Cf-Polished
origSize=3335
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Cf-Bgj
minify
Last-Modified
Mon, 11 May 2015 23:23:26 GMT
Server
cloudflare
ETag
W/"555139ee-d07"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CpHSYhpcmsegtCgt1P6Y7EsRH4ijX8mKM7CLdpxY9I%2BDsZ79vm7x3Zf%2BkPTIDLUrtqmWU49Mt03itgFABMWChs4S3zxGSGx7%2F679nBAl7olicr0OIJcZYQKi18I9XmM%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
max-age=14400
CF-RAY
827522a14b045242-MXP
prettify.js
controlc.com/public/js/prettify/ Frame C127 		56 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://controlc.com/public/js/prettify/prettify.js?x=1700194345
Requested by
Host: controlc.com
URL: http://controlc.com/c867d83d/fullscreen.php?hash=ddaa47f259ae31360bae0bb92618361e&linenum=false
Protocol
HTTP/1.1
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8097f7d71457717dc3475e64b6bfa7a666ff403ca4b0059df01ee94bd8538d5c

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://controlc.com/c867d83d/fullscreen.php?hash=ddaa47f259ae31360bae0bb92618361e&linenum=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 17 Nov 2023 04:12:25 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Mon, 11 May 2015 23:23:26 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
ETag
W/"555139ee-e155"
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZIzsJOKfI57O%2Fybv9MFxbkmOeaED%2BH7LsNQcv1lUruo8To3%2Fx2GuywQ3lArGW%2FVVh4SlJ2evBjqBOM6H3683qH%2F8AWZUh1fJydAXCenFeR4EOxAHHKkSKMbaF8m0GI0%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Vary
Accept-Encoding
Cache-Control
max-age=14400
Connection
keep-alive
CF-RAY
827522a14f3bbab7-MXP
alt-svc
h3=":443"; ma=86400
8275229a59fd0e9f
controlc.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame B34A 		0
828 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://controlc.com/cdn-cgi/challenge-platform/h/g/jsd/r/8275229a59fd0e9f
Requested by
Host: controlc.com
URL: http://controlc.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
HTTP/1.1
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

Date
Fri, 17 Nov 2023 04:12:25 GMT
Content-Encoding
gzip
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DLd%2BkUfzFJFb0nvIKt5ChUFvt6nEZEANYJzz2hSHlbm%2BPb%2BqwHxBnuKi%2BIBV5SmMyUMx8ge3KjYO46LKf8T3oKNicbD7IBIm0eMhsLz%2FiQbqLpjz781KUgPyFKE95yg%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/plain; charset=UTF-8
Connection
keep-alive
CF-RAY
827522a36818bab7-MXP
alt-svc
h3=":443"; ma=86400
main.js
controlc.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/ Frame D09E
Redirect Chain
  • http://controlc.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • http://controlc.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://controlc.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
Requested by
Host: controlc.com
URL: http://controlc.com/c867d83d
Protocol
HTTP/1.1
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44ab4295426ae6c791f4c9c452e07a22dcebea21d40ced3b2ead61b018d5a2be
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 17 Nov 2023 04:12:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
vary
accept-encoding
Content-Type
application/javascript; charset=UTF-8
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BBN1K5V%2Bz3ujFG2qRAfPbHUj40epUZh9n18E3XhN0oWheKoQOVFZYVa4SsfXBb59BtbB%2BeYP%2BAG8FSiNuk35AJAoCCVJZuybI2yfSIpoUu4%2FNZAFcpxQ8GSqQe07JlE%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400, public
Connection
keep-alive
CF-RAY
827522a48bf45242-MXP
alt-svc
h3=":443"; ma=86400

Redirect headers

Date
Fri, 17 Nov 2023 04:12:25 GMT
content-encoding
gzip
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
vary
accept-encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FXfL9bC%2FChjVdw9jIuqA3KVeZFpDVE%2B1ETXyp0LNSnsc%2F5q4NQValW5fXNvxgJxyJ1dCfNKvWo5lR1ClhsDOzWvMEFFE8gE4a1SKMNHt0HjrwuaFlsL93kxN5J0OnjM%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
cache-control
max-age=300, public
Connection
keep-alive
CF-RAY
827522a3dbc75242-MXP
alt-svc
h3=":443"; ma=86400
collect
region1.analytics.google.com/g/ 		0
251 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-3KD3DPS4TE&gtm=45je3b81v9125033100&_p=1700194344943&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=319769920.1700194346&ul=en-us&sr=1600x1200&_s=1&sid=1700194345&sct=1&seg=0&dl=http%3A%2F%2Fcontrolc.com%2Fc867d83d&dt=c867d83d%20-%20Finally%2C%20in%20a%20subcutaneous%20tumor%20design%2C...&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2058
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3KD3DPS4TE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://controlc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:26 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://controlc.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
251 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-3KD3DPS4TE&cid=319769920.1700194346&gtm=45je3b81v9125033100&aip=1&dma=0&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3KD3DPS4TE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.206.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wk-in-f156.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://controlc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:26 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://controlc.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ch/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ch/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-3KD3DPS4TE&cid=319769920.1700194346&gtm=45je3b81v9125033100&aip=1&dma=0&gcd=11l1l1l1l1&z=1189771147
Requested by
Host: controlc.com
URL: http://controlc.com/c867d83d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f131.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://controlc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
skeleton.gif
static.adsafeprotected.com/ 		43 B
481 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif?adslot=ad_300x250_202059
Requested by
Host: controlc.com
URL: http://controlc.com/c867d83d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-44.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://controlc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 17:45:23 GMT
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via
1.1 91dc0292eef4e22508a3ae73fe64bbf4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
5480824
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
etag
"45cf913e5d9d3c9b2058033056d3dd23"
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
lVzJknD03GsJxwHWePcP_pS3CDAL4u14JK8Naywis2uHUiGOLsMKwA==
827522a0bc320e9f
controlc.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame D09E 		0
826 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://controlc.com/cdn-cgi/challenge-platform/h/g/jsd/r/827522a0bc320e9f
Requested by
Host: controlc.com
URL: http://controlc.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
HTTP/1.1
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

Date
Fri, 17 Nov 2023 04:12:26 GMT
Content-Encoding
gzip
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IAoTAW8WLS17zNhtMk%2FHi5caHs9MIZ7n%2F5%2F45O8ubuDKTExo9fQiDszm8TYhVUjdyZkQ8eMP8yeUdTRSKlSAWAt5csmBWe2muKjGxs2s87qiyHpluRmgT9L4K1%2Fu5vk%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/plain; charset=UTF-8
Connection
keep-alive
CF-RAY
827522a69cc25242-MXP
alt-svc
h3=":443"; ma=86400
pubfig.engine.js
a.pub.network/core/pubfig/5.19.15/ 		548 KB
152 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/core/pubfig/5.19.15/pubfig.engine.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/controlc-com/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.21.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ebadfb0328064c5cee4e463f60f6b67ad4111578429bb00206d358826752596

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://controlc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:12:26 GMT
content-encoding
gzip
cf-cache-status
HIT
age
21961
x-guploader-uploadid
ABPtcPr3z6icnLRcIEwyl3VMjvHFV0j-cL89hFtGziDe7_uFtBdxoM8O3emJ7vgTJKOcAXRa19M
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
last-modified
Wed, 15 Nov 2023 20:20:05 GMT
server
cloudflare
etag
W/"c83575c9bb19202c6fd0b61ba45c60a3"
vary
Accept-Encoding
x-goog-generation
1700079605019407
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=J8SUlA==, md5=yDV1ybsZICxv0LYbpFxgow==
access-control-expose-headers
*
cache-control
public, max-age=3600
x-goog-stored-content-length
560817
cf-ray
827522a77dee23af-ZRH
expires
Fri, 17 Nov 2023 05:12:26 GMT
4596af2d721b41e9168bd619fa42d39fd2eaed966e26c0fc71b195
flutteringfireman.com/confirm/ 		303 B
808 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://flutteringfireman.com/confirm/4596af2d721b41e9168bd619fa42d39fd2eaed966e26c0fc71b195
Requested by
Host: flutteringfireman.com
URL: https://flutteringfireman.com/e1672454692c02f6bebfffccbd445f8adb9e83.index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.110.189.112 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
112.189.110.34.bc.googleusercontent.com
Software
/
Resource Hash
fcbe6729bef5735fd812e033480df7d503688d31b9e8c8bb431335321845a26c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
http://controlc.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Fri, 17 Nov 2023 04:12:26 GMT
via
1.1 google
x-buildnumber
1072352451
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
303
x-datacenter
gce-europe-west1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
http://controlc.com
x-hostname
fen-hoothoot-europe-west1-spot-t7vj
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Fri, 17 Nov 2023 04:12:25 GMT
/
optimise.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://optimise.net/?k=0&d=controlc.com&t=desktop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.152.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.152.111.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
x-api-key
Access-Control-Request-Method
GET
Origin
http://controlc.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key
access-control-allow-methods
ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
access-control-allow-origin
http://controlc.com
access-control-expose-headers
fs-client-rtt
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
date
Fri, 17 Nov 2023 04:12:26 GMT
expires
0
fs-client-rtt
7
pragma
no-cache
strict-transport-security
max-age=31536000;includeSubDomains;preload;
via
1.1 google
/
optimise.net/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://optimise.net/?k=0&d=controlc.com&t=desktop
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/5.19.15/pubfig.engine.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.152.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.152.111.34.bc.googleusercontent.com
Software
/
Resource Hash
98594e460ff17af1539c7e4ae40379981a3d6f0aef84b8490c5273f29715a7dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload;

Request headers

Referer
http://controlc.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
x-api-key
4e799501-b8b6-4ef1-bad5-225b3dd1aa8d

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:26 GMT
strict-transport-security
max-age=31536000;includeSubDomains;preload;
via
1.1 google
fs-client-rtt
9
access-control-max-age
3600
access-control-allow-methods
ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
content-type
application/json
access-control-allow-origin
http://controlc.com
access-control-expose-headers
fs-client-rtt
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
/
a.pub.network/videojs-site-params/ 		2 B
196 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/videojs-site-params/?path=controlc-com
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/5.19.15/pubfig.engine.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.21.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://controlc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:12:26 GMT
server
cloudflare
vary
Accept-Encoding
access-control-max-age
300
access-control-allow-methods
GET
access-control-allow-origin
*
content-type
application/json
access-control-allow-credentials
false
cf-ray
827522ab08ed23f7-ZRH
content-length
2
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		101 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/5.19.15/pubfig.engine.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
cafe /
Resource Hash
cbc2bddaf09245f604abf9758875bcaa5f12d9dba9dfd54c7b753717028e5b34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://controlc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:12:26 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31595
x-xss-protection
0
server
cafe
etag
881 / 19678 / m202311090101 / config-hash: 16204867678510254442
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 17 Nov 2023 04:12:26 GMT
prebid-analytics-7.48.4.js
a.pub.network/core/ 		596 KB
193 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/core/prebid-analytics-7.48.4.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/5.19.15/pubfig.engine.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.21.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
788c13994d09fd809cb431d4a0a2aaba6dd88c9b2ba4c0c9e03345362d9633ec

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://controlc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:12:26 GMT
content-encoding
gzip
cf-cache-status
HIT
age
21961
x-guploader-uploadid
ABPtcPrZVB-A80mLbf2DpBZhMZAZ3wzp92nDXcfi8SS9sytFn7NWbBGVfdYNXNqMymuQ4yePKCtuzqcLQQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
last-modified
Tue, 18 Jul 2023 18:59:55 GMT
server
cloudflare
etag
W/"5243e8ea27fda1bab8578db0b34dba61"
vary
Accept-Encoding
x-goog-generation
1689706795179212
content-type
text/html
access-control-allow-origin
*
x-goog-hash
crc32c=hSRCNw==, md5=UkPo6if9obq4V42ws026YQ==
content-language
en
access-control-expose-headers
*
cache-control
public, max-age=31514039
x-goog-stored-content-length
610321
cf-ray
827522a96ffd23af-ZRH
expires
Fri, 15 Nov 2024 22:06:25 GMT
config.js
cdn.confiant-integrations.net/qaKtxuL1KR_2Tfmz0NmPaAudsBc/gpt_and_prebid/ 		77 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/qaKtxuL1KR_2Tfmz0NmPaAudsBc/gpt_and_prebid/config.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/5.19.15/pubfig.engine.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.144.166 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9917a1ddf6291257fff25cf5b97c66470551f5a8df5ca2d9e0af24a7a847d35b

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://controlc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:12:27 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 17 Nov 2023 01:25:34 GMT
server
cloudflare
x-amz-request-id
5F6VQP5ERDRV9E83
age
579
etag
W/"bbdd497cee6cc5cc0e7d4e2ba9c74eca"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=900, stale-while-revalidate=3600
cf-ray
827522ad89f224c4-ZRH
alt-svc
h3=":443"; ma=86400
x-amz-id-2
YsO80S1yDaDH5wb02G3uRkwBc/aazVqNpbheBjf8fwLnZNquVd62a995iyZusxtfXb77ZsoNYJhADD1AGuNtclFgvc8ejWBmxQsTpUp3/SE=
tag
btloader.com/
Redirect Chain
  • https://freestar-io.videoplayerhub.com/gallery.js
  • https://btloader.com/tag?h=freestar-io&upapi=true
344 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?h=freestar-io&upapi=true
Protocol
H2
Server
172.67.41.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53c4ead44add22da6a363b4231834b6bcac7f960249791f00e98b8bc6dd16115

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://controlc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:12:28 GMT
content-encoding
gzip
via
1.1 google
cf-cache-status
HIT
last-modified
Fri, 17 Nov 2023 03:36:36 GMT
server
cloudflare
age
1933
etag
"e81d3cbca408fc08a3b15818c3f4b6e9"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
accept-ranges
bytes
cf-ray
827522b329f7ba9f-MXP
content-length
96034

Redirect headers

date
Fri, 17 Nov 2023 04:12:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XHyDaEwYLuE9yfixpN3Lhusf%2FAQV3SccZRAyWWbZGoseI2lv%2F7bypP6xV68iTMEAYFgV0WDiowyC%2FsSFJ9aQN%2FlVKo7cuab9mYNTsqniy9uKANr0tt2Jxm3odorO0DSJ8huyrU8amfOsor9cbtfCcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
location
https://btloader.com/tag?h=freestar-io&upapi=true
cache-control
max-age=3600
cf-ray
827522ae98b1375f-MXP
expires
Fri, 17 Nov 2023 05:12:27 GMT
549e9dddee91f9e5f084325879ac224083177b5196
flutteringfireman.com/2a6fcf236b1c/ 		3 B
66 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://flutteringfireman.com/2a6fcf236b1c/549e9dddee91f9e5f084325879ac224083177b5196
Requested by
Host: flutteringfireman.com
URL: https://flutteringfireman.com/e1672454692c02f6bebfffccbd445f8adb9e83.index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.110.189.112 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
112.189.110.34.bc.googleusercontent.com
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
http://controlc.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Fri, 17 Nov 2023 04:12:26 GMT
via
1.1 google
x-buildnumber
1072352451
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
x-datacenter
gce-europe-west1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
http://controlc.com
x-hostname
fen-hoothoot-europe-west1-spot-t7vj
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Fri, 17 Nov 2023 04:12:25 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/ 		429 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
cafe /
Resource Hash
b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://controlc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 23:26:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
17133
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137535
x-xss-protection
0
server
cafe
etag
18342593356503948095
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 15 Nov 2024 23:26:54 GMT
wrap.js
cdn.confiant-integrations.net/gptprebidnative/202310231203/ 		264 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/qaKtxuL1KR_2Tfmz0NmPaAudsBc/gpt_and_prebid/config.js
Protocol
HTTP/1.1
Server
104.18.43.90 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb4f8df5602b561c6a5247851f27cebac4099886c0f337e67e5ea9fa0f9caac8

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://controlc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 17 Nov 2023 04:12:27 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
x-amz-request-id
4XMNTSZAG9E2R3TH
Age
794239
x-amz-server-side-encryption
AES256
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Content-Length
98302
x-amz-id-2
TEGhAeVFm+ZHguANn4+I2x3lpTZzPlS9vzBApsoSlPvoZaLratEgzJT2SH6YesicuwB97LDGExs=
Last-Modified
Mon, 23 Oct 2023 16:04:16 GMT
Server
cloudflare
ETag
"866ce4ef9ef41c261f6060e4f642bb88"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
CF-RAY
827522b07b2524c0-ZRH
analytics.min.js
a.pub.network/core/analytics/1.2.5/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/core/analytics/1.2.5/analytics.min.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/5.19.15/pubfig.engine.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.21.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
150abf5d65851c215b785dc90f363002897279f75a0f466caa6c92534a20a2d7

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://controlc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:12:27 GMT
content-encoding
gzip
cf-cache-status
HIT
age
21962
x-guploader-uploadid
ABPtcPqQOF9w86evfunmWW2-t7q5PfTptCX8dQXcHV1b8d_-3T9gdCuOAQFkO1GtsYm6k16IEH4u0abnsg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
last-modified
Wed, 04 Oct 2023 16:03:51 GMT
server
cloudflare
etag
W/"defe674f4bb712938099078798b0a1bc"
vary
Accept-Encoding
x-goog-hash
crc32c=JGNbPw==, md5=3v5nT0u3EpOAmQeHmLChvA==
x-goog-generation
1696435431727744
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=3600
x-goog-stored-content-length
13192
cf-ray
827522af5fbd23af-ZRH
expires
Fri, 17 Nov 2023 05:12:27 GMT
355e6c242b3e76c9e642b16527bd840edb645e3102552a8c8b22d5
flutteringfireman.com/ 		2 B
324 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://flutteringfireman.com/355e6c242b3e76c9e642b16527bd840edb645e3102552a8c8b22d5
Requested by
Host: flutteringfireman.com
URL: https://flutteringfireman.com/e1672454692c02f6bebfffccbd445f8adb9e83.index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.110.189.112 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
112.189.110.34.bc.googleusercontent.com
Software
/
Resource Hash
4355a46b19d348dc2f57c046f8ef63d4538ebb936000f3c9ee954a27460dd865
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
http://controlc.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Fri, 17 Nov 2023 04:12:27 GMT
via
1.1 google
x-buildnumber
1072352451
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
x-datacenter
gce-europe-west1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
http://controlc.com
x-hostname
fen-hoothoot-europe-west1-spot-t7vj
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Fri, 17 Nov 2023 04:12:26 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fcontrolc.com%2F&domain=controlc.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
http://controlc.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
http://controlc.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 17 Nov 2023 04:12:27 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
180438
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
hadron.js
cdn.hadronid.net/ 		55 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hadronid.net/hadron.js?url=http%3A%2F%2Fcontrolc.com%2Fc867d83d&ref=&_it=freestar&partner_id=474&ha=_hadron
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/5.19.15/pubfig.engine.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.36.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ee69abe38a87fd8aa0867401e1e14d2831eab6dfb1bb2d97abf65ac57cb5705

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://controlc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:12:28 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 07 Sep 2023 17:31:32 GMT
server
cloudflare
x-amz-request-id
907Z07N0H4YQRTZE
age
2987
etag
W/"8bbf05f440008747d4df642e30fc4ddc"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
827522b5fe280e5b-MXP
x-amz-id-2
FTX4uTVOoCJnlfZvtg3cS2GHfBFAI/wkwGXMvvfwDzP+hX8bS7Tqr3U+IhvV3h140Zc4iKtAHTg=
json
gum.criteo.com/sid/ 		2 B
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fcontrolc.com%2F&domain=controlc.com&cw=1&lsw=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
http://controlc.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:28 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
http://controlc.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
189026
expires
0
pbhid
id.hadron.ad.gt/api/v1/ 		227 B
349 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/api/v1/pbhid?partner_id=474&_it=prebid
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3395777c1ebe5c24771e66c989bdefd74e1f31faf7cf728479d8868bb0a4fa13

Request headers

Referer
http://controlc.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 17 Nov 2023 04:12:28 GMT
content-encoding
gzip
server
cloudflare
allow
POST, OPTIONS, GET
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cf-ray
827522b608ce374c-MXP
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
rid
match.adsrvr.org/track/ 		63 B
419 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=6bjin1p&fmt=json
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
975774f69c7197b570de3beb1273f1dba1c9e4a3bf78fd11fc053f19c099dfb8

Request headers

Referer
http://controlc.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 17 Nov 2023 04:12:28 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
http://controlc.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Sun, 17 Dec 2023 04:12:28 GMT
quant.js
secure.quantserve.com/ 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/5.19.15/pubfig.engine.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.159 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
77daa4388c965a3e23b5a6c800727d8025ab108f89cf5679e79136986d5b4561

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://controlc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:12:28 GMT
content-encoding
gzip
etag
"e23JaXq4HVtlOmThpFhluQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Fri, 24 Nov 2023 04:12:28 GMT
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b60f65161ce3517c2794eecab25981c51ffbcbc951a781270403e2f3572d0290

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://controlc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
fslogo-green.svg
a.pub.network/core/imgs/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.pub.network/core/imgs/fslogo-green.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.21.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecc20ed3c5dedbe5bbe73d1e7b14270c65a85f7d0ec4c94c4f0c9f0071e471a2

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://controlc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:12:28 GMT
content-encoding
gzip
cf-cache-status
HIT
age
354
x-guploader-uploadid
ABPtcPrwF86BzaxxGG0LTZIpHgxJJjAC2gtssa1k9tYDA6OUCUZT7GBknQiEikSVDsybseuNSSb5oA7gEw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
last-modified
Tue, 08 Sep 2020 17:04:37 GMT
server
cloudflare
etag
W/"326d6cbd977657e1205bd616d1f2faca"
vary
Accept-Encoding
x-goog-generation
1599584677716817
content-type
image/svg+xml
access-control-allow-origin
*
x-goog-hash
crc32c=Jh+rSg==, md5=Mm1svZd2V+EgW9YW0fL6yg==
access-control-expose-headers
*
cache-control
public, max-age=3600
x-goog-stored-content-length
1193
cf-ray
827522b34c3a23af-ZRH
expires
Fri, 17 Nov 2023 05:12:28 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		70 KB
21 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1019442553089783&correlator=1026744133373088&eid=31079660%2C31079525&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fifs&iu_parts=15184186%3A23008567153%2Ccontrolc_google_interstitial&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&didk=4061838640&sfv=1-0-40&ists=1&fas=8&eri=1&sc=0&cookie_enabled=1&abxe=1&dt=1700194348056&lmt=1700194348&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&bc=23&nvt=1&url=http%3A%2F%2Fcontrolc.com%2Fc867d83d&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=319769920.1700194346&ga_sid=1700194348&ga_hid=1187920336&ga_fc=true&dlt=1700194344148&idt=3733&prev_scp=fs_ad_product%3DgoogleInterstitial&cust_params=fs_session_id%3Dfae6f920-17df-4529-a96f-47b11f4e9d75%26fs_pageview_id%3D8a60857bd750e95c2a634f4847f3e706%26user-agent%3DChrome%26floors_user%3D1%26floors_rtt%3D9%26fs_clientservermask%3D220232213233023001122%26fs_testgroup%3Doptimised&adks=943798360&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
cafe /
Resource Hash
d7d4812cfe8a4ec82b78c748b83162b1318aa33aba32c59186c93c69d3e744af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://controlc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:12:28 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20881
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://controlc.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311090101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
399419e7de854b4b859640e77106a9d5b944a23d9554b2ac33cd5a2dd4495f88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://controlc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:12:28 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12459
x-xss-protection
0
container.html
df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 742A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://controlc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 04:12:28 GMT
expires
Sat, 16 Nov 2024 04:12:28 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/ 		39 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl_page_level_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
cafe /
Resource Hash
e329117bbdc12ee0649ed6654138a9ba8e600eaddf9138752631a50d236d135a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://controlc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 23:16:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
17730
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13750
x-xss-protection
0
server
cafe
etag
15254217830347453119
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 15 Nov 2024 23:16:58 GMT
c
c.pub.network/v2/ 		36 B
53 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/analytics/1.2.5/analytics.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
40446f70ac0f8ed9ae4912bda6f9e9333badad89bc616a4594edcf67521fb771

Request headers

Referer
http://controlc.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 17 Nov 2023 04:12:28 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
http://controlc.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
c
c.pub.network/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
http://controlc.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
http://controlc.com
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Fri, 17 Nov 2023 04:12:28 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
via
1.1 google
hadronid
id.hadron.ad.gt/api/v1/ 		54 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/api/v1/hadronid?_it=prebid&partner_id=474&_it=prebid
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1bf5435c55a81e3f050dc22ed008eb354bcecd1c042316e81a95a488a6c0ae43

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://controlc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:12:28 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
Content-Type; text/javascript; charset=UTF-8
access-control-allow-origin
*
access-control-allow-credentials
true
debug
NON-OPTIONS
access-control-allow-headers
authorization
content-length
55794
cf-ray
827522b79aeebafd-MXP
cookie_sync
s2s.t13.io/ 		2 KB
900 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s2s.t13.io/cookie_sync
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
bd00ba9e7f476f6c886775aae38aaecf71529b2022e13ff95a613f6f35a94539

Request headers

Referer
http://controlc.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:28 GMT
content-encoding
gzip
via
1.1 google
content-type
application/json
access-control-allow-origin
http://controlc.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
680
expires
0
auction
s2s.t13.io/openrtb2/ 		1 KB
483 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s2s.t13.io/openrtb2/auction
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
fbeb331f108ca678698f5026cd71a47442460dbb8db88d8150fbb87a2f90a5a7

Request headers

Referer
http://controlc.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:28 GMT
content-encoding
gzip
via
1.1 google
x-prebid
pbs-java/2.0.0
content-type
application/json
access-control-allow-origin
http://controlc.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
397
expires
0
prebid
ib.adnxs.com/ut/v3/ 		13 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e5632e1dc48b408038e0ca71ecbcb3b731b2926680e5956e550789eec702663a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://controlc.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:28 GMT
content-encoding
gzip
an-x-request-uuid
36261f5d-a00b-4633-8d9a-23093c3caaa5
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
http://controlc.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
62.202.181.36; 62.202.181.36; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
hbjson
grid.bidswitch.net/ 		24 B
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.67.63.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-67-63-57.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
cdc3d463fbf8dc91b46728d74a9c89f764c826417efa236c81162a6a626d119f

Request headers

Referer
http://controlc.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 17 Nov 2023 04:12:28 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
http://controlc.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
49
fastlane.json
fastlane.rubiconproject.com/a/api/ 		582 B
916 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=500600&zone_id=2983354&size_id=2&alt_size_ids=1%2C19%2C43%2C44%2C55%2C117%2C221&rp_schain=1.0,1!freestar.com,1715,1,,,&eid_pubcid.org=2e3e332e-598d-4e18-95c5-15be8f3e5fd2%5E1&rf=http%3A%2F%2Fcontrolc.com%2Fc867d83d&tg_v.id=2c98d381-afe1-483c-84d7-18c8119d76f0&tg_i.domain=controlc.com&tg_i.page=http%3A%2F%2Fcontrolc.com%2Fc867d83d&tg_i.name=controlc-com&tg_i.cat=IAB19&tg_i.sectioncat=IAB19&tg_i.pagecat=IAB19&tg_i.mobile=0&tg_i.fs_optimized=false&tg_i.fs_site=6234&tg_i.fs_ad_product=stickyFooterVideo&tg_i.pbadslot=%2F15184186%2Fcontrolc_sticky_footer%2Fcontrolc_sticky_footer&tk_flint=pbjs_lite_v7.48.0&x_source.tid=528f7f05-8733-4052-8db7-4ac5a99aab4b&l_pb_bid_id=17daed43914322e&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=528f7f05-8733-4052-8db7-4ac5a99aab4b&rp_maxbids=1&p_gpid=%2F15184186%2Fcontrolc_sticky_footer%2Fcontrolc_sticky_footer&slots=1&rand=0.7497926275799098
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.19.162.43 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
e160fa1936f54e597621a2427041b2bc8356aa88075c4f71cfe41f246725d576

Request headers

Referer
http://controlc.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:28 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
http://controlc.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
582
expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ 		0
110 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://controlc.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://controlc.com
date
Fri, 17 Nov 2023 04:12:27 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebidjs
rtb.openx.net/openrtbb/ 		53 B
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
bfd36292cf5f81718793308519a9aa371a7ca39ebf85b3b4e67d0818540ed212

Request headers

Referer
http://controlc.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 17 Nov 2023 04:12:28 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
http://controlc.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
prebid
ads.yieldmo.com/exchange/ 		0
367 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=7.48.0&p=%5B%7B%22placement_id%22%3A%22controlc_sticky_footer%22%2C%22callback_id%22%3A%222886a46c2dba85e%22%2C%22sizes%22%3A%5B%5B970%2C90%5D%2C%5B728%2C90%5D%2C%5B468%2C60%5D%2C%5B320%2C100%5D%2C%5B300%2C100%5D%2C%5B320%2C50%5D%2C%5B300%2C50%5D%2C%5B1%2C1%5D%5D%2C%22ym_placement_id%22%3A%222662464007037722661%22%2C%22gpid%22%3A%22%2F15184186%2Fcontrolc_sticky_footer%2Fcontrolc_sticky_footer%22%2C%22tid%22%3A%22528f7f05-8733-4052-8db7-4ac5a99aab4b%22%2C%22auctionId%22%3A%220cd7b0c0-470b-4cdf-b6fd-82935c6e0daa%22%7D%5D&page_url=http%3A%2F%2Fcontrolc.com%2Fc867d83d&bust=1700194348247&dnt=false&description=Finally%2C%20in%20a%20subcutaneous%20tumor%20design%2C%20we%20all%20demonstrated%20that%20merging%20osimertinib%20with%20-%20c867d83d&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=&pr=&scrd=1&title=c867d83d%20-%20Finally%2C%20in%20a%20subcutaneous%20tumor%20design%2C...&w=1600&h=1200&pubcid=2e3e332e-598d-4e18-95c5-15be8f3e5fd2&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.com%22%2C%22sid%22%3A%221715%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%222e3e332e-598d-4e18-95c5-15be8f3e5fd2%22%2C%22atype%22%3A1%7D%5D%7D%5D
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.74.177.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-74-177-179.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://controlc.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://controlc.com
pragma
no-cache
date
Fri, 17 Nov 2023 04:12:28 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
auction
s2s.t13.io/openrtb2/ 		1 KB
463 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s2s.t13.io/openrtb2/auction
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
296bd0aa075d532826ad19555af1bff1529840d45286c0d86a712d60f63b561c

Request headers

Referer
http://controlc.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:28 GMT
content-encoding
gzip
via
1.1 google
x-prebid
pbs-java/2.0.0
content-type
application/json
access-control-allow-origin
http://controlc.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
395
expires
0
hbjson
grid.bidswitch.net/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.67.63.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-67-63-57.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
87ceee16f56ee42590a207bb578a1ffc1627893d3be9b6a207c4bf317c0604f6

Request headers

Referer
http://controlc.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 17 Nov 2023 04:12:28 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
http://controlc.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
10841
prebidjs
rtb.openx.net/openrtbb/ 		53 B
220 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
66e0544bf9c0551518f0a48b84efbed0711b5c79ee8bc9bac79d017e99d1175f

Request headers

Referer
http://controlc.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 17 Nov 2023 04:12:28 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
http://controlc.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
prebid
ib.adnxs.com/ut/v3/ 		13 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
13417d43b84c9e97dc817502f8ceceef787536d2a6d7c6bec093649dfae401dd
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://controlc.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:28 GMT
content-encoding
gzip
an-x-request-uuid
1a3776ab-9ac6-48ae-be85-395cd34dafb0
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
http://controlc.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
62.202.181.36; 62.202.181.36; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://controlc.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://controlc.com
date
Fri, 17 Nov 2023 04:12:27 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ads.yieldmo.com/exchange/ 		0
366 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=7.48.0&p=%5B%7B%22placement_id%22%3A%22controlc_billboard_atf%22%2C%22callback_id%22%3A%2254e3968e767ae19%22%2C%22sizes%22%3A%5B%5B970%2C250%5D%2C%5B970%2C90%5D%2C%5B728%2C250%5D%2C%5B728%2C90%5D%2C%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222662464007037722661%22%2C%22gpid%22%3A%22%2F15184186%2Fcontrolc_billboard_atf%2Fcontrolc_billboard_atf%22%2C%22tid%22%3A%229c9c91f7-6b3d-46e1-b721-b3abd75e7d43%22%2C%22auctionId%22%3A%229c979c73-9d25-4cd0-8bc2-4312618d4eea%22%7D%5D&page_url=http%3A%2F%2Fcontrolc.com%2Fc867d83d&bust=1700194348307&dnt=false&description=Finally%2C%20in%20a%20subcutaneous%20tumor%20design%2C%20we%20all%20demonstrated%20that%20merging%20osimertinib%20with%20-%20c867d83d&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=&pr=&scrd=1&title=c867d83d%20-%20Finally%2C%20in%20a%20subcutaneous%20tumor%20design%2C...&w=1600&h=1200&pubcid=2e3e332e-598d-4e18-95c5-15be8f3e5fd2&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.com%22%2C%22sid%22%3A%221715%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%222e3e332e-598d-4e18-95c5-15be8f3e5fd2%22%2C%22atype%22%3A1%7D%5D%7D%5D
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.74.177.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-74-177-179.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://controlc.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://controlc.com
pragma
no-cache
date
Fri, 17 Nov 2023 04:12:28 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
fastlane.json
fastlane.rubiconproject.com/a/api/ 		558 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=500600&zone_id=2983354&size_id=15&alt_size_ids=2%2C55%2C57&rp_schain=1.0,1!freestar.com,1715,1,,,&eid_pubcid.org=2e3e332e-598d-4e18-95c5-15be8f3e5fd2%5E1&rf=http%3A%2F%2Fcontrolc.com%2Fc867d83d&tg_v.id=2c98d381-afe1-483c-84d7-18c8119d76f0&tg_i.domain=controlc.com&tg_i.page=http%3A%2F%2Fcontrolc.com%2Fc867d83d&tg_i.name=controlc-com&tg_i.cat=IAB19&tg_i.sectioncat=IAB19&tg_i.pagecat=IAB19&tg_i.mobile=0&tg_i.fs_optimized=false&tg_i.fs_site=6234&tg_i.fs_ad_product=banner&tg_i.pbadslot=%2F15184186%2Fcontrolc_billboard_atf%2Fcontrolc_billboard_atf&tk_flint=pbjs_lite_v7.48.0&x_source.tid=9c9c91f7-6b3d-46e1-b721-b3abd75e7d43&l_pb_bid_id=567db098096336b&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=9c9c91f7-6b3d-46e1-b721-b3abd75e7d43&rp_maxbids=1&p_gpid=%2F15184186%2Fcontrolc_billboard_atf%2Fcontrolc_billboard_atf&slots=1&rand=0.6431633548363642
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.19.162.43 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
bb626f0574c64d061fbdeed5ffe8650eccae8217f79739eeff73b655be2dca7e

Request headers

Referer
http://controlc.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:28 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
http://controlc.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
558
expires
Wed, 17 Sep 1975 21:32:10 GMT
c
c.pub.network/v2/ 		36 B
53 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/analytics/1.2.5/analytics.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
40446f70ac0f8ed9ae4912bda6f9e9333badad89bc616a4594edcf67521fb771

Request headers

Referer
http://controlc.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 17 Nov 2023 04:12:28 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
http://controlc.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
c
c.pub.network/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
http://controlc.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
http://controlc.com
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Fri, 17 Nov 2023 04:12:28 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
via
1.1 google
state
api.btloader.com/mw/ 		0
101 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/mw/state?bt_env=prod
Requested by
Host: freestar-io.videoplayerhub.com
URL: https://freestar-io.videoplayerhub.com/gallery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://controlc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 17 Nov 2023 04:12:28 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
px.gif
ad-delivery.net/ 		43 B
904 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://controlc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:12:29 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1475845
x-guploader-uploadid
ABPtcPoXqW1da3El7zUCeTI-TuYNfhqR9M1VlZFZEeOsm5IgyEv1kRRCz5Lhs4rmmNoKMAtZLw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jhKpBFC%2BjGRAGHlnKOgtiJmeHLtQ6qM%2Fzsy3yP9XMV1Uxj0Y33XmGTIr%2BG%2FAmT8Cw7VV20g0jVIeAM7wJqfb7HfKIvmMn33RpMUdlfQYxQJ27zwPUOXxSV2MgFDjm5iKiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
827522b9e99b0d57-MXP
expires
Tue, 31 Oct 2023 02:32:10 GMT
favicon.ico
ad.doubleclick.net/ 		1 KB
571 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://controlc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 19:27:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
31500
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 17 Nov 2023 19:27:28 GMT
px.gif
ad-delivery.net/ 		43 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.3143498886170315
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://controlc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:12:29 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1475845
x-guploader-uploadid
ABPtcPoXqW1da3El7zUCeTI-TuYNfhqR9M1VlZFZEeOsm5IgyEv1kRRCz5Lhs4rmmNoKMAtZLw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lvQ1AJbhcQSNHHP7a2q429AU18zGafgqlmXMSKXA0lhcUqwfPIppdx2DdDiuhPqSh6zK6IkyYd8xWoLZd%2BnV8LGLkXNAg%2BD%2F%2FP81M5tMmkUHyjaGww%2BiJaj%2FJCmaCitbyg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
827522b9e99c0d57-MXP
expires
Tue, 31 Oct 2023 02:32:10 GMT
/
ce.lijit.com/beacon/prebid-server/ Frame 8C29
Redirect Chain
  • https://ap.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%...
  • https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%...
  • https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%...
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&dnr=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
0fe0ad94fcc522dbb657256c29f0f42848e862674f0712de12d30925bf2783d0

Request headers

Referer
http://controlc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Encoding
gzip
Content-Length
715
Content-Type
text/html
Date
Fri, 17 Nov 2023 04:12:29 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
Vary
Accept-Encoding, User-Agent
X-Sovrn-Pod
ad_ap6ams1

Redirect headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
0
Date
Fri, 17 Nov 2023 04:12:29 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Location
https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&dnr=1
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap6ams1
container.html
df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 91D3 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://controlc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 04:12:28 GMT
expires
Sat, 16 Nov 2024 04:12:28 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://controlc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:12:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 17 Nov 2023 04:12:29 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		29 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1019442553089783&correlator=2558654351412074&eid=31079660%2C31079525&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fifs&iu_parts=15184186%3A23008567153%2Ccontrolc_billboard_atf&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90%7C300x250%7C728x250%7C970x250&ifi=2&didk=3841140156&sfv=1-0-40&eri=1&sc=0&cookie=ID%3D3d7f079ab8461a1c%3AT%3D1700194348%3ART%3D1700194348%3AS%3DALNI_MY7e6i_1q3Q0n4zqHpE38dwdY6YfA&gpic=UID%3D00000cca31fc2481%3AT%3D1700194348%3ART%3D1700194348%3AS%3DALNI_MY9RpGEqFoCAxkTQahomNunoE98Nw&abxe=1&dt=1700194349101&lmt=1700194349&adxs=436&adys=236&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&bc=23&nvt=1&url=http%3A%2F%2Fcontrolc.com%2Fc867d83d&vis=1&psz=1520x-1&msz=1520x-1&fws=0&ohw=0&ga_vid=319769920.1700194346&ga_sid=1700194348&ga_hid=1187920336&ga_fc=true&dlt=1700194344148&idt=3733&prev_scp=fsrefresh%3D0%26fsrebid%3D0%26fs_uuid%3D1ba994a8-44d1-42c4-888f-8756ebefe618%26floors_id%3Dlearning%26floors_hour%3D4%26fs_placementName%3Dcontrolc_billboard_atf%26fs_ad_product%3Dbanner%26fspbg%3Dfreestar%26hb_auction_id%3D9c979c73-9d25-4cd0-8bc2-4312618d4eea%26freestar_path%3D%252Fc867d83d%26freestar_domain%3Dcontrolc.com%26custom_bidder_size%3Dgrid_300x250%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.14%26hb_adid%3D623bc553af7465c%26hb_bidder%3Dgrid&cust_params=fs_session_id%3Dfae6f920-17df-4529-a96f-47b11f4e9d75%26fs_pageview_id%3D8a60857bd750e95c2a634f4847f3e706%26user-agent%3DChrome%26floors_user%3D1%26floors_rtt%3D9%26fs_clientservermask%3D220232213233023001122%26fs_testgroup%3Doptimised&adks=2225142635&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
cafe /
Resource Hash
e2262d6284a73b0b1904b84ae3f22fa9f21981799330b7508502eddc388712f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://controlc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:12:29 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12595
x-xss-protection
0
google-lineitem-id
5448808997
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138319839852
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://controlc.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		27 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1019442553089783&correlator=2558654351412074&eid=31079660%2C31079525&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fifs&iu_parts=15184186%3A23008567153%2Ccontrolc_sticky_footer&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1%7C300x50%7C320x50%7C468x60%7C728x90%7C970x90%7C300x100%7C320x100&ifi=3&didk=1024367576&sfv=1-0-40&eri=1&sc=0&cookie=ID%3D3d7f079ab8461a1c%3AT%3D1700194348%3ART%3D1700194348%3AS%3DALNI_MY7e6i_1q3Q0n4zqHpE38dwdY6YfA&gpic=UID%3D00000cca31fc2481%3AT%3D1700194348%3ART%3D1700194348%3AS%3DALNI_MY9RpGEqFoCAxkTQahomNunoE98Nw&abxe=1&dt=1700194349188&lmt=1700194349&adxs=631&adys=1150&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&bc=23&nvt=1&url=http%3A%2F%2Fcontrolc.com%2Fc867d83d&vis=1&psz=338x-1&msz=300x-1&fws=512&ohw=0&ga_vid=319769920.1700194346&ga_sid=1700194348&ga_hid=1187920336&ga_fc=true&dlt=1700194344148&idt=3733&prev_scp=fsrefresh%3D0%26fsrebid%3D0%26fs_uuid%3Dd93a2d53-2178-49b2-a25d-24a4e7857ef0%26floors_id%3D640f6c%26floors_hour%3D4%26fs_placementName%3Dcontrolc_sticky_footer%26fs_ad_product%3DstickyFooterVideo%26fsbid%3Dtimeout&cust_params=fs_session_id%3Dfae6f920-17df-4529-a96f-47b11f4e9d75%26fs_pageview_id%3D8a60857bd750e95c2a634f4847f3e706%26user-agent%3DChrome%26floors_user%3D1%26floors_rtt%3D9%26fs_clientservermask%3D220232213233023001122%26fs_testgroup%3Doptimised&adks=78061733&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
cafe /
Resource Hash
fa72b4d4e12d4d99c69067b5228ed6f6cacd4c9ba12255d8b08feb264c487108
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://controlc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:12:30 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12542
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://controlc.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
country
api.btloader.com/ 		16 B
141 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/country
Requested by
Host: freestar-io.videoplayerhub.com
URL: https://freestar-io.videoplayerhub.com/gallery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
39c0495e4b24a50cf3183d811eb53e90364b9ef103a90d0ae4a14823dcb379bf

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://controlc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:12:29 GMT
via
1.1 google
vary
Origin
content-type
application/json
access-control-allow-origin
*
cache-control
private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
hadron.json
id.hadron.ad.gt/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=freestar&partner_id=474&sync=0&domain=controlc.com&url=http://controlc.com/c867d83d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
http://controlc.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin
*
allow
POST, OPTIONS, GET
cache-control
max-age=31536000 public, no-transform
cf-cache-status
DYNAMIC
cf-ray
827522bad9d9374c-MXP
content-length
0
content-type
application/json
date
Fri, 17 Nov 2023 04:12:29 GMT
debug
OPTIONS block
expires
Sat, 16 Nov 2024 04:12:29 GMT
server
cloudflare
hadron.json
id.hadron.ad.gt/v1/ 		106 B
288 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=freestar&partner_id=474&sync=0&domain=controlc.com&url=http://controlc.com/c867d83d
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=http%3A%2F%2Fcontrolc.com%2Fc867d83d&ref=&_it=freestar&partner_id=474&ha=_hadron
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfa649acfcab7a46033aeccb5ca71fa43b3b458ad5c33c6b7819bca854220c51

Request headers

Referer
http://controlc.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 17 Nov 2023 04:12:29 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
private,max-age=30
access-control-allow-credentials
true
debug
NON-OPTIONS
access-control-allow-headers
authorization
cf-ray
827522bbaa0c374c-MXP
css2
fonts.googleapis.com/ Frame 91D3 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com
URL: https://df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f10.1e100.net
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 17 Nov 2023 04:12:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 17 Nov 2023 03:25:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 17 Nov 2023 04:12:29 GMT
widget.js
widgets.outbrain.com/n2d/widget/ Frame 0273 		46 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/n2d/widget/widget.js
Requested by
Host: controlc.com
URL: http://controlc.com/c867d83d
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.17.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-17-67.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
18d8329b2e4b430a4f34b5247ba02ca5378fcdf574eb7ba5f1ef00ac0a705c5a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-request-headers
X-OB-STG,X-OB-PRD
date
Fri, 17 Nov 2023 04:12:29 GMT
content-encoding
gzip
content-length
11833
last-modified
Tue, 22 Aug 2023 10:30:48 GMT
server
AkamaiNetStorage
etag
"6a7ff93f96fd30914785c7c30706bf6a:1692700788.526954"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
expires
Fri, 17 Nov 2023 08:12:29 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 0273 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: controlc.com
URL: http://controlc.com/c867d83d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 14:03:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
50956
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 30 Nov 2023 14:03:13 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 0273 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: controlc.com
URL: http://controlc.com/c867d83d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f1.1e100.net
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 23:16:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
17731
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 30 Nov 2023 23:16:58 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 0273 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: controlc.com
URL: http://controlc.com/c867d83d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f1.1e100.net
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 23:16:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
17731
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 15 Nov 2024 23:16:58 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 0273 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: controlc.com
URL: http://controlc.com/c867d83d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
sffe /
Resource Hash
f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:12:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65395
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700052045412510"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Nov 2023 04:12:29 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 91D3 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com
URL: https://df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f1.1e100.net
Software
cafe /
Resource Hash
25b1b4e9934aa4cb8e8bdf5fd7911f6ec67acde6b6b39f1561aec2244f7826af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 03:59:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
776
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8781
x-xss-protection
0
server
cafe
etag
9666818975682992898
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 01 Dec 2023 03:59:33 GMT
rules-p-UeXruRVtZz7w6.js
rules.quantcount.com/
Redirect Chain
  • http://rules.quantcount.com/rules-p-UeXruRVtZz7w6.js
  • https://rules.quantcount.com/rules-p-UeXruRVtZz7w6.js
2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-UeXruRVtZz7w6.js
Protocol
H2
Server
18.66.97.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-81.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a7b5f5f96f81dea4efc53e1d4dae8b37c28bec27a45b42ccf604ee759e20caec

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://controlc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 03:24:32 GMT
content-encoding
gzip
via
1.1 cb4c4a25e4ef534686959996782c8476.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
2885
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Thu, 07 Dec 2017 17:06:25 GMT
server
AmazonS3
etag
W/"cbc97d16c77ea1fcbbf42d246001e982"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-id
clYUd4XulWsBs7OzGX6gmdkP-azDAhVpN7nx7d5K_jy5Q5xnqQWR7A==

Redirect headers

Date
Fri, 17 Nov 2023 04:12:29 GMT
Via
1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
Server
CloudFront
X-Amz-Cf-Pop
FRA56-P2
X-Cache
Redirect from cloudfront
Content-Type
text/html
Location
https://rules.quantcount.com/rules-p-UeXruRVtZz7w6.js
Connection
keep-alive
Content-Length
167
X-Amz-Cf-Id
cZTEFIuQPB6SLA6_9wAqTzhsM4IKnvYP1HnvFRr1bS8digbRzz-pXA==
pv
api.btloader.com/ 		0
66 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/pv?tid=nTQHy694&w=6208846342651904&o=5714937848528896&cv=2.1.23-7-g7ca04d5&r=false&vr=1600x1200&pageURL=http%3A%2F%2Fcontrolc.com%2Fc867d83d&sid=BAONplI7oZ&pm=true&upapi=true
Requested by
Host: freestar-io.videoplayerhub.com
URL: https://freestar-io.videoplayerhub.com/gallery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://controlc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 17 Nov 2023 04:12:29 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
creative__300x600_previous_gen_widget.css
widgets.outbrain.com/n2d/widget/100063/customCss/LEGACY/ Frame 0273 		482 B
810 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/n2d/widget/100063/customCss/LEGACY/creative__300x600_previous_gen_widget.css
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/n2d/widget/widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.17.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-17-67.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a7d95017fa2379a4bf437aff9c95977004ffa0f3f4ab9544a685afa3120a0e6b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Fri, 17 Nov 2023 08:12:29 GMT
date
Fri, 17 Nov 2023 04:12:29 GMT
last-modified
Tue, 22 Aug 2023 10:30:49 GMT
server
AkamaiNetStorage
etag
"9d8b870db69e4f578fee693ff233fc33:1692700772.366871"
access-control-allow-methods
GET,POST
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
482
access-control-request-headers
X-OB-STG,X-OB-PRD
achoice.svg
widgets.outbrain.com/images/widgetIcons/ Frame 0273 		990 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com
URL: https://df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.17.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-17-67.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sun, 17 Dec 2023 04:12:29 GMT
date
Fri, 17 Nov 2023 04:12:29 GMT
last-modified
Tue, 10 Jan 2023 16:40:08 GMT
server
AkamaiNetStorage
etag
"5ab8e16b5f46213840bcd403e349419c:1673369393.880194"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
990
access-control-request-headers
X-OB-STG,X-OB-PRD
/
b1t-eudc1.zemanta.com/t/imp/impression/NLTMS4XBWBNPEYOAMXG23JHNRUL6CSSOZ5DKO3UIVKRSCTAACPVBFS7ASR6R5XMV3CBQI3R4Q6IXVFR4QFIFQGSEDDRULDIDE2OSBCNGZC3SKX5WXIOFLW467J6ANS4LUKCETYCUFKMFKBAIX56NNXVTSZ6HOV... Frame 0273 		26 B
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1t-eudc1.zemanta.com/t/imp/impression/NLTMS4XBWBNPEYOAMXG23JHNRUL6CSSOZ5DKO3UIVKRSCTAACPVBFS7ASR6R5XMV3CBQI3R4Q6IXVFR4QFIFQGSEDDRULDIDE2OSBCNGZC3SKX5WXIOFLW467J6ANS4LUKCETYCUFKMFKBAIX56NNXVTSZ6HOVWAHYFITV5I5U3JAXEES3NLBY2HE725AVQK7RDHTFPBY7FXG7MM3YVWNOMZYKYYAEX7BFGLSTJ6QZG37HQY45QWA4WDHU2GYBQPUCWI2B7HT7X5VS54K2R3CL5TGQAP7FGOL32V3UMNVK7RFMP2SCLEFA2R5WBLH4ANWRJXJJD7AOLNY6GN3PDW7IHCJ5UB5BKW55XIKRQ/?
Requested by
Host: df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com
URL: https://df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.227.153.223 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 17 Nov 2023 04:12:29 GMT
Connection
keep-alive
Content-Length
26
Content-Type
image/gif
474
a.ad.gt/api/v1/u/matches/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/u/matches/474?_it=prebid
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=http%3A%2F%2Fcontrolc.com%2Fc867d83d&ref=&_it=freestar&partner_id=474&ha=_hadron
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.4.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aec0abde4c303d54a2c9bb8ca14ace3138a8d6346ba11ceb09da425ddf673946

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://controlc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:12:30 GMT
content-encoding
gzip
cf-cache-status
EXPIRED
last-modified
Fri, 17 Nov 2023 04:06:23 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cross-origin-resource-policy
cross-origin
cf-ray
827522bfb81fbae2-MXP
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 89B5 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://controlc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
52175
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 16 Nov 2023 13:42:54 GMT
expires
Fri, 15 Nov 2024 13:42:54 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 4F0C 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f4.1e100.net
Software
GSE /
Resource Hash
121307a83e1baa63996c3b15c72c6960b2f35ddefebf6c4043788a2c4f670743
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-MpbCSI-GUMrQlofD3L75Fw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://controlc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-MpbCSI-GUMrQlofD3L75Fw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 04:12:30 GMT
expires
Fri, 17 Nov 2023 04:12:30 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
setuid
s2s.t13.io/
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&redirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dmedianet%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%2...
  • https://s2s.t13.io/setuid?bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=i&uid=0000EEA
86 B
115 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2s.t13.io/setuid?bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=i&uid=0000EEA
Protocol
H3
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://controlc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:30 GMT
content-encoding
gzip
via
1.1 google
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Fri, 17 Nov 2023 04:12:30 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
location
https://s2s.t13.io/setuid?bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=i&uid=0000EEA
content-type
text/html
cache-control
max-age=0, no-cache, no-store
content-length
154
x-mnet-hl2
E
expires
Fri, 17 Nov 2023 04:12:30 GMT
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 89B5 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 09:57:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
65710
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 15 Nov 2024 09:57:20 GMT
setuid
s2s.t13.io/ Frame 8C29 		0
244 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2s.t13.io/setuid?bidder=sovrn&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=b&uid=Hq18uTZH7hLogYVXROyUCxgB&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&dnr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:29 GMT
via
1.1 google
content-type
text/html
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0
merge
ce.lijit.com/ Frame 8C29
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=83&3pid=LP23TFKZ-1F-2JRM&gdpr=0
43 B
885 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=83&3pid=LP23TFKZ-1F-2JRM&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&dnr=1
Protocol
HTTP/1.1
Server
216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Nov 2023 04:12:30 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap6ams1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ce.lijit.com/merge?pid=83&3pid=LP23TFKZ-1F-2JRM&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Expires
0
sync
t.adx.opera.com/pub/ Frame 8C29 		0
418 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.adx.opera.com/pub/sync?pubid=pub10014056052800&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&dnr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS
n-sysadmin-jumpbox-03.feednews.opera.technology
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:30 GMT
server
Tengine
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
merge
ce.lijit.com/ Frame 8C29
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=&tc=1
  • https://ce.lijit.com/merge?pid=86&3pid=ULvzg6dxdpm5jGsoqb4hRA0d8WqCco-6wuF269C1IyA&pi=sovrn&gdpr=0&gdpr_consent=&tc=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=86&3pid=ULvzg6dxdpm5jGsoqb4hRA0d8WqCco-6wuF269C1IyA&pi=sovrn&gdpr=0&gdpr_consent=&tc=1
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&dnr=1
Protocol
HTTP/1.1
Server
216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Nov 2023 04:12:30 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap6ams1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=86&3pid=ULvzg6dxdpm5jGsoqb4hRA0d8WqCco-6wuF269C1IyA&pi=sovrn&gdpr=0&gdpr_consent=&tc=1
pragma
no-cache
date
Fri, 17 Nov 2023 04:12:30 GMT, Fri, 17 Nov 2023 04:12:30 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
iu3
aax-eu.amazon-adsystem.com/s/ Frame 8C29
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/x/ae12848777b41970a5f2?gdpr=0&gdpr_consent=
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=0&gdpr_consent=&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&dnr=1
Protocol
HTTP/1.1
Server
52.94.222.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Fri, 17 Nov 2023 04:12:30 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
4G16CCM7MA5RD0KEMENM
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=0&gdpr_consent=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame 8C29
Redirect Chain
  • https://cms.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=CAq8oVsHu_MTXO3xBwmkoAgI66MTDO-mDgmQSgXb
43 B
909 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=CAq8oVsHu_MTXO3xBwmkoAgI66MTDO-mDgmQSgXb
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&dnr=1
Protocol
HTTP/1.1
Server
216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Nov 2023 04:12:30 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap6ams1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:29 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=CAq8oVsHu_MTXO3xBwmkoAgI66MTDO-mDgmQSgXb
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8C29
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=SHExOHVUWkg3aExvZ1lWWFJPeVVDeGdC&gdpr=0
170 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=SHExOHVUWkg3aExvZ1lWWFJPeVVDeGdC&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&dnr=1
Protocol
H2
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Fri, 17 Nov 2023 04:12:29 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=SHExOHVUWkg3aExvZ1lWWFJPeVVDeGdC&gdpr=0
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2sea1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
merge
ce.lijit.com/ Frame 8C29
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent=
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=87&3pid=031db250-f8fe-4eaf-828e-073140af5da2
0
1012 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=87&3pid=031db250-f8fe-4eaf-828e-073140af5da2
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&dnr=1
Protocol
HTTP/1.1
Server
216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Expires
Fri, 20 Mar 2009 00:00:00 GMT
Pragma
no-cache
Date
Fri, 17 Nov 2023 04:12:30 GMT
X-MERGE
GDPR Optout true
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap6ams1
P3P
CP="CUR ADM OUR NOR STA NID"

Redirect headers

Location
//ce.lijit.com/merge?pid=87&3pid=031db250-f8fe-4eaf-828e-073140af5da2
Date
Fri, 17 Nov 2023 04:12:30 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
merge
ce.lijit.com/ Frame 8C29
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=80&3pid=LP23TFKZ-1F-2JRM&gdpr=0
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=80&3pid=LP23TFKZ-1F-2JRM&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&dnr=1
Protocol
HTTP/1.1
Server
216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Nov 2023 04:12:30 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap6ams1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ce.lijit.com/merge?pid=80&3pid=LP23TFKZ-1F-2JRM&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
03d4828e33e22cf7b4098c5a68746480
Expires
0
merge
ce.lijit.com/ Frame 8C29
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=49&3pid=wRap5GlMEgyp&ev=1&pid=558511&gdpr_consent=&gdpr=0
43 B
881 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=49&3pid=wRap5GlMEgyp&ev=1&pid=558511&gdpr_consent=&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&dnr=1
Protocol
HTTP/1.1
Server
216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Nov 2023 04:12:30 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap6ams1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-CH
location
https://ce.lijit.com/merge?pid=49&3pid=wRap5GlMEgyp&ev=1&pid=558511&gdpr_consent=&gdpr=0
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6b57df6cd5-8s4wd
expires
-1
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3A29 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&dnr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://ce.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=104866
content-encoding
gzip
content-length
5622
content-type
text/html
date
Fri, 17 Nov 2023 04:12:30 GMT
expires
Sat, 18 Nov 2023 09:20:16 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
view.php
controlc.com/api/tinypaste/ 		15 B
683 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://controlc.com/api/tinypaste/view.php
Requested by
Host: controlc.com
URL: http://controlc.com/public/js/jquery.js
Protocol
HTTP/1.1
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.5.38
Resource Hash
cfa02cf94e6d7b28d9344315fe1392783fe7df4ae4dbb0ca573b5c1f8b69ebc0

Request headers

Accept
*/*
Referer
http://controlc.com/c867d83d
X-Requested-With
XMLHttpRequest
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Fri, 17 Nov 2023 04:12:30 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
X-Powered-By
PHP/5.5.38
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zy7u60eprKkYlZ05uQjrOKRjwiTOCEciKLtonVZnHDehUuNnJ2GFPhmdvwpjZIFiPH9AWllMbtbgKIyE5iol5Oxjy9XvRL6luNflqNNhfsmUj%2Bc%2FfErnvJ48fMVww2U%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/html
Vary
Accept-Encoding
Connection
keep-alive
CF-RAY
827522c09be25242-MXP
alt-svc
h3=":443"; ma=86400
view
securepubads.g.doubleclick.net/pcs/ Frame F78D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuh9LUoAwbdqCqI5RBZVta6B6MsgtECfO7fD6lovJD0ttbuIANkAo-m3y-mBA1WeLbulgosXKFhksmuaiAfoosu9GLEVzX7pegzqKNppbxys4w8EW6Mx6SOAn4OlT4oqa1bINQI5XRIe3Mef-onVWhnxstHFDFDlTBzxMhtu2VaVoI_YlQFS9bwfpDsFFd48F4oMp9BxdAVYyT3XJztcIPgiFJlHoKL_AtDzcFRywsiITYuQZrj4PcyFya-OoMzcrLnyv9Dth4kOaNkkOR4aM93kFDK_e-vdROK0HjxHygueOpMEM4N6vWa-pcjxEwAZu5TCP0lroAUl80mqCQR7NXT7nvmtm99WII2ecBJ_Jjq5rHYxw&sai=AMfl-YSscwKxC2VTlIfJ8xkmFENOCsJgt30Ws7AxTTz8yo8rgZRrZq3tsPlgjZ5OPb3IaW0ZOHgemBDcvLKkBLYpxz3vB1nJ5fYnUpYgpKWxa_zGTD0YLG1DSo3QkiGqGA&sig=Cg0ArKJSzKBwGNeFjGiwEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: controlc.com
URL: http://controlc.com/c867d83d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://controlc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:12:30 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
prebid-universal-creative.js
a.pub.network/core/ Frame F78D 		28 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/core/prebid-universal-creative.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.21.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d59600c71819efd9513ea48d57eb86572a2c6f2a71020c00b5cee27c46766cd

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://controlc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:12:30 GMT
content-encoding
gzip
cf-cache-status
HIT
age
21964
x-guploader-uploadid
ABPtcPqMqdUDlQ-VqJWlErKPWeAsaiaBCorLI8jJft65M6-SxNxB975z2bPWDP1q8TWqqIB9C77WbdBJ8l5jhKCg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
last-modified
Wed, 24 Aug 2022 14:40:55 GMT
server
cloudflare
etag
W/"da99e137f36f9c7c7241641a2ed29609"
vary
Accept-Encoding
x-goog-generation
1661352054877845
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=ttmkPQ==, md5=2pnhN/NvnHxyQWQaLtKWCQ==
content-language
en
access-control-expose-headers
*
cache-control
public, max-age=86400
x-goog-stored-content-length
29146
cf-ray
827522c0cc9c23af-ZRH
expires
Sat, 18 Nov 2023 04:12:30 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame F78D 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
sffe /
Resource Hash
f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://controlc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:12:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65395
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700052045412510"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Nov 2023 04:12:30 GMT
fslogo-green.svg
a.pub.network/core/imgs/ 		1 KB
864 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.pub.network/core/imgs/fslogo-green.svg
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/5.19.15/pubfig.engine.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.21.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecc20ed3c5dedbe5bbe73d1e7b14270c65a85f7d0ec4c94c4f0c9f0071e471a2

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://controlc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:12:30 GMT
content-encoding
gzip
cf-cache-status
HIT
age
356
x-guploader-uploadid
ABPtcPrwF86BzaxxGG0LTZIpHgxJJjAC2gtssa1k9tYDA6OUCUZT7GBknQiEikSVDsybseuNSSb5oA7gEw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
last-modified
Tue, 08 Sep 2020 17:04:37 GMT
server
cloudflare
etag
W/"326d6cbd977657e1205bd616d1f2faca"
vary
Accept-Encoding
x-goog-generation
1599584677716817
content-type
image/svg+xml
access-control-allow-origin
*
x-goog-hash
crc32c=Jh+rSg==, md5=Mm1svZd2V+EgW9YW0fL6yg==
access-control-expose-headers
*
cache-control
public, max-age=3600
x-goog-stored-content-length
1193
cf-ray
827522c0dcb823af-ZRH
expires
Fri, 17 Nov 2023 05:12:30 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 3A29 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=25307959&p=156212&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
abac43600ec218d8281b6c268da1f2e16b9276213b8cfce0780647ecced00605

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Fri, 17 Nov 2023 04:12:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
container.html
df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0D6C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://controlc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 04:12:28 GMT
expires
Sat, 16 Nov 2024 04:12:28 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sync
eb2.3lift.com/ Frame 419F
Redirect Chain
  • https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26...
  • https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26...
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
f469a9b49fdb41ab7ee8e91664480df04ad47c98e3364760647d7b080622bd3c

Request headers

Referer
http://controlc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1482
content-type
text/html; charset=utf-8
date
Fri, 17 Nov 2023 04:12:30 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Fri, 17 Nov 2023 04:12:30 GMT
location
/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
googleads.g.doubleclick.net/xbbe/ Frame BE18 		281 B
170 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLvJWxDB5IUBGPO6uPkBMAE&v=APEucNUInmTJZimVZisUCgFJlYhhdsf5zmWPDHdEyu1_hpkfwHUhcHoC39Ck7XbO_Pb5lRpJ1xPFRPWLixpOngel6aXjb1zZeAbPHcNVNMQmINpsvGNHiLY
Requested by
Host: controlc.com
URL: http://controlc.com/c867d83d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
a0f95dcad4811c2b85289326687f5e63764a1a24b5f8bd2d4ad59da3858f7992
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://controlc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
104
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 04:12:30 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame F78D 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: controlc.com
URL: http://controlc.com/c867d83d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://controlc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:12:30 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Fri, 17 Nov 2023 04:12:30 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F78D 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CJuR93nSFq7FHW9D4Orbk0YJsHtJC-DAAq4zXswBy5MRWHMJ5DWAE2SWa4OsBzlZTZWDp4OWfSUNwBCg_LMevZeQ8hG8HAm6m_9EdxWp_BoWjxQCs
Requested by
Host: controlc.com
URL: http://controlc.com/c867d83d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://controlc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F78D 		0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=3261320598423061480&x=38&ct=76
Requested by
Host: controlc.com
URL: http://controlc.com/c867d83d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://controlc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
x.bidswitch.net/ Frame F78D
Redirect Chain
  • https://aws-fr-sync.bidswitch.net/sync?ssp=themediagrid&dsp_id=16&imp=1
  • https://aws-fr-sync.bidswitch.net/ul_cb/sync?ssp=themediagrid&dsp_id=16&imp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=themediagrid&bsw_param=618a9eb3-5ba8-4691-8c50-55dd42f94a36&google_hm=NjE4YTllYjMtNWJhOC00NjkxLThjNTAtNTVkZDQyZjk...
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEC5gCgkWzI0wpBqtp6EPdgM&google_cver=1&ssp=themediagrid&bsw_param=618a9eb3-5ba8-4691-8c50-55dd42f94a36
43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEC5gCgkWzI0wpBqtp6EPdgM&google_cver=1&ssp=themediagrid&bsw_param=618a9eb3-5ba8-4691-8c50-55dd42f94a36
Requested by
Host: controlc.com
URL: http://controlc.com/c867d83d
Protocol
H2
Server
18.195.61.190 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-61-190.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://controlc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:12:31 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:30 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEC5gCgkWzI0wpBqtp6EPdgM&google_cver=1&ssp=themediagrid&bsw_param=618a9eb3-5ba8-4691-8c50-55dd42f94a36
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
365
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
https_A_B_Bghent-aws-fr.bidswitch.net_Bimp__s2s_B_I_WAUCTION__PRICE_X_BBSWhttps__A__B__Badx.g.doubleclick.net__Bpagead__Badview__Cai__RCB3DALOhWZbyaMYLSzQaD____5CQCbvHnb1z____Kj4gfYRkS8QASCD____eYf...
media.grid.bidswitch.net/imp/LKf1cbIIyIjWw3Wwj2JvmQCxZtyv9uHJCKJC7jC8SOwNX7F3NRuWQEzF8qbprwW_rn5_rubWnOJo5O2x4RxazB-5oNJOFPataLwwY-aLquAfh85TXd1lMrAMOhNbD4Nt7Nxd_xlPzakVbvkQDvIvqItlztSesuyWEClf4dz3... Frame F78D 		43 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.grid.bidswitch.net/imp/LKf1cbIIyIjWw3Wwj2JvmQCxZtyv9uHJCKJC7jC8SOwNX7F3NRuWQEzF8qbprwW_rn5_rubWnOJo5O2x4RxazB-5oNJOFPataLwwY-aLquAfh85TXd1lMrAMOhNbD4Nt7Nxd_xlPzakVbvkQDvIvqItlztSesuyWEClf4dz33Z-minY7epjS4q0jNuZyWLNJBQ_lS6M1ytETeRoL4c74RyhzupUwky8zsLmI6a9z2uDzbSiiaQkGGKuAkOiZUdds9L-zFV713BCkvG0uOlry1F12QA3l5FTccxbpe25HgL3Fi8jcgZe8UC9egjFsDw-Flq6sBCg-foq5Q25QP0HeafKpz3-mr5kZJSHZLFahF4G5-yoB48eVe0kDi61xnw/billingbTpC8KnKEHnmhHWzpYRf2HrHQKRykGiQA_sSboIx6YlxAIyR0w/https_A_B_Bghent-aws-fr.bidswitch.net_Bimp__s2s_B_I_WAUCTION__PRICE_X_BBSWhttps__A__B__Badx.g.doubleclick.net__Bpagead__Badview__Cai__RCB3DALOhWZbyaMYLSzQaD____5CQCbvHnb1z____Kj4gfYRkS8QASCD____eYfYPWFgIDgBKABgqmxiQPIAQmpAh____RlqA54rI-qAMByAObBKoE____gFP0K7zHc1FeOWEAUxyYefUlbuZNVktIQ____aN0oMOa09DU9sUl3yJyauqT9tC5J5HA6CzLEZdBCcyvtNdupyQEvcgSf3ATuAIybORy3CHR-qGTZL27PBzwmgmxVpJ7UuPOgFXxspdMjLr1kUVH8XUXPxaz7rx09CpolEDGcdR8nXrQbO____zFc4e4o5zI42oHEryKs4Dsftqba4XP9adqmy3ETjHsEi9BvSEXOX5XOt1j2orqZezbkFnjaG5fLrh8S3R4KZfH0wTQ1tCzZ5YwJQikU5e7u7AOLy9ngB8RMkM28T1w-Lg6x1l92l2-M33u1rx____odhjKwdkpi0ks1UefXsAEz8K10MAE4AQDiAWxtu7yTJIFBggDEAEYAZIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGTIAH5tbOdqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB____6esQKoB9XJG6gHpr4b2AcA8gcKEKXrCRjzurj5AdIIFAiAYRABGF8yAooCOgKAQEi9____cE68ggaYmlkZGVyLXRoZW1lZGlhZ3JpZF9lYmQzN2WACgTICwGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQLaDBAKChCggr____ihd____I6GQSAgEDsBPIxKwVyBOUm-7jA9gTCogUBNgUAdAVAYAXAbIXCAoGCAASABgA6BcB__Jsigh__RDSPSGXkfIJ8__Juach____m__R__EUACH__F__Jase__R2__Jnis__R4__Jpr__R38__A__I__WAUCTION____PRICE__X__Jcid__RCAQSMgDICaaN5QZT62Qe17x____vNBP053oJuCct3Vag____NjD-GJNiKDSTvCe1HLRW-SvyYV7kuZGAE_Bpz4qgJ8XuSXVLIBtWElZcsR57Zpr9suBO5q78I8h0RZRO787MVxS8zd01Fo9IVU0__cspJCG3C-5yBgl7GpL3__gK8niE286AhQ6h7WvsFmCEpLDeJAa1orKpveEUGZYP0cf4cTaVAZfeEm1LFLvoaBfTCnFdVfa0EyTjs8fS3tOD7wVJS2uMV48iZm-5LIPkHmetZF8YqcCR54ZU9PFPKLNRBAZP__8jOW0PMGgQWQ3a8aH1K8KFT7RLMdtPtvuZn6t7ixnVUoQEdn6QB0prTeX9i21v8i0PCNopj8cXBEYMvS4mzc__om1drzavJjWFE9w5amkqxuqi5nxNC24f4uKl64lJ__n6UcBCx16m8XKrfziqzNtR3w8D5MAQUH9gyw4USAsiZ2Zx5vGaXgHD9J16fHaRFDuMSWKn94-4fn6GNmWNT92Byk41zkxQcfDybbeY3LrDVnU1LgBig7Ytqt6pUGM5uXxFGBAzBt-M3zKWegNKqhxjBu__gauNnzo8OVH9SpJRFJOO__bx3EZOTlttgBvaZbsaw2LPXxRZ2DOB6-sVOd8st8F8CIflvR96gNyQVnowQ80Is2JCz9MxW--zFczmiC6nhBIiqWJBAPcWy57RmJXNzpFyn0EiqFc4BiLkd1TgBrkwFND0KWxU2bdNwDNHGEXzWJDwet2rMuUFMGneVOR85pED3bHxp-wL__1dD9SbccWNWMisIVhC-jXIK7JnYhGfqB1rTIi2slMmcROcTlViVacG4uZBnYFdI75NmwS-fDvsLtFXZfmue3UnVIZiZdEk4i5KLUSxkLR7wy7dAIH3NZz7PaLrbdD-wLJRXNUjvsn3IEV7nZVnOrjSdw2CF-L8OdewFCwoH-QD9aGRyf4KQVkNkge7ej65dficRKGp1xrEhmPj5t7Rc822b6UsNSOpZz0XFbaU230MKvELbToVNhpD9UdW6zmhFGGgrX2ngYrcNnEAArsywXbPIZ8Ni5ZKmaNUydadj1MQ8FDRraZTfTBLRhxT0GDrf9haxi64QgD5rFSnb3AyFRVC1WrhhV1__PnDqJ1K7NLEykDcZI0re7NC4Jg1WmOM7hpXDMvK0lCIZae4bKcpeBMK7JBPmwa5TF2o2UlkV1e-pK6zIr5xIXnIgM5Lw6hu7i9M33Pqqu-FL1QgpifIwZEExsjvIug_B
Requested by
Host: controlc.com
URL: http://controlc.com/c867d83d
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.192.135.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-192-135-64.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://controlc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 17 Nov 2023 04:12:30 GMT
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
43
Content-Type
image/gif
cookie-overlap
grid-mercury.criteo.com/notifications/ Frame F78D 		0
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://grid-mercury.criteo.com/notifications/cookie-overlap?publisher_domain=controlc.com&bid_id=e93eb3ef-d4e7-41ce-adcb-20a4553101e9&ads_txt_id=6VZ9I7&has_bsw_id=0&bid_price_usd=0.146601
Requested by
Host: controlc.com
URL: http://controlc.com/c867d83d
Protocol
HTTP/1.1
Server
178.250.1.39 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://controlc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:12:29 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Kestrel
pixel
protected-by.clarium.io/ Frame F78D 		68 B
244 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_cWFLdHh1TDFLUl8yVGZtejBObVBhQXVkc0JjL2dyaWQ6MzAweDI1MA==&v=5&s=v31hfdnlt89&id=eyJwcmViaWQiOnsiYWRJZCI6IjYyM2JjNTUzYWY3NDY1YyIsImNwbSI6MC4xNDUxMzQ5OSwicyI6ImNvbnRyb2xjX2JpbGxib2FyZF9hdGYiLCJzcmMiOiJjbGllbnQifSwidHBfY3JpZCI6IlBCOmdyaWQ7MzY3NTI4IiwiYWRvbWFpbiI6InZpc2FuYS5jaCJ9&cb=7214258&h=controlc.com&d=eyJ3aCI6ImNXRkxkSGgxVERGTFVsOHlWR1p0ZWpCT2JWQmhRWFZrYzBKakwyZHlhV1E2TXpBd2VESTFNQT09Iiwid2QiOnsiayI6eyJoYl9iaWRkZXIiOlsiZ3JpZCJdLCJoYl9zaXplIjpbIjMwMHgyNTAiXX19LCJ3ciI6MH0=
Requested by
Host: controlc.com
URL: http://controlc.com/c867d83d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
16.171.99.149 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-16-171-99-149.eu-north-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://controlc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Fri, 17 Nov 2023 04:12:30 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.18.0 (Ubuntu)
expires
Sat, 26 Jul 1997 05:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 4F0C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311090101&jk=1019442553089783&rc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
pixel
googleads.g.doubleclick.net/xbbe/ Frame FE36 		478 B
531 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjDvYjGATAB&v=APEucNUTPYN3xKEJ8UXokgTn-vAyFUichf5umopHA4tnMJgEUDVVp4kS-VwPHmyiCJw7pUmP0uZbldQGJ4HfNboz5SRoKirgtQ
Requested by
Host: df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com
URL: https://df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
175
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 04:12:30 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 0D6C 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com
URL: https://df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:12:30 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Fri, 17 Nov 2023 04:12:30 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0D6C 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CC9_Yu3IrtN8Y0z7PFRq9nhcNDibcOga0km9huILVjW425QEf4UrK1t0VlTyTnsbKlPYJ5dXYl_0IF3Qcyh5tOGvHZtumUR_PoUIJWVJBeoi-COBg
Requested by
Host: df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com
URL: https://df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0D6C 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=10064233596252742608&x=1&ct=77
Requested by
Host: df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com
URL: https://df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 0D6C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com
URL: https://df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 14:03:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
50957
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 30 Nov 2023 14:03:13 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 0D6C 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com
URL: https://df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f1.1e100.net
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 23:16:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
17732
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 30 Nov 2023 23:16:58 GMT
l
www.google.com/ads/measurement/ Frame 0D6C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQRJA9UW4mWy3dvI_h6YSMDRQausoC_Cg_K9xQXiCWoICLE1RyyCynz2F5kPVGyZEUrL5JDAx0Oa0pA3iKSJxakOZKJVQ
Requested by
Host: df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com
URL: https://df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 0D6C 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com
URL: https://df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
sffe /
Resource Hash
f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:12:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65395
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700052045412510"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Nov 2023 04:12:30 GMT
pixel;r=1104202062;rf=0;a=p-UeXruRVtZz7w6;url=http%3A%2F%2Fcontrolc.com%2Fc867d83d;uht=2;fpan=1;fpa=P0-1578183487-1700194349311;pbc=;ns=0;ce=1;qjs=1;qv=6076e8c2-20231114150359;cm=;gdpr=0;ref=;d=con...
pixel.quantserve.com/ 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1104202062;rf=0;a=p-UeXruRVtZz7w6;url=http%3A%2F%2Fcontrolc.com%2Fc867d83d;uht=2;fpan=1;fpa=P0-1578183487-1700194349311;pbc=;ns=0;ce=1;qjs=1;qv=6076e8c2-20231114150359;cm=;gdpr=0;ref=;d=controlc.com;dst=1;et=1700194350461;tzo=-60;ogl=type.website%2Cimage.https%3A%2F%2Fcontrolc%252Ecom%2Fopengraph%252Epng;ses=60fafaa6-5aff-4ed6-b9a9-472b70c9a13b;mdl=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.159 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://controlc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 17 Nov 2023 04:12:30 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
355e6c242b3e76c9e642b16527bd840edb645e3102552a8c8b22d5
flutteringfireman.com/ 		2 B
95 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://flutteringfireman.com/355e6c242b3e76c9e642b16527bd840edb645e3102552a8c8b22d5
Requested by
Host: flutteringfireman.com
URL: https://flutteringfireman.com/e1672454692c02f6bebfffccbd445f8adb9e83.index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.110.189.112 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
112.189.110.34.bc.googleusercontent.com
Software
/
Resource Hash
4355a46b19d348dc2f57c046f8ef63d4538ebb936000f3c9ee954a27460dd865
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
http://controlc.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Fri, 17 Nov 2023 04:12:30 GMT
via
1.1 google
x-buildnumber
1072352451
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
x-datacenter
gce-europe-west1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
http://controlc.com
x-hostname
fen-hoothoot-europe-west1-spot-t7vj
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Fri, 17 Nov 2023 04:12:29 GMT
img
sync.mathtag.com/sync/ Frame F049 		43 B
443 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 1075 283b7e3 master zrh zrh-pixel-x31 config_version:"1369" /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 17 Nov 2023 04:12:30 GMT
Expires
Fri, 17 Nov 2023 04:12:29 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 1075 283b7e3 master zrh zrh-pixel-x31 config_version:"1369"
usersync.aspx
dis.criteo.com/dis/ Frame B2F7 		43 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 04:12:30 GMT
expires
Fri, 17 Nov 2023 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
242717
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame AD5C 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=0D6E816A-664C-47F1-814A-17779A42A949&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.222.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 17 Nov 2023 04:12:31 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
GQP5JTM6Q246GS6265W4
Pug
image2.pubmatic.com/AdServer/ Frame 2868
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=XEwvkQ9BKMNHGn7BU083kFxOeJNHSnyWWk_IzKRZ
42 B
426 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=XEwvkQ9BKMNHGn7BU083kFxOeJNHSnyWWk_IzKRZ
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 17 Nov 2023 04:12:31 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Fri, 17 Nov 2023 04:12:30 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=XEwvkQ9BKMNHGn7BU083kFxOeJNHSnyWWk_IzKRZ
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame E745
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6445747934427449614&gdpr=0&gdpr_consent=
42 B
298 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6445747934427449614&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 17 Nov 2023 04:12:31 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
ad14c7fa-2856-409f-a85e-7585c0b68150
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Fri, 17 Nov 2023 04:12:30 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6445747934427449614&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
62.202.181.36; 62.202.181.36; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame 15AD
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7302279134389139599&gdpr=0&gdpr_consent=
42 B
448 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7302279134389139599&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 17 Nov 2023 04:12:29 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Fri, 17 Nov 2023 04:12:31 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7302279134389139599&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Pug
simage2.pubmatic.com/AdServer/ Frame 2FD8
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=hqOB4ZSOXJJ7g5sYTYSGaU3vKkc&gdpr=0&gdpr_consent=
42 B
302 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=hqOB4ZSOXJJ7g5sYTYSGaU3vKkc&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 17 Nov 2023 04:12:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Fri, 17 Nov 2023 04:12:31 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=hqOB4ZSOXJJ7g5sYTYSGaU3vKkc&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame C411
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=618a9eb3-5ba8-4691-8c50-55dd42f94a36&gdpr=0&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=031db250-f8fe-4eaf-828e-073140af5da2&ssp=pubmatic&gdpr=0
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=618a9eb3-5ba8-4691-8c50-55dd42f94a36&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
1 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=618a9eb3-5ba8-4691-8c50-55dd42f94a36&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Fri, 17 Nov 2023 03:49:02 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Fri, 17 Nov 2023 04:12:31 GMT
location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=618a9eb3-5ba8-4691-8c50-55dd42f94a36&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Pug
image2.pubmatic.com/AdServer/ Frame B56E
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCdFNFN0tyZEFBQUJVOGNNNm04dw&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?ev=AABtSE7KrdAAABU8cM6m8w&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_par...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AABtSE7KrdAAABU8cM6m8w&pid=558502&do=add&gdpr=0
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AABtSE7KrdAAABU8cM6m8w&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%2...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=6168569590249815123&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABtSE7KrdAAABU8cM6m8w&gdpr=0&gdpr_consent=
42 B
278 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABtSE7KrdAAABU8cM6m8w&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 17 Nov 2023 04:12:32 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Fri, 17 Nov 2023 04:12:32 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABtSE7KrdAAABU8cM6m8w&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame CAD0
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUb95334c93fbf4649b8c05728128875c9
42 B
280 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUb95334c93fbf4649b8c05728128875c9
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 17 Nov 2023 04:12:31 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
166
content-type
text/html; charset=utf-8
date
Fri, 17 Nov 2023 04:12:30 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUb95334c93fbf4649b8c05728128875c9
pragma
no-cache
server
Tengine
Pug
simage2.pubmatic.com/AdServer/ Frame D8A5
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 17 Nov 2023 04:12:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Fri, 17 Nov 2023 04:12:31 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame B36D
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...
85 B
236 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZVboLwAAOeqJBQBU
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Fri, 17 Nov 2023 04:12:31 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-ams21026-AMS
x-timer
S1700194351.318167,VS0,VE83

Redirect headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
0
date
Fri, 17 Nov 2023 04:12:31 GMT
location
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZVboLwAAOeqJBQBU
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-ams21026-AMS
x-timer
S1700194351.066573,VS0,VE82
bridge
cm.adgrx.com/ Frame 506E 		43 B
283 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.206 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
43
content-type
image/gif
date
Fri, 17 Nov 2023 04:12:31 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
ams-delivery-4
Pug
simage2.pubmatic.com/AdServer/ Frame 887D
Redirect Chain
  • https://b1sync.zemanta.com/usersync/pubmatic/?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0
42 B
211 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 17 Nov 2023 04:12:29 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Content-Length
176
Content-Type
text/html; charset=utf-8
Date
Fri, 17 Nov 2023 04:12:31 GMT
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0
Pragma
no-cache
Pug
image2.pubmatic.com/AdServer/ Frame 10B9
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5134455422232211553
42 B
194 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5134455422232211553
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 17 Nov 2023 04:12:31 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Fri, 17 Nov 2023 04:12:31 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5134455422232211553
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
Pug
image2.pubmatic.com/AdServer/ Frame 1F05
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6377349369375825056
42 B
195 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6377349369375825056
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 17 Nov 2023 04:12:31 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6377349369375825056
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
cm
ipac.ctnsnet.com/int/ Frame B0AE 		43 B
360 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Fri, 17 Nov 2023 04:12:30 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
cookiesync
core.iprom.net/ Frame B16E 		43 B
277 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Fri, 17 Nov 2023 04:12:31 GMT
Vary
Accept-Encoding
X-adserver-worker
erebus-d614ee3609d5@version_1.576
X-core-time
1ms
X-server-arch
v2
pubmatic
ad.mrtnsvr.com/sync/ Frame 0A79 		0
0
merge
ce.lijit.com/ Frame 67D0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=71&3pid=0D6E816A-664C-47F1-814A-17779A42A949
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Fri, 17 Nov 2023 04:12:30 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-MERGE
GDPR Optout true
X-Sovrn-Pod
ad_ap6ams1
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3A29
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=DW6BamZMR_GBShd3mkKpSQ%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:12:31 GMT
content-encoding
gzip
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=104865
accept-ranges
bytes
content-length
5622
expires
Sat, 18 Nov 2023 09:20:16 GMT

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:30 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame 3A29
Redirect Chain
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=0D6E816A-664C-47F1-814A-17779A42A949&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=0D6E816A-664C-47F1-814A-17779A42A949&gdpr=0&gdpr_consent=&ct=y
49 B
544 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=0D6E816A-664C-47F1-814A-17779A42A949&gdpr=0&gdpr_consent=&ct=y
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
34.250.99.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-99-225.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:31 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.5.134
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:31 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=0D6E816A-664C-47F1-814A-17779A42A949&gdpr=0&gdpr_consent=&ct=y
cache-control
no-cache
x-server
10.45.22.136
content-length
0
expires
0
cr
cr.frontend.weborama.fr/ Frame 3A29
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=810828802
0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=810828802
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
34.111.129.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.129.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:30 GMT
via
1.1 google
last-modified
Fri, 17 Nov 2023 04:12:31 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:30 GMT
via
1.1 google
last-modified
Fri, 17 Nov 2023 04:12:31 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=810828802
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
p
a.audrte.com/ Frame 3A29
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=0D6E816A-664C-47F1-814A-17779A42A949
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=Mzkza0o1LS1Gai1RWE92WE9CLXZNd2lIUQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=5391045297437159480&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
52.50.95.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-50-95-14.eu-west-1.compute.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 17 Nov 2023 04:12:32 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Fri, 17 Nov 2023 04:12:31 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame 3A29
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MEQ2RTgxNkEtNjY0Qy00N0YxLTgxNEEtMTc3NzlBNDJBOTQ5&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 17 Nov 2023 04:12:31 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:30 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 3A29
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGErtJIPOdJWYpjfODEQxAA&google_cver=1
42 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGErtJIPOdJWYpjfODEQxAA&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 17 Nov 2023 04:12:31 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:30 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGErtJIPOdJWYpjfODEQxAA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 3A29 		43 B
612 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.74.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:12:31 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Thu, 16 Nov 2023 04:12:31 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 3A29
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5391045297437159480
42 B
322 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5391045297437159480
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 17 Nov 2023 04:12:30 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5391045297437159480
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 3A29 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:12:30 GMT
server
Kestrel
content-length
70
content-type
image/gif
SPug
image4.pubmatic.com/AdServer/ Frame 3A29
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=0D6E816A-664C-47F1-814A-17779A42A949&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=0D6E816A-664C-47F1-814A-17779A42A949&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-iewQjvJE2uWdDRZw8nPDm5sWQZpMrZY-~A&gdpr=0
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-iewQjvJE2uWdDRZw8nPDm5sWQZpMrZY-~A&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:12:29 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-iewQjvJE2uWdDRZw8nPDm5sWQZpMrZY-~A&gdpr=0
date
Fri, 17 Nov 2023 04:12:31 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
0D6E816A-664C-47F1-814A-17779A42A949
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 3A29 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/0D6E816A-664C-47F1-814A-17779A42A949?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.114.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-114-225.eu-west-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:12:31 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
Pug
image2.pubmatic.com/AdServer/ Frame 3A29
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=424f8257-bf4b-47aa-bd06-0cf50d1a948a-6556e82f-4348&gdpr=0&gdpr_consent=
42 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=424f8257-bf4b-47aa-bd06-0cf50d1a948a-6556e82f-4348&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 17 Nov 2023 04:12:31 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:30 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=424f8257-bf4b-47aa-bd06-0cf50d1a948a-6556e82f-4348&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 3A29
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=0D6E816A-664C-47F1-814A-17779A42A949&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=1724224eb72918fd&is_secure=true&networkId=17100&version=1&nuid=0D6E816A-664C-47F1-814A-17779A42A949&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAH2-1_9rTdYQN9elkZAAAAAAA&expiration=1700280751&nuid=0D6E816A-664C-47F1-814A-17779A42A949&...
42 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAH2-1_9rTdYQN9elkZAAAAAAA&expiration=1700280751&nuid=0D6E816A-664C-47F1-814A-17779A42A949&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 17 Nov 2023 04:12:31 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:31 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAH2-1_9rTdYQN9elkZAAAAAAA&expiration=1700280751&nuid=0D6E816A-664C-47F1-814A-17779A42A949&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 3A29
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3659974528374296936&gdpr=0&gdpr_consent=&us_privacy=
1 B
202 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3659974528374296936&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Fri, 17 Nov 2023 04:12:29 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3659974528374296936&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Fri, 17 Nov 2023 04:12:30 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 3A29
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:dfa634a4-55db-4c11-89c5-1cec3e9a3de0&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:dfa634a4-55db-4c11-89c5-1cec3e9a3de0&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 17 Nov 2023 04:12:30 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:dfa634a4-55db-4c11-89c5-1cec3e9a3de0&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Fri, 17 Nov 2023 04:12:31 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
generic
match.adsrvr.org/track/cmf/ Frame 419F 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:12:30 GMT
server
Kestrel
content-length
70
content-type
image/gif
ebda
eb2.3lift.com/ Frame 419F
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzcwMjc2NDE3ODM4MDQyMzc4NzczOQ%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:12:31 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:31 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 419F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEMpM9woxovzRHiyQrdOf3cM&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEMpM9woxovzRHiyQrdOf3cM&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 17 Nov 2023 04:12:31 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:30 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEMpM9woxovzRHiyQrdOf3cM&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 419F
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzcwMjc2NDE3ODM4MDQyMzc4NzczOQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzcwMjc2NDE3ODM4MDQyMzc4NzczOQ%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzcwMjc2NDE3ODM4MDQyMzc4NzczOQ%3D%3D
date
Fri, 17 Nov 2023 04:12:30 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame 419F 		0
649 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=3702764178380423787739&dbredirect=true&gdpr=0&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:12:30 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: F22F5B3C6883426D96B59F5401C76043 Ref B: ZRHEDGE1815 Ref C: 2023-11-17T04:12:31Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYKUVheOi2S/7jQoFzeQw==
xuid
eb2.3lift.com/ Frame 419F
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/3702764178380423787739?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-uO.IsU5E2oRLVKmm9RzGikVxkJoC.rrVPC68ntOVSQ--~A&dongle=0883
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-uO.IsU5E2oRLVKmm9RzGikVxkJoC.rrVPC68ntOVSQ--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:12:31 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

date
Fri, 17 Nov 2023 04:12:31 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-uO.IsU5E2oRLVKmm9RzGikVxkJoC.rrVPC68ntOVSQ--~A&dongle=0883
content-length
0
xuid
eb2.3lift.com/ Frame 419F
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=3702764178380423787739&gdpr=0&gdpr_consent=${GDPR_CONSENT}
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=dec256e1-9d52-4e49-bba6-c7248d7b9d8b&ssp=triplelift
  • https://eb2.3lift.com/xuid?mid=2409&xuid=618a9eb3-5ba8-4691-8c50-55dd42f94a36&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=618a9eb3-5ba8-4691-8c50-55dd42f94a36&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 17 Nov 2023 04:12:32 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
//eb2.3lift.com/xuid?mid=2409&xuid=618a9eb3-5ba8-4691-8c50-55dd42f94a36&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
date
Fri, 17 Nov 2023 04:12:32 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
usersync.aspx
dis.criteo.com/dis/ Frame 419F 		43 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&gdpr=0&gdpr_consent=&us_privacy=&gpp=${GPP_STRING_28}&gpp_sid=&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3D%40%40CRITEO_USERID%40%40%26dongle%3D013b
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:30 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
232255
expires
Fri, 17 Nov 2023 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 419F
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=6445747934427449614&dongle=4d58&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=6445747934427449614&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 17 Nov 2023 04:12:30 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:30 GMT
an-x-request-uuid
5b65f744-d01b-4910-8769-be7aa19f03d5
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://eb2.3lift.com/xuid?mid=3335&xuid=6445747934427449614&dongle=4d58&gdpr=0&gdpr_consent=
x-proxy-origin
62.202.181.36; 62.202.181.36; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ib.adnxs.com/prebid/ Frame 419F 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=0&gdpr_consent=&uid=3702764178380423787739
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:30 GMT
an-x-request-uuid
bc4c9514-cfc9-44d0-a4c1-b7680f987131
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
62.202.181.36; 62.202.181.36; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
s2s.t13.io/ Frame 419F 		0
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2s.t13.io/setuid?bidder=triplelift&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=b&uid=3702764178380423787739
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:30 GMT
via
1.1 google
content-type
text/html
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame F78D 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9789229386991&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://controlc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F78D 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9789229386991&version=m202309260101&ct=76&x=38&cor=3261320598423061500
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://controlc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame F78D 		91 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DhkLVm8ImZaUW9on6k2VDx5xCiV7gDnkaS3NrKCVnKPzF5aqDVn5QDxsgc4-sf4VMCweSAdlsfBLR1dX04aiF633pKXrmIEgnkg_EVx7N8dHQ8oDw0L842NqaGIzd9Dz-8MnVX-KFjGQDcseD-0myJ8-7Xc8rKLepBNz5WAcRlvT4D4GE&dbm_d=AKAmf-D-uiePByXrCYo7oA5eJsNhC4R3b4Ds4j17rhtOLRg8Bt3sOjkfAAJDgvq_iAfZGFhPLhu8CaPlIzZZsl10CvMEV5No_rEQ8i6Hnaz6xMlb5wLk7jKuOtnprxKUDTZbGneqljiAoP4n8l2MTzoSnAJxxpn9Ll7YC4bSwxhQrRHeVidiTZcKox8viLpwz6uQdVtM8Y820s3s4Cg8DeJQKoopfb116th4Q0Io16z9_3ObYeVrzl0PSUzsJEu4KzEcWjhP4YaAurifvUjlVHs7IBDkNj_gbofxSDIeNIDJKyz9bb913gQ2GFbSlkfV5sdxhu0kLwFC7jVOVCSfVdYUgmt4y2-XCKKxgZIKEI5d488xAPKuZI2CEHbvbob71kRmwuOHvrV2Ug9CH8-MQwGdTvfbTTR7JBOyY5QspTWpmLLevCJGaJfO14jL3E8UJCOpJBBGuHt1OprE6V4thdmh_iX1blmtcdtMDErsDhiPA2MNFVxybpsga2_thq2QLgRxonze4je1lMEfp-zIKnaEzjajBkZI32_brgOmChsJ7Zik_9ZpH3_VkGUwGck7aArXAotuSg48I6ydtXa6bejPIwqze4gI5r4HmqR5G9RPJtAup9LLFnPK-ry3BoPCePBQO0mgH5fAqm2S77CCC3jOCyA0fu0eYVFDBFJTrp8GwCFfKYZKSFkz92ragZ6WUUD4lFQs_-_56OiuxYT6ahg84mv7_m_fOjykmyNGFC2dGBf-tuln2Lfj-CHd-QickseqAdgOrhdteLDO3C3Wls4Ky97Akcd3QQR_HE8Yg34XKnILxpc7TClBZgqYJDNbwKjrZuE9yhfdA4-OXPYgu1KPjJSM8Sd8601lB7z0aClJv8RG-e1Hnh7Yhm7p-4ORL94Tm8e__FrT0MhBgPNZICUYzv9ae_hgXDLRfQA4wvTp33vn7fVIdjKDcMoSsKtGGjVJrVk8AvlUZENg3v2KQHd0C-F705SIziZMCvODDX-Ke6NVDaBZddLcpPzlTxzSkQhvbPh7hvlMuEpdMSGvDGbpCLcfkeQpWy_I2onQXv3eUBjZkzdRU0xszTsYOHqTxromrf-aQHRQ9fOzBmJYdLwkTCGZ-d6p2-fb3N43EybAd8Ro8LXmLLrHmrbufKjQ98a7YIpIQOX3HcOQeE_gBqpFSU3XnbRgX4ackRVbz4D1yQ7nJstPckrHPv9WM3Js4G6lNt5VNAjmGlm2fvL0XS5kzZiltE7rphHUxGEl13I9JpAG5py0C1DoSLX98vnOencxMOPWy_B3GM58L4lhQ38qL9dYVnIPY5SVZJT1gjHmIU-Y6YiWtBEIPmcJL4xA1RXiWTWarGEea1mTZy_97ZPehQa2aj2RuyU4BB6iUhGp8SmNHLxnjZXeCWkhcEpV8TdJe3RT7hBnrAE32xo0VEg8Y1_TpTjf50-eMCQ2WDW3IrVPO8RRjKZQq6G3Bym7ERyctNWvhVzmARbWbGvnM97HN9J9XLihom4YRZi5krcKHu656SCYk_62aDGKYonC_5tfKEjkKv582oevWwd3uAjtK2E-7k0Geb5pPdiY6RElRTnqnd-DX-JPoQUtnUfSepbaEmWhRHgmIQR-clFOpBizUYm00hnSGzXopbiSBm7XOBiLwc2dbPQZBPPqdZHzV2CdGyp_WhiQUo1wd9UqCeiBN_ip9aShbFmUdXAkpBhR0PYDIEV4FtnxbIu1W0PkcoU40Zq4pJVLJE668IhEmfWveCxuejC4CXDFmkEvekj85IKiMKmSWYamlF70UJa14n5kw4hqchAnxyXdcIRfh7sDegLBs2sEU3ng8NN0PmhY83ktP7RzCcnfaYilkdDHQdFeQy9I1xEMmkLulrJT9XiGdZbWDnFHYFvpWTgD7mPSyGVl5URMss7RruaegMQ0Vs61pxKhEFGlSic1FtcFYAEq3UFapb5w76XKA0D5qMZkstU75-1IaKzYyARV8on2JN3CBP2JVv33ZlqJIUB11GDS5mDZPXibjKJng8XDDjhpXAcEdMxuZmVqLqvN-sdzoIxU822Lx39-FlMsIj2s6PCWgnGCLxzKf0islXKRAVDKoXHWU9gVAZlrpttceuVH9MXM13QtV0ZmuBgp-aRC4W1FhBFh0GJNXm8qWEjm9gQHvAoBR7QKMB903UaCVWdG8DVGaqlah0I8ATLRBSHGrhqkmqqmB2OgNhSIjFugvGvlg5KEGrlP-saR46m8rIzz5JGIjosOCkz3p2iAPpr_yMuR3dK2yuJana6wvyLzc6kToWcJ3nmBvN7mltH0SGO5bwtBw4fQcXM6y_B18LHNd4p27KhnpVEjd32sNh6RC4fFv9nlALgxQ1UCKzlZhR9Y-dHjvTq3-5C1-5v8zOqPNBFmCKR2QYqGsN9lDCG5CuX9RoeDQzTlbQeF-IAaRqpzB1-e-puGDqSu_5_EWibML9Wfo5u_vYy__O2QfrTwZNyWH0_Z-rJ-gxx8eYq-kzFXu1w5uG1sGe_c5O6yCTacQ3nw2OpDM33hRi34snIt7v5cGEql-Q_7dkZdltT73j6atnv0v368VOfiIPook5FyK2UZuwE9x7CpxIszkg0kUmb8jftNfNg-Qsp1tuUqpSW3rXD99hVpPvtjfznac7xVq6RPCdsL1by5vja2Vm-OSWJQ1IvYMdsYA4MMgPr4M-ozyBu4BCauvAIT-naxqL52HmUpCOU02m-CSzLSse930j_Ohln1nLegPEUQPTPGkppJKRbiQzZzCSRQwhLmyaweCDijxmPdz0y1vwAQ8ug-EaH5-RCDyqSBjkWCc69w8n9ZHFQOKl4tUcQy5voGYTQ-j2PVBooIlu8N57R9MAoV72x90_D-Fq3q-qRoE7JOCJq3xkJKgUsy3ER2U2sRZSsdURDaQ7OYnUNyJhaLs5uchW5Xc7pRIvUK_V5PEd0dP3vU5WlCI84OV0t7_C2AHUOV_eSN4WPFBgvz5BiJlTaFsve8TVDvdlOWvzYYG3akZ9nyTC_9qwV4o6g9CMMrFhbuFXoeJbmN0Lq70O31-O5OkzOZEH_hgmw1ke_w7l3A4EgHVXfuTBfq_spUJYQVJ3TkAwKOPqMe1bNO2No-I50JoBjg0zHd2GRqtVK2u_jqiBGZ2hSga3llGJ0OxDPe8lbT8Eprk-hkt5KxhidKCwQLuVdNohsu-0GoP6XM7FuUvgjLE8WwPBPbk-7OX_K2fBNhbMM7f5R6hmZyRxz0BPj_M0xbQO_ZWIjpEwxxeHbKcWBnxGtMNoZPOmfSXcIbMGNgryt7LpOfPzIqhOFA6Dt41zV3jUA5nNnOrtw8pC5HczyxCKcNfCX0EQKCqLdnMrOGfithhKSNinJE4QJzlWEopHBtZjtFFRiPbjb6H-ip15jy6qmqTXCGJKStRhgHe7iy28NoMleAbXXZYV9nMvWxQx5YUtd57TWegdaPOcTxdxoNzR43m5ATQ1UTD9lJsYvJ2lrd0gAJ9iB550pZILCGaEQxKeaRJ_wV7aKL0iXfItB2Wp6etJdBoQjhSolqc1Gp72aUJuYSPC-V18g9XAnIXv2zt6rVyYOVq4QIbdMPpTp42BFC1-sT5_bzBR6hOF68ie8pQGYvbY53Mgajo49F4fa8E0EO8TlroYTVSyb0lON7kOLQEyGUO7c-4eJLSo9-xDcfXv4X4nagrg&cid=CAQSMgDICaaN5QZT62Qe17x_vNBP053oJuCct3Vag_NjD-GJNiKDSTvCe1HLRW-SvyYV7kuZGAE&dv3_ver=m202309260101&rfl=http%3A%2F%2Fcontrolc.com%2Fc867d83d&ds=l&xdt=0&iif=1&cor=3261320598423061500&adk=2198499454&idt=463&cac=0&dtd=184
Requested by
Host: controlc.com
URL: http://controlc.com/c867d83d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
262154738151ed97e804c8c5095c3ccf2ba55a8bbe49958bbb266d7220e43275
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://controlc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:31 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38674
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0D6C 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9419705855894&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0D6C 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9419705855894&version=m202309260101&ct=77&x=1&cor=10064233596252742000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 0D6C 		20 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A1NVDw1NB2ruBXHYhPjsS7QhwEkudeKKbGlOz5nckRIAzIgmeBeTjPT3XQk3Xk9OjYnZVArz32hYgn7z4zjzqRqLHJV5qJoKFtgoqwUiKa4jpnm-XY8hR012xUUJ5KqenxB-fvXv146gn6Ggg_atceW1ElULlvw1wc1gljYEqp_C38m6U&cry=1&dbm_d=AKAmf-Bht1qBFN50OTSs5no0dj6225jdsWVZzhFN0uBGCJqu7cW1y84K6gbUdqGHcAYUitUmNK3Amv8F-IdKqbzyUQv3GRw3ZiNB-iXjzOXjQs72HP4u-d_84HZs4o3P0zUNWCVhHYNOomZefpm9LGR8a5GXE9vG8yBENUTsnnyDW7wLg6DP8oRO7TMUzPGUdIxRJsKPNUhGvAFIOUtJEp9aWly-7zip9B2LO6Cq4TW5JDUqSVcIY0T7PGHS2d-FzD5V4m8rrYRr6uaraS3rACHWgZ1Z8BLtte_F-P8_gUnJHMQ3CQkQCCmpMaAQDrpIfBM_mcAzVenifHag2be92w-S025phcxPrpk0Xij9_iRtQ3Boku5VjnoGraqgPD0TGEVWv_mZFSGzSKOqrTJWaW7XfOL430kS2Jh200z8-8E57HkBMom55tm9LrosyleQXfSyEEIQXSRqf0zWvK-KEPrCJ2wL-K_aaU3Se8qF5InQAMtI0o12QCLee_L7T-h4Gxq8enWCJtPRNf_q0eDGQZsMSbHZY9aBoogfH1298pL75XK2-FE038uZbIwFezGfIMyGNLhNQZRBdW-tK-iGvkfa2_4TDNBwEXvuuiic_m5y6JKRTZdWwVeQqH7fgNEfdUItnAZM-U3vBmnHSKIF_rZ2xMt7-YBcy0Q9DAmgU6iO48hoJjHh_Mmj3dZuF7JrlN87Db8ERo2Eygl8gwiU01GfzH4HvVmgSp0G5ICgOw6gjlbY7TZKHb44kVq0RISqRegDnmLNfngfWdBwfK9Rxvm3SCaXUN7q5iRpexuiazwc9UBvQBC5VkgEaDRdERq_rSBN54aOhJfu8iEP7zFoDEtAZgD0SPqe_hQbk8fNLRWSbo8XSF6J7flWpdoMmkdE0Reav6TMBx3HdMcW9X4AS3M_D-bW5Vce86uKt7KuQdKgr__dJnSfZk2u47SWUgWOfM3DcFkiGa2AtL_upq0ejGtl--RNdt2BBcK2HC0xr44OMvd_eA7V8H0XsJJTPowukiF5ra8ChcFS60TUJTvLGjiqVcb4yyUy1YXZ3kOhwbRGweSu40ysSgtVTdcwTtKFWfm3UoD4vhIb27YAKyiNbRZKVMT2DT2_vVXmp-r5piTVebGxAEgnJ5YEFJq9n-nXfqONikLisvXIUV-II_WgpIwFnyOkFFH6pSWlJnHuxH-b0NyvQlT9iHNUZkr_vwk7Kscf22ZpV2d92awnzDQzEHhwbJoFJ4OdmT41AipGOVz8WafCUsuyguRPRk4NuPdeRBq7sh8pLxm8PmI2injSzxUER64D6qelLoqQUM1uLKRTR58dflt3yHcDs2Q7gGqri_RlF89TM3gvFbItDeqcc48ycA_UTxRYgL5x39jltAGaJbD455kn48SwI4ojBan10FHJU0-_cWhyIQPIxTgvLH0APeIYe_z96H8phqR6c6KqPgdkiCgsBRmdzWCdKQkXu0Ri9gNRqSwncATn--C9AYQBMsz88oLJuZZFprc3-zmfONikIrs3kU5K3HZBjk3DisCyJfrp8pwvDRFn4NUfh4_rYqy-rxXFEQOAavXuMUiaeEozdDXZ3p8O3LpXLtlTesF9tv3aikLV81-sAK3lSDGeOIbDjP_Y_JQygm7PEAy14hCLzxaMrVPm66JcjF2IksGRvvf26fNtnDFF6BQmxFtOaswLE9qXpLviOrCNozOLGCe-GBsloYk74c8oAxIlUWWYhn44j4NFRjXvN77qUcsXEylxytXALTQkwyt9iU1UqvsxT2vPNoJcPi3sW7Jr2VYJkrLA2S5xSlykZzESBMSzWHCR6URBcWk3HjimAtfYDFW0vTXzRrgzyELsm4T2xqHsyPS2GUR28VK3aBiBtOF7ooxUb7j2jdmisny7npHjxLcmV3wpt1gObNlqE6fFW4-ugH5BA-P546HAYIcGc2Dj5MyHFF1XrgEIikVeOXJqABMIIrVJJzD4q3xcfeCQxbR0wZtebuzA4T_gighbakcslHk2Yd-cDSMsRAmUVmKBDPcADWME0LiZBZ39lqp_DaoeIqohdmykMOk8ZVgTgt4r4c8QnQV5zZbm19EqoI8-UQstOYg6mMJ1_nIs-cqQMht0kzPwfXjnlfzwmPgS63o77yovLtgXGxLrN7juWo4MtPb969PA3WvunboD1CtPBZTpPSxY4chujPU1PZnUgHj1d2725p-l-kKflI65mZ6BCXg5LX1noeN6yBR1N11JJ2lRXP0DBryCSNi-lZV7gygtVV-hu5LD3nGCdiNT0Gul45Z_9I9OEncMbwl4pnNb9LDvdfWmcpsGo-VZ0LWYKmc4gqotFy5DsB3Xp22KxoBr2oEl0em8_AK2iIEa8NY1qLE6v2ZW1rv4RgEbtIbwmAbjslcPTWYIvzjZcb_em1ccMU8xyq853qw-afJLIEvoyHku0zuWmXCHzkKzw37igRCDLVMQirKeAuatpeXiX13SGxWY1Gq5Gy2hxe9rTXKmT99ILTVZF5pLBtEMg01V43lqeFWZtGk5vXOpGHJj4Xkay5UKvmsnFu9fj2N8GWaTMlK4XEUzgaDtujzJqlPTlnC7-mONX3LXczn6WC4W1n86Sd9Q6DA5W_bIaRDJXa1Z68q58NB4Eazr2O4CBCcqK-ZIHh4No1xaKZuLjJgGnsQ0uHvKA5Dwwah4c6P450fnXrzjSpYVHD1xYBykMd6nnDxgzjD9DmXiGwm6JTmsGWROP0GWcr2DJ42QuOa1T04sJO-sfnvIx99PoHh7o5V2oafsPtc8sc7rY53T_Jpcp0JslSzFbn9NTT5Rj1Z5d84ZRs_mleBn7Xee21RHpXHgNTqhMvJF0pNUarrwEPxWfr7vTxfoUUT2hInCXmpb95e_A_3g840Lq7h_nz67jMuIPfmb_whQaAhYM0DzHRgujL4hI8Qe8ly6Xwo0fcVlNbA9SCQI4R6vFnJkKDnQHgrCpZ5lvCKtZU_wDHA108fh_nfWIf18ZOI91JjPjaD7OIzp5NV3dTL_3nYpkv40cC07G31hY9qrRm6EnVWChLltCT4dlHy9KGGNgV5Z1O6qlxcKJwEP8ekoccjU-Kfqff7P_srB0hU4AbgQO0FrkmaOv9sMK9EcDXblDIkLM5EEoJLz9uqE7K_gG-NIv4yTpEsb9lV2Y2fe_fECMTCGlHYzCcIURgIaQsVhKJXsWJ9Oss4r8YZcy3CoFWoA0C63jGBocvHUhMF54iLs9_fl6z2qBpEzEV15wNY4ZM0IopGYithDhTXwEzz5Tw49IIOhiKJ9GXu6dvUCduAa7GJlqyQ4TFiFoWAq4XHtz78YKIo5U2CxHMNOtFqzSo8Q9F1aqlDF87qHOA6MzRMgpcVJhNe8tdmEAlGRdNMBTDRREJt0qtOjnCQg8Eb06wC41EktAAG0OBK7tRZsDZ0EFnEYySVjBXhkCwT1Ka6lFAfpOurazH5BQGkarotJo31GQK1FsRsatwSdPx1crDm2EbfR80KQeXED_F_85rPHKAqUpWAqkBMuJwYzcQ2mI1-eAoQ1uxvuGmbv3gCw0TrIz_i-dlH7L7dI4RZnDa9Y-FzEnnJRRiC2_WyzxS30MyZ5sDvH7NnVljnt9kPlPFo3U6ya0Uj4lE6-RX6UYGGj4sAZ8lKgjTFpK5l2x4BJwVJjgH-vvosV4daUW7RY7GWeW7YOlwonJvrd2NXupA3Tc6uQSNoOoUVTnj--aM8YBhzMmBWDUz6SN62Xhs4NGPX3QseDLxHll_xWyLGPtpp_q-jjdRI1RW0YBwuNtoeZ_3IC_KGBLFrcvULxy3apcMgd6MwnpVAg2VWh5ACWyPHT2U1An-joe1hz7c8VrCMG0y4jYA7lj24SQ38lKgYP2bm5cBemvwDnQiccaitD0dONhLXISgqtkADbItqKfVZcUTU_qQ9QsDJ8pplfaNnWGkqDwA&cid=CAQSOwDICaaNxp8Gdaw_2ICrKTKkB4c3OYYmSY36R7y3-uG7XEgp2TjC8FmSSFSiszsyUwiKe02Zc5AexdZ8GAE&dv3_ver=m202309260101&rfl=http%3A%2F%2Fcontrolc.com%2F&ds=l&xdt=1&iif=1&cor=10064233596252742000&adk=3944675600&idt=446&cac=0&dtd=6
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
6fd403284ca5961eb216859a939ae0155823cbeb814171721f9c2d06e9b7ae5b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:31 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14003
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame FE36 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjDvYjGATAB&v=APEucNUTPYN3xKEJ8UXokgTn-vAyFUichf5umopHA4tnMJgEUDVVp4kS-VwPHmyiCJw7pUmP0uZbldQGJ4HfNboz5SRoKirgtQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame FE36
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHWfqEllLDIsnD-d2BncmFY&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHWfqEllLDIsnD-d2BncmFY&google_cver=1&C=1
43 B
767 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHWfqEllLDIsnD-d2BncmFY&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjDvYjGATAB&v=APEucNUTPYN3xKEJ8UXokgTn-vAyFUichf5umopHA4tnMJgEUDVVp4kS-VwPHmyiCJw7pUmP0uZbldQGJ4HfNboz5SRoKirgtQ
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:31 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sk5fO2bg%2Fc0A4TxJJAd1B1y6voDYss0LJcKCq9McD3lCxQoz7TQpgdNmaUcViKMnjvav%2BV4Q3aXuv6l8ocmkygp%2FLd%2FYwbBkVr1hVs89uj4K6hsH8JgptHgKwH2SSUQeqUpAUJOuR00Wsg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
827522cb187f01db-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:31 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J7%2BCOkyn1acX9XrbDLd3WUsH67V5n86ZQtGQ3zNaxG9McSMq3wadXQxZScsNow%2B62Ne5OIlHEGppLuCYshZ%2F2%2FadiQ7k7rDHQWnYM%2F7Cc5HEG8g48Fsc%2B9Yz451Nwj3UNN9r71jXW3%2FL4A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=45&external_user_id=CAESEHWfqEllLDIsnD-d2BncmFY&google_cver=1&C=1
cache-control
no-cache
cf-ray
827522c97b433b52-GVA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame FE36
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZVboL2W604ow4w.0eyPOEgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHWfqEllLDIsnD-d2BncmFY&google_cver=1&google_hm=2
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHWfqEllLDIsnD-d2BncmFY&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjDvYjGATAB&v=APEucNUTPYN3xKEJ8UXokgTn-vAyFUichf5umopHA4tnMJgEUDVVp4kS-VwPHmyiCJw7pUmP0uZbldQGJ4HfNboz5SRoKirgtQ
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gH%2FMVVoUOsGjQ1WKhMOtaq7ORxSdvCQZzEO6NZ2NoxQvZR63FEoIiFpdi3qL2M3qwq41oY3%2BIFbbtQHwcXhIVlCAQJzjFTFmaC%2FdaoxGJZ4Q0hPLOzp45RypJliz%2BURXWRkGVOYkyeEeUg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
827522cd2a6901db-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHWfqEllLDIsnD-d2BncmFY&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame BE18
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=smartstreamtv_dbm&google_cm&google_dbm&gdpr=0
  • https://ads.smartstream.tv/cm/?cmsrc=dcm&gdpr=0&google_gid=CAESEJxfFr4njTraRWOYso3Ulaw&google_cver=1
  • https://cm.adsafety.net/?_cmsrc=dcm&testmidt=1&testdid=CAESEJxfFr4njTraRWOYso3Ulaw&idt=0&did=0&data[stv][midt]=100&data[stv][mdid]=79d2b1fa57fcf812964e2c2b768a8c3a&uid=79d2b1fa57fcf812964e2c2b768a8...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=
70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLvJWxDB5IUBGPO6uPkBMAE&v=APEucNUInmTJZimVZisUCgFJlYhhdsf5zmWPDHdEyu1_hpkfwHUhcHoC39Ck7XbO_Pb5lRpJ1xPFRPWLixpOngel6aXjb1zZeAbPHcNVNMQmINpsvGNHiLY
Protocol
H2
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:12:32 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 17 Nov 2023 04:12:32 GMT
Last-Modified
Fri, 17 Nov 2023 04:12:32 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=
Cache-Control
must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
Connection
keep-alive
Expires
Mon, 28 Jul 1997 05:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame BE18 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLvJWxDB5IUBGPO6uPkBMAE&v=APEucNUInmTJZimVZisUCgFJlYhhdsf5zmWPDHdEyu1_hpkfwHUhcHoC39Ck7XbO_Pb5lRpJ1xPFRPWLixpOngel6aXjb1zZeAbPHcNVNMQmINpsvGNHiLY
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
c
c.pub.network/v2/ 		36 B
53 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/analytics/1.2.5/analytics.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
40446f70ac0f8ed9ae4912bda6f9e9333badad89bc616a4594edcf67521fb771

Request headers

Referer
http://controlc.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 17 Nov 2023 04:12:31 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
http://controlc.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
c
c.pub.network/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
http://controlc.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
http://controlc.com
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Fri, 17 Nov 2023 04:12:31 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
via
1.1 google
usermatch
ssum-sec.casalemedia.com/ Frame A666
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&cb=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gp...
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fgpp%3D%26gpp_sid%3D%26bidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3...
2 KB
844 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fgpp%3D%26gpp_sid%3D%26bidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D&gdpr=&gdpr_consent=&gpp=&gpp_sid=&s=184674&us_privacy=&C=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4224c100ed3ee83211bdce69aebc3f37e2bd4a6b26a54db5c931fcd7f7a6b7fd

Request headers

Referer
http://controlc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
827522ca1e1501f4-ZRH
content-encoding
br
content-type
text/html
date
Fri, 17 Nov 2023 04:12:31 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8UEw9QFc5p6%2BlIVSnEwpivKkyTsKEcMOPNyqRzToq1uHUmUPSlb3Xt9Ff4pViIocp%2BdJwvoE9UX0w4jaWY21OEubou3qgaNLE4iJpiP16KJwYkRJ%2B%2FALWPjevomDz2UT4uqc8M4CeR2%2Fuw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
827522c95d1e01f4-ZRH
content-length
0
date
Fri, 17 Nov 2023 04:12:31 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fgpp%3D%26gpp_sid%3D%26bidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D&gdpr=&gdpr_consent=&gpp=&gpp_sid=&s=184674&us_privacy=&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=31%2F2Relo9WlP6R5c%2F1TgSf%2FZRICMsqpoIiyHPcdMXmp5tHaSivYFsyPWK%2F%2BYFNE82HHwDgT9BoWl00nLw3fcN%2B2LSFEaU4l1e%2Bpkd%2FFn8dU3ahVD989UJxo2OiIpxsi1oIepM4xJPeLBvA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 0D6C 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A1NVDw1NB2ruBXHYhPjsS7QhwEkudeKKbGlOz5nckRIAzIgmeBeTjPT3XQk3Xk9OjYnZVArz32hYgn7z4zjzqRqLHJV5qJoKFtgoqwUiKa4jpnm-XY8hR012xUUJ5KqenxB-fvXv146gn6Ggg_atceW1ElULlvw1wc1gljYEqp_C38m6U&cry=1&dbm_d=AKAmf-Bht1qBFN50OTSs5no0dj6225jdsWVZzhFN0uBGCJqu7cW1y84K6gbUdqGHcAYUitUmNK3Amv8F-IdKqbzyUQv3GRw3ZiNB-iXjzOXjQs72HP4u-d_84HZs4o3P0zUNWCVhHYNOomZefpm9LGR8a5GXE9vG8yBENUTsnnyDW7wLg6DP8oRO7TMUzPGUdIxRJsKPNUhGvAFIOUtJEp9aWly-7zip9B2LO6Cq4TW5JDUqSVcIY0T7PGHS2d-FzD5V4m8rrYRr6uaraS3rACHWgZ1Z8BLtte_F-P8_gUnJHMQ3CQkQCCmpMaAQDrpIfBM_mcAzVenifHag2be92w-S025phcxPrpk0Xij9_iRtQ3Boku5VjnoGraqgPD0TGEVWv_mZFSGzSKOqrTJWaW7XfOL430kS2Jh200z8-8E57HkBMom55tm9LrosyleQXfSyEEIQXSRqf0zWvK-KEPrCJ2wL-K_aaU3Se8qF5InQAMtI0o12QCLee_L7T-h4Gxq8enWCJtPRNf_q0eDGQZsMSbHZY9aBoogfH1298pL75XK2-FE038uZbIwFezGfIMyGNLhNQZRBdW-tK-iGvkfa2_4TDNBwEXvuuiic_m5y6JKRTZdWwVeQqH7fgNEfdUItnAZM-U3vBmnHSKIF_rZ2xMt7-YBcy0Q9DAmgU6iO48hoJjHh_Mmj3dZuF7JrlN87Db8ERo2Eygl8gwiU01GfzH4HvVmgSp0G5ICgOw6gjlbY7TZKHb44kVq0RISqRegDnmLNfngfWdBwfK9Rxvm3SCaXUN7q5iRpexuiazwc9UBvQBC5VkgEaDRdERq_rSBN54aOhJfu8iEP7zFoDEtAZgD0SPqe_hQbk8fNLRWSbo8XSF6J7flWpdoMmkdE0Reav6TMBx3HdMcW9X4AS3M_D-bW5Vce86uKt7KuQdKgr__dJnSfZk2u47SWUgWOfM3DcFkiGa2AtL_upq0ejGtl--RNdt2BBcK2HC0xr44OMvd_eA7V8H0XsJJTPowukiF5ra8ChcFS60TUJTvLGjiqVcb4yyUy1YXZ3kOhwbRGweSu40ysSgtVTdcwTtKFWfm3UoD4vhIb27YAKyiNbRZKVMT2DT2_vVXmp-r5piTVebGxAEgnJ5YEFJq9n-nXfqONikLisvXIUV-II_WgpIwFnyOkFFH6pSWlJnHuxH-b0NyvQlT9iHNUZkr_vwk7Kscf22ZpV2d92awnzDQzEHhwbJoFJ4OdmT41AipGOVz8WafCUsuyguRPRk4NuPdeRBq7sh8pLxm8PmI2injSzxUER64D6qelLoqQUM1uLKRTR58dflt3yHcDs2Q7gGqri_RlF89TM3gvFbItDeqcc48ycA_UTxRYgL5x39jltAGaJbD455kn48SwI4ojBan10FHJU0-_cWhyIQPIxTgvLH0APeIYe_z96H8phqR6c6KqPgdkiCgsBRmdzWCdKQkXu0Ri9gNRqSwncATn--C9AYQBMsz88oLJuZZFprc3-zmfONikIrs3kU5K3HZBjk3DisCyJfrp8pwvDRFn4NUfh4_rYqy-rxXFEQOAavXuMUiaeEozdDXZ3p8O3LpXLtlTesF9tv3aikLV81-sAK3lSDGeOIbDjP_Y_JQygm7PEAy14hCLzxaMrVPm66JcjF2IksGRvvf26fNtnDFF6BQmxFtOaswLE9qXpLviOrCNozOLGCe-GBsloYk74c8oAxIlUWWYhn44j4NFRjXvN77qUcsXEylxytXALTQkwyt9iU1UqvsxT2vPNoJcPi3sW7Jr2VYJkrLA2S5xSlykZzESBMSzWHCR6URBcWk3HjimAtfYDFW0vTXzRrgzyELsm4T2xqHsyPS2GUR28VK3aBiBtOF7ooxUb7j2jdmisny7npHjxLcmV3wpt1gObNlqE6fFW4-ugH5BA-P546HAYIcGc2Dj5MyHFF1XrgEIikVeOXJqABMIIrVJJzD4q3xcfeCQxbR0wZtebuzA4T_gighbakcslHk2Yd-cDSMsRAmUVmKBDPcADWME0LiZBZ39lqp_DaoeIqohdmykMOk8ZVgTgt4r4c8QnQV5zZbm19EqoI8-UQstOYg6mMJ1_nIs-cqQMht0kzPwfXjnlfzwmPgS63o77yovLtgXGxLrN7juWo4MtPb969PA3WvunboD1CtPBZTpPSxY4chujPU1PZnUgHj1d2725p-l-kKflI65mZ6BCXg5LX1noeN6yBR1N11JJ2lRXP0DBryCSNi-lZV7gygtVV-hu5LD3nGCdiNT0Gul45Z_9I9OEncMbwl4pnNb9LDvdfWmcpsGo-VZ0LWYKmc4gqotFy5DsB3Xp22KxoBr2oEl0em8_AK2iIEa8NY1qLE6v2ZW1rv4RgEbtIbwmAbjslcPTWYIvzjZcb_em1ccMU8xyq853qw-afJLIEvoyHku0zuWmXCHzkKzw37igRCDLVMQirKeAuatpeXiX13SGxWY1Gq5Gy2hxe9rTXKmT99ILTVZF5pLBtEMg01V43lqeFWZtGk5vXOpGHJj4Xkay5UKvmsnFu9fj2N8GWaTMlK4XEUzgaDtujzJqlPTlnC7-mONX3LXczn6WC4W1n86Sd9Q6DA5W_bIaRDJXa1Z68q58NB4Eazr2O4CBCcqK-ZIHh4No1xaKZuLjJgGnsQ0uHvKA5Dwwah4c6P450fnXrzjSpYVHD1xYBykMd6nnDxgzjD9DmXiGwm6JTmsGWROP0GWcr2DJ42QuOa1T04sJO-sfnvIx99PoHh7o5V2oafsPtc8sc7rY53T_Jpcp0JslSzFbn9NTT5Rj1Z5d84ZRs_mleBn7Xee21RHpXHgNTqhMvJF0pNUarrwEPxWfr7vTxfoUUT2hInCXmpb95e_A_3g840Lq7h_nz67jMuIPfmb_whQaAhYM0DzHRgujL4hI8Qe8ly6Xwo0fcVlNbA9SCQI4R6vFnJkKDnQHgrCpZ5lvCKtZU_wDHA108fh_nfWIf18ZOI91JjPjaD7OIzp5NV3dTL_3nYpkv40cC07G31hY9qrRm6EnVWChLltCT4dlHy9KGGNgV5Z1O6qlxcKJwEP8ekoccjU-Kfqff7P_srB0hU4AbgQO0FrkmaOv9sMK9EcDXblDIkLM5EEoJLz9uqE7K_gG-NIv4yTpEsb9lV2Y2fe_fECMTCGlHYzCcIURgIaQsVhKJXsWJ9Oss4r8YZcy3CoFWoA0C63jGBocvHUhMF54iLs9_fl6z2qBpEzEV15wNY4ZM0IopGYithDhTXwEzz5Tw49IIOhiKJ9GXu6dvUCduAa7GJlqyQ4TFiFoWAq4XHtz78YKIo5U2CxHMNOtFqzSo8Q9F1aqlDF87qHOA6MzRMgpcVJhNe8tdmEAlGRdNMBTDRREJt0qtOjnCQg8Eb06wC41EktAAG0OBK7tRZsDZ0EFnEYySVjBXhkCwT1Ka6lFAfpOurazH5BQGkarotJo31GQK1FsRsatwSdPx1crDm2EbfR80KQeXED_F_85rPHKAqUpWAqkBMuJwYzcQ2mI1-eAoQ1uxvuGmbv3gCw0TrIz_i-dlH7L7dI4RZnDa9Y-FzEnnJRRiC2_WyzxS30MyZ5sDvH7NnVljnt9kPlPFo3U6ya0Uj4lE6-RX6UYGGj4sAZ8lKgjTFpK5l2x4BJwVJjgH-vvosV4daUW7RY7GWeW7YOlwonJvrd2NXupA3Tc6uQSNoOoUVTnj--aM8YBhzMmBWDUz6SN62Xhs4NGPX3QseDLxHll_xWyLGPtpp_q-jjdRI1RW0YBwuNtoeZ_3IC_KGBLFrcvULxy3apcMgd6MwnpVAg2VWh5ACWyPHT2U1An-joe1hz7c8VrCMG0y4jYA7lj24SQ38lKgYP2bm5cBemvwDnQiccaitD0dONhLXISgqtkADbItqKfVZcUTU_qQ9QsDJ8pplfaNnWGkqDwA&cid=CAQSOwDICaaNxp8Gdaw_2ICrKTKkB4c3OYYmSY36R7y3-uG7XEgp2TjC8FmSSFSiszsyUwiKe02Zc5AexdZ8GAE&dv3_ver=m202309260101&rfl=http%3A%2F%2Fcontrolc.com%2F&ds=l&xdt=1&iif=1&cor=10064233596252742000&adk=3944675600&idt=446&cac=0&dtd=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f1.1e100.net
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 04:31:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
344442
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Nov 2024 04:31:49 GMT
attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMDE5NDM1MTIwOTQ5OQogIHNlcnZlcl9pcDogMTQ2NTI0MjU5CiAgcHJvY2Vzc19pZDogMTI1OTExNDg1OAp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0...
ad.doubleclick.net/ddm/activity/ Frame 0D6C 		0
741 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMDE5NDM1MTIwOTQ5OQogIHNlcnZlcl9pcDogMTQ2NTI0MjU5CiAgcHJvY2Vzc19pZDogMTI1OTExNDg1OAp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0MwphZHZlcnRpc2VyX2RvbWFpbjogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiAzMjE1MTQyMTUzMDc3NTAxNTI1CmRlYnVnX2tleTogMTIzMTc4NTU2MTMzODEzMjMyOTkKaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUFJPRFVDVF9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAyCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fREFURQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICIyMDIzLTExLTE3IgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9GTE9PRExJR0hUX0NPTkZJR19JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTE4Njg5NDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fQ09SRV9QTEFURk9STV9TRVJWSUNFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQVRGT1JNX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUVVFUllfQ09VTlRSWQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICJVUyIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBQ0VNRU5UX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzMzIwNzA1NjAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0FEVkVSVElTRVJfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDg3ODI0MzY5NgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfTElORV9JVEVNX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAxNjYyNjc5MDIwOQogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQ1JFQVRJVkVfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDQxNTM3NTA0MwogIH0KfQphcmNoZXR5cGVfaWQ6IDEyCmFyY2hldHlwZV9pZDogMTMKYXJjaGV0eXBlX2lkOiAxNAphcmNoZXR5cGVfaWQ6IDE1CmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9yZWRpbnRlbGxpZ2VuY2UubmV0IgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vYWQtc3J2Lm5ldCIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2tsaWNrLXdlbHQuZGUiCmltcHJlc3Npb25fZXZlbnRfcmVwb3J0aW5nX3dpbmRvd19kYXlzOiA0CmJyb3dzZXJfYXR0cmlidXRpb25fYXBpX3JlcXVlc3RfcHJvY2Vzc2luZ19iaXRzOiA3NTQ5NzQ3MjAK
Requested by
Host: df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com
URL: https://df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f6.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:31 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"12":"0x5e5b09cb561a004f0000000000000000","13":"0xcdd198c6cac28eb30000000000000000","14":"0x3e4d0f3d7697134a0000000000000000","15":"0x83f5bc987a9d82b80000000000000000"},"debug_key":"12317855613381323299","debug_reporting":true,"destination":"https://redintelligence.net","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"8":["11868943"]},"priority":"0","source_event_id":"3215142153077501525"}
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame F78D 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: controlc.com
URL: http://controlc.com/c867d83d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f6.1e100.net
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://controlc.com/
Origin
http://controlc.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 05:44:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
80902
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 17 Nov 2023 05:44:10 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame F78D 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp.js
Requested by
Host: controlc.com
URL: http://controlc.com/c867d83d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://controlc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 16:12:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
43188
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 30 Nov 2023 16:12:43 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame F78D 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite.js
Requested by
Host: controlc.com
URL: http://controlc.com/c867d83d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
610d24f5996131b3ab98f18e05441cc246aa8674c3842df0df2b40b57ac9fd0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://controlc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 16:03:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
43725
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11874
x-xss-protection
0
server
cafe
etag
3876053170955424897
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 30 Nov 2023 16:03:46 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame F78D 		41 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: controlc.com
URL: http://controlc.com/c867d83d
Protocol
HTTP/1.1
Server
216.58.206.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f1.1e100.net
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://controlc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 16 Nov 2023 09:09:43 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
68569
Cross-Origin-Resource-Policy
cross-origin
Content-Length
15468
X-XSS-Protection
0
Last-Modified
Fri, 25 Aug 2023 23:48:00 GMT
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="adspam-signals-scs"
Vary
Accept-Encoding
Report-To
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
Content-Type
text/javascript
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Fri, 15 Nov 2024 09:09:43 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame F78D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu1qDCu72XZUzVLx4pJpSGymnI-HQTG-DYhEVcHtSA02jMeokTXT6k3Z01fRWOSiibLrdRZd5axPI94wIyymnpSLBjU2CA9oTlUnnAyK-KfAHE3qXZ39nTRTimdB7gGJunMmmN3iirHXKNp0XT09IIitwsTbZ6oOrW7UdstbvfGS0sz_uovn7PiaW6crFvGhkV2uF2bOQ4ZHReOUf8iPL13KG2pGLa62o66PFZoQVxcyy0hFVfKLrSIGgn9PiEbiRw9RmB041MCSpBnHwfkTVrmfralqWiMpOcxs3qjkVKvN7ammy9QNJmCHRnbTuPmkcKvOMOHu9NLhZSARv4_WYxzZzv_NkstH0_Z1xMi8htmuq5Degqi&sai=AMfl-YQqrkYWe2eN4Y6mDIt6G8XPulU2lr0frhwqdF0DeazChogG-H1oFV1--e-Gb6Ysq-Ve3lmuTYmtkCgDpYVg1nq2og_f1xQaS3i_TSVvNt8bYf9xmAtq1idJYRJBVg&sig=Cg0ArKJSzO9Jkyv1qi0wEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://controlc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:12:32 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 17 Nov 2023 04:12:32 GMT
truncated
/ Frame F78D 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5443c1680fb28b421ca2dea045234717853efacf3d12a1a7cb47cfea10588a0b

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://controlc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
29okurnprew3
hal9000.redintelligence.net/zone/ Frame 0D6C 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/29okurnprew3?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCZRmCLehWZduyNeiT1PIPwKCb0ASRwdCbaZvog5LcD_AuEAEg2tfFOWD1hYCA4ATIAQmpAleMhPXaNbI-qAMByAObBKoEjwJP0OexRdn9KMCMKtMwalH_gByi0hp-GfRU8vrgToDMqaI5YU-lm4_fgoddPgCIECP8R2TKXKbFmK-Kjj2vULOKL0qhtyRMsNgAjgvvzH_SJAJIsz1rdIlFtUfkJ-QhToGInsnsw2dO0PtxN1AHP_mV62qwxEMYxikyu5-IVqGM8-Weh3_XK3_tmzOxGLCdoTIIPOBQD15F67Rrw1sZg9E0stGXrt3oKFSk3qbROs07gWu0eJHeogPkk5oW4JebYllDEepulFmn0X2OBf2DBgyJW1kny7zw7l9FfN1fX0JMu8wdAgA0EUAAUgVH42mtOQuyCI7LiMBHIlj6mwKT502ki13cwlKbxvAjjDXfoIDVwAT6xouO_APgBAOIBcHeovg9kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgGEQARgdMgKKAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaIMGCoWChTktLEC7rWxArW4sQLktLEC7rWxAqoNAkNI4g0TCLuh8MGVyoIDFegJVQgdQNAGSrATlbXRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNxp8Gdaw_2ICrKTKkB4c3OYYmSY36R7y3-uG7XEgp2TjC8FmSSFSiszsyUwiKe02Zc5AexdZ8GAE%26sig%3DAOD64_31VPK9s6Vdbln99eoOvxZ-xVCRbA%26client%3Dca-pub-3605257360853185%26dbm_c%3DAKAmf-AhWRonK-yUb9V6euquy8qJUn6_hFaJtPpwLCDbid_nNqhQsKPyv3KaX9DmTJ5qCKREiRmSre50fulMzG06iZExKvqmZqcJhC3Tj7rYGEvAR3eMYpMoYFIqvvVQy5N_Um_1FuYfHJFO0Zb4gF4rmWCaR7QTiEeCUftGCc5_CVbpFQXeoeo%26cry%3D1%26dbm_d%3DAKAmf-DLNmQBL0UU7jJQhTU8MXJwI2POa_PxLdpU9x85_oGI_WxvHpfUqayOcVZZxxUlK1eMBrGIu7qbgWPJ81tIOjtmvFNbW-NCapZnDC7BtMHdkjbKBydphyDjkaTmE6s-FCGDzuy3EhZjWvcaEdYaZcYe31fq-KH-9PdOxwGiJPLPvtIUZb7tfjJwedD8vw51dOqnUcGO8wlZW46m6Qb4dTtQJpL_8oq3kBBqrFS30WiyDPLTjKlwgUyuepcxHWdySht600Lh-tCZFOOAoPOpLiWFuagPMroRjwSKLrt1SB2HCO8sYSD4o5puvqox33adj_OU3yznB0MGhMPeQkCVvY65WOkAC8kGW96wCb6GZFV4DcW_NFwcVAn_3i-iG3wfmeoH0JR38Dvk8_e2V2lXFW7QCj1Zy0QB1rmZ8sGAIiXoqDVvlX3AUiuAO5NfAm9YWjkUpieO1m5GX12rGOwerFycX1qHWGyREy-1BZL_mOdeAiXGTjf85hzMdjillJID2lEChm8u0-clmWVTW4W6m_a4IPKGNeA3W2lnQeu1Q2ijXpPBwXk%26adurl%3D
Requested by
Host: df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com
URL: https://df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.219.174 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.174.219.99.88.clients.your-server.de
Software
Apache /
Resource Hash
ace1d229db9104ad73abb2f1e841dd2aeee2c3f03b1ca732cbcf2ffc651b3818

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 17 Nov 2023 04:12:32 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
4177
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
362358.gif
idsync.rlcdn.com/ Frame A666
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZVboL2W604ow4w.0eyPOEgAA%265192&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZVboL2W604ow4w.0eyPOEgAA%265192&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=6172120c6aba4df19357838d57b80eb5
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=3659974528374296936
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=6172120c-6aba-4df1-9357-838d57b80eb5
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=1427ad7e-2971-4e8c-b8b7-d84c9f6c4c87%3A1700194354.4357219&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D1427ad7e-2971-4e8c-b8b7-d84c9f6...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5134455422232211553&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D1427ad7e-2971-4e8c-b8...
  • https://idsync.rlcdn.com/501709.gif?partner_uid=1427ad7e-2971-4e8c-b8b7-d84c9f6c4c87%3A1700194354.4357219&_=1700194354.4382672
  • https://idsync.rlcdn.com/1000.gif?memo=CM3PHhJBCj0IARAFGjcxNDI3YWQ3ZS0yOTcxLTRlOGMtYjhiNy1kODRjOWY2YzRjODc6MTcwMDE5NDM1NC40MzU3MjE5EAAaDQiz0NuqBhIFCOgHEABCAEoA
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEDqE76Ixi3bwwX4E7z4wrrc&google_cver=1
42 B
316 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEDqE76Ixi3bwwX4E7z4wrrc&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fgpp%3D%26gpp_sid%3D%26bidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D&gdpr=&gdpr_consent=&gpp=&gpp_sid=&s=184674&us_privacy=&C=1
Protocol
H2
Server
35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:12:35 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:35 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEDqE76Ixi3bwwX4E7z4wrrc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
289
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame A666
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZVboL2W604ow4w-0eyPOEgAAFEgAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEDynfTpH7Db6cL02RUrZzD8&google_cver=1
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEDynfTpH7Db6cL02RUrZzD8&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fgpp%3D%26gpp_sid%3D%26bidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D&gdpr=&gdpr_consent=&gpp=&gpp_sid=&s=184674&us_privacy=&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XEXzy3mNVXAIr5sRbrGYcGBIY5YDOwt9rp2P9IS%2Fr%2Fyoi3d7%2BFab9wMFjfXkuHnRTGIckiwoNMm2bSMC0%2FdDQsh5kvGAzA9uBUmhxdtXyeT2YaGjEtpdzk3OdPK5uumkJnpecQIvfhfymg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
827522cc89ec01db-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:31 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEDynfTpH7Db6cL02RUrZzD8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame A666 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fgpp%3D%26gpp_sid%3D%26bidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D&gdpr=&gdpr_consent=&gpp=&gpp_sid=&s=184674&us_privacy=&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:12:31 GMT
server
Kestrel
content-length
70
content-type
image/gif
crum
dsum-sec.casalemedia.com/ Frame A666
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZVboL2W604ow4w.0eyPOEgAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHWfqEllLDIsnD-d2BncmFY&google_cver=1&google_hm=2
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHWfqEllLDIsnD-d2BncmFY&google_cver=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fgpp%3D%26gpp_sid%3D%26bidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D&gdpr=&gdpr_consent=&gpp=&gpp_sid=&s=184674&us_privacy=&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k9gVgUO7QEzG4P6ZUQMQJvz28c%2BzvtUJmUx3sIlNdUxvbPmKk2fyfLVj1HM5mJ3a3TyfoZMHXLoxC40X4GDMTOn%2FeDadnIa7GmIPWmX2BlclzG01Qfnj0h7O2uwNq6Y%2FKqOFUrBjSOqmWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
827522cddb3b01db-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHWfqEllLDIsnD-d2BncmFY&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ZVboL2W604ow4w-0eyPOEgAAFEgAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame A666 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZVboL2W604ow4w-0eyPOEgAAFEgAAAAB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fgpp%3D%26gpp_sid%3D%26bidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D&gdpr=&gdpr_consent=&gpp=&gpp_sid=&s=184674&us_privacy=&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.114.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-114-225.eu-west-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:12:31 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum-sec.casalemedia.com/ Frame A666
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1715919152&external_user_id=10c2b80d-f892-4c5c-baaa-020121cb8029
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1715919152&external_user_id=10c2b80d-f892-4c5c-baaa-020121cb8029
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fgpp%3D%26gpp_sid%3D%26bidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D&gdpr=&gdpr_consent=&gpp=&gpp_sid=&s=184674&us_privacy=&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iI6TIFnbJPL1c1dJl6qHPMEtDes%2BrfhzlwY0MHubDOHmu9nxE85S%2FqaK8g7K%2FwjIGQ6f7uDxO%2BXBVKcx1Rw5xCaT9XppA8jSZ7D3Iv%2F3Nt6EWF1Qy1XxCgYcKLTw2IzmxsGAAdtMu8jO1A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
827522ceac1801db-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Fri, 17 Nov 2023 04:12:32 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.casalemedia.com
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1715919152&external_user_id=10c2b80d-f892-4c5c-baaa-020121cb8029
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
rum
dsum.casalemedia.com/ Frame A666
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=31e1c7f33a11848&is_secure=true&networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAIYBaz_8rGkAMuxs1sAAAAAAA&expiration=1700280752&is_secure=true
43 B
551 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAIYBaz_8rGkAMuxs1sAAAAAAA&expiration=1700280752&is_secure=true
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fgpp%3D%26gpp_sid%3D%26bidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D&gdpr=&gdpr_consent=&gpp=&gpp_sid=&s=184674&us_privacy=&C=1
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jVOSHWdtGlrgviP9R%2BODRAgNHPwdgMhSqBVyESOpeut1lKIyFwRvCQLZIG5KwxeU1wlQrx7bWd7x8lHwWJhCCQaCUsYbTW39IzHxoe%2BHW1KvcVcjlKaZQ%2Fr%2F6qIZzoVD8BAsTO0e"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
827522cdda6e01f4-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:32 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAIYBaz_8rGkAMuxs1sAAAAAAA&expiration=1700280752&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
bridge
cm.adgrx.com/ Frame A666 		43 B
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fgpp%3D%26gpp_sid%3D%26bidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D&gdpr=&gdpr_consent=&gpp=&gpp_sid=&s=184674&us_privacy=&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.206 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:31 GMT
server
Cowboy
content-type
image/gif
p3p
CP="NOI OTC OTP OUR NOR"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
ams-delivery-4
content-length
43
expires
Thu, 23 Sep 2004 17:42:04 GMT
setuid
s2s.t13.io/ Frame A666 		0
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2s.t13.io/setuid?gpp=&gpp_sid=&gpp=&gpp_sid=&bidder=ix&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=b&uid=ZVboL2W604ow4w.0eyPOEgAA%265192
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fgpp%3D%26gpp_sid%3D%26bidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D&gdpr=&gdpr_consent=&gpp=&gpp_sid=&s=184674&us_privacy=&C=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:31 GMT
via
1.1 google
content-type
text/html
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 634C 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f1.1e100.net
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
599291
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 10 Nov 2023 05:44:20 GMT
expires
Sat, 09 Nov 2024 05:44:20 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 634C 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 09:57:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
65712
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 15 Nov 2024 09:57:20 GMT
generate_204
tpc.googlesyndication.com/ Frame 89B5 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?oxFbQg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:12:32 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
async_usersync.html
acdn.adnxs.com/dmp/ Frame BF58 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
http://controlc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
70498
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Fri, 17 Nov 2023 04:12:32 GMT
ETag
W/"623de86a-cf34"
Expires
Wed, 08 Nov 2023 05:49:52 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
907, 436519
X-Served-By
cache-lga13626-LGA, cache-ams21026-AMS
X-Timer
S1700194352.441073,VS0,VE0
sync
eb2.3lift.com/ Frame 4B0A 		37 B
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
http://controlc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Fri, 17 Nov 2023 04:12:32 GMT
pd
freestar-d.openx.net/w/1.0/ Frame 9366
Redirect Chain
  • https://freestar-d.openx.net/w/1.0/pd
  • https://freestar-d.openx.net/w/1.0/pd?cc=1
900 B
853 B 		Document
General
Check archive.org
Download Go to
Full URL
https://freestar-d.openx.net/w/1.0/pd?cc=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
c02c9b8dd3efe3ce56658443eda15913d37210a18ae85c71ccf41ed91759eb74

Request headers

Referer
http://controlc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
513
content-type
text/html
date
Fri, 17 Nov 2023 04:12:32 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Fri, 17 Nov 2023 04:12:32 GMT
location
https://freestar-d.openx.net/w/1.0/pd?cc=1
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
via
1.1 google
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 35DD 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
http://controlc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=104864
content-encoding
gzip
content-length
5622
content-type
text/html
date
Fri, 17 Nov 2023 04:12:32 GMT
expires
Sat, 18 Nov 2023 09:20:16 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame DAE8 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
http://controlc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 17 Nov 2023 04:12:32 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
pbcas
ads.yieldmo.com/ Frame 2EB5 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.74.177.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-74-177-179.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
dae99c129d73015c343b43cb45ba9daa7daec567dadc5335176827e1817aa4a5

Request headers

Referer
http://controlc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html;charset=utf-8
date
Fri, 17 Nov 2023 04:12:32 GMT
pragma
no-cache
vary
accept-encoding
sync
x.bidswitch.net/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=themediagrid
  • https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=themediagrid&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=themediagrid&gdpr=0&user_id=IKf2NXOq8Wc78adlL6TuNCCloTc7oaUyJqSbKDd8
43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=themediagrid&gdpr=0&user_id=IKf2NXOq8Wc78adlL6TuNCCloTc7oaUyJqSbKDd8
Protocol
H2
Server
18.195.61.190 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-61-190.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://controlc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:12:32 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:32 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=themediagrid&gdpr=0&user_id=IKf2NXOq8Wc78adlL6TuNCCloTc7oaUyJqSbKDd8
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
c
c.pub.network/v2/ 		36 B
53 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/analytics/1.2.5/analytics.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
40446f70ac0f8ed9ae4912bda6f9e9333badad89bc616a4594edcf67521fb771

Request headers

Referer
http://controlc.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 17 Nov 2023 04:12:32 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
http://controlc.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
c
c.pub.network/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
http://controlc.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
http://controlc.com
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Fri, 17 Nov 2023 04:12:32 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
via
1.1 google
pixel
cm.g.doubleclick.net/ Frame 2EB5 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_hm=M0ZNeTc3N2RkNDdMM3J1MXFqbFg=
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
ads.yieldmo.com/ Frame 2EB5
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=yieldmo
  • https://ads.yieldmo.com/sync?pn_id=rc&id=LP23TFKZ-1F-2JRM
43 B
612 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/sync?pn_id=rc&id=LP23TFKZ-1F-2JRM
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Protocol
H2
Server
54.74.177.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-74-177-179.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:32 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ads.yieldmo.com/sync?pn_id=rc&id=LP23TFKZ-1F-2JRM
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Expires
0
sync
ads.yieldmo.com/v000/ Frame 2EB5
Redirect Chain
  • https://ib.adnxs.com/getuid?https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an
  • https://ads.yieldmo.com/v000/sync?userid=6445747934427449614&pn_id=an
43 B
613 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?userid=6445747934427449614&pn_id=an
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Protocol
H2
Server
54.74.177.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-74-177-179.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:32 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:32 GMT
an-x-request-uuid
e81e2410-6ec0-4862-9a64-a2fff6f5147a
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ads.yieldmo.com/v000/sync?userid=6445747934427449614&pn_id=an
x-proxy-origin
62.202.181.36; 62.202.181.36; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.yieldmo.com/v000/ Frame 2EB5
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=561118&ev=1&rurl=https%3a%2f%2fads.yieldmo.com/v000/sync?userid=%%VGUID%%&pn_id=pp&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&us_privacy=
  • https://ads.yieldmo.com/v000/sync?userid=wRap5GlMEgyp&ev=1&pn_id=pp&gpp_sid=&gpp=&us_privacy=&pid=561118&gdpr_consent=&gdpr=0
43 B
608 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?userid=wRap5GlMEgyp&ev=1&pn_id=pp&gpp_sid=&gpp=&us_privacy=&pid=561118&gdpr_consent=&gdpr=0
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Protocol
H2
Server
54.74.177.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-74-177-179.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:32 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-CH
location
https://ads.yieldmo.com/v000/sync?userid=wRap5GlMEgyp&ev=1&pn_id=pp&gpp_sid=&gpp=&us_privacy=&pid=561118&gdpr_consent=&gdpr=0
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6b57df6cd5-8s4wd
expires
-1
apn
ads.playground.xyz/usersync/ Frame 2EB5
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160648&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.y...
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Protocol
H2
Server
34.102.253.54 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
54.253.102.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:12:33 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-request-id
bc8b0b36-de6c-40a1-b078-271db0d94020

Redirect headers

location
https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
date
Fri, 17 Nov 2023 04:12:31 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
176
content-type
text/html; charset=utf-8
request.php
hal90008.redintelligence.net/ Frame 0D6C
Redirect Chain
  • https://hal90008.redintelligence.net/request.php?zone=29okurnprew3&nw=20&renderingType=javascript&namespace=e6d88a1cf6&subid=&uid=0dd61bed6e89ca23&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
  • https://hal90008.redintelligence.net/request.php?zone=29okurnprew3&nw=20&renderingType=javascript&namespace=e6d88a1cf6&subid=&uid=0dd61bed6e89ca23&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90008.redintelligence.net/request.php?zone=29okurnprew3&nw=20&renderingType=javascript&namespace=e6d88a1cf6&subid=&uid=0dd61bed6e89ca23&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCZRmCLehWZduyNeiT1PIPwKCb0ASRwdCbaZvog5LcD_AuEAEg2tfFOWD1hYCA4ATIAQmpAleMhPXaNbI-qAMByAObBKoEjwJP0OexRdn9KMCMKtMwalH_gByi0hp-GfRU8vrgToDMqaI5YU-lm4_fgoddPgCIECP8R2TKXKbFmK-Kjj2vULOKL0qhtyRMsNgAjgvvzH_SJAJIsz1rdIlFtUfkJ-QhToGInsnsw2dO0PtxN1AHP_mV62qwxEMYxikyu5-IVqGM8-Weh3_XK3_tmzOxGLCdoTIIPOBQD15F67Rrw1sZg9E0stGXrt3oKFSk3qbROs07gWu0eJHeogPkk5oW4JebYllDEepulFmn0X2OBf2DBgyJW1kny7zw7l9FfN1fX0JMu8wdAgA0EUAAUgVH42mtOQuyCI7LiMBHIlj6mwKT502ki13cwlKbxvAjjDXfoIDVwAT6xouO_APgBAOIBcHeovg9kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgGEQARgdMgKKAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaIMGCoWChTktLEC7rWxArW4sQLktLEC7rWxAqoNAkNI4g0TCLuh8MGVyoIDFegJVQgdQNAGSrATlbXRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNxp8Gdaw_2ICrKTKkB4c3OYYmSY36R7y3-uG7XEgp2TjC8FmSSFSiszsyUwiKe02Zc5AexdZ8GAE%26sig%3DAOD64_31VPK9s6Vdbln99eoOvxZ-xVCRbA%26client%3Dca-pub-3605257360853185%26dbm_c%3DAKAmf-AhWRonK-yUb9V6euquy8qJUn6_hFaJtPpwLCDbid_nNqhQsKPyv3KaX9DmTJ5qCKREiRmSre50fulMzG06iZExKvqmZqcJhC3Tj7rYGEvAR3eMYpMoYFIqvvVQy5N_Um_1FuYfHJFO0Zb4gF4rmWCaR7QTiEeCUftGCc5_CVbpFQXeoeo%26cry%3D1%26dbm_d%3DAKAmf-DLNmQBL0UU7jJQhTU8MXJwI2POa_PxLdpU9x85_oGI_WxvHpfUqayOcVZZxxUlK1eMBrGIu7qbgWPJ81tIOjtmvFNbW-NCapZnDC7BtMHdkjbKBydphyDjkaTmE6s-FCGDzuy3EhZjWvcaEdYaZcYe31fq-KH-9PdOxwGiJPLPvtIUZb7tfjJwedD8vw51dOqnUcGO8wlZW46m6Qb4dTtQJpL_8oq3kBBqrFS30WiyDPLTjKlwgUyuepcxHWdySht600Lh-tCZFOOAoPOpLiWFuagPMroRjwSKLrt1SB2HCO8sYSD4o5puvqox33adj_OU3yznB0MGhMPeQkCVvY65WOkAC8kGW96wCb6GZFV4DcW_NFwcVAn_3i-iG3wfmeoH0JR38Dvk8_e2V2lXFW7QCj1Zy0QB1rmZ8sGAIiXoqDVvlX3AUiuAO5NfAm9YWjkUpieO1m5GX12rGOwerFycX1qHWGyREy-1BZL_mOdeAiXGTjf85hzMdjillJID2lEChm8u0-clmWVTW4W6m_a4IPKGNeA3W2lnQeu1Q2ijXpPBwXk%26adurl%3D&documentReferer=http%3A%2F%2Fcontrolc.com%2F&ancestorOrigins=http%3A%2F%2Fcontrolc.com&random=9160935830927&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com
URL: https://df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Server
138.201.63.150 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.150.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
79fa7edbb895098ba7b57f42dd619676db8ae71bf31e9f7825618e756cc8b993

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Nov 2023 04:12:32 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
89475100008044604438466012511008
Connection
close
Content-Length
861
Expires
Fri, 17 Nov 2023 04:12:32 +0100

Redirect headers

Pragma
no-cache
Date
Fri, 17 Nov 2023 04:12:32 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=29okurnprew3&nw=20&renderingType=javascript&namespace=e6d88a1cf6&subid=&uid=0dd61bed6e89ca23&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCZRmCLehWZduyNeiT1PIPwKCb0ASRwdCbaZvog5LcD_AuEAEg2tfFOWD1hYCA4ATIAQmpAleMhPXaNbI-qAMByAObBKoEjwJP0OexRdn9KMCMKtMwalH_gByi0hp-GfRU8vrgToDMqaI5YU-lm4_fgoddPgCIECP8R2TKXKbFmK-Kjj2vULOKL0qhtyRMsNgAjgvvzH_SJAJIsz1rdIlFtUfkJ-QhToGInsnsw2dO0PtxN1AHP_mV62qwxEMYxikyu5-IVqGM8-Weh3_XK3_tmzOxGLCdoTIIPOBQD15F67Rrw1sZg9E0stGXrt3oKFSk3qbROs07gWu0eJHeogPkk5oW4JebYllDEepulFmn0X2OBf2DBgyJW1kny7zw7l9FfN1fX0JMu8wdAgA0EUAAUgVH42mtOQuyCI7LiMBHIlj6mwKT502ki13cwlKbxvAjjDXfoIDVwAT6xouO_APgBAOIBcHeovg9kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgGEQARgdMgKKAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaIMGCoWChTktLEC7rWxArW4sQLktLEC7rWxAqoNAkNI4g0TCLuh8MGVyoIDFegJVQgdQNAGSrATlbXRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNxp8Gdaw_2ICrKTKkB4c3OYYmSY36R7y3-uG7XEgp2TjC8FmSSFSiszsyUwiKe02Zc5AexdZ8GAE%26sig%3DAOD64_31VPK9s6Vdbln99eoOvxZ-xVCRbA%26client%3Dca-pub-3605257360853185%26dbm_c%3DAKAmf-AhWRonK-yUb9V6euquy8qJUn6_hFaJtPpwLCDbid_nNqhQsKPyv3KaX9DmTJ5qCKREiRmSre50fulMzG06iZExKvqmZqcJhC3Tj7rYGEvAR3eMYpMoYFIqvvVQy5N_Um_1FuYfHJFO0Zb4gF4rmWCaR7QTiEeCUftGCc5_CVbpFQXeoeo%26cry%3D1%26dbm_d%3DAKAmf-DLNmQBL0UU7jJQhTU8MXJwI2POa_PxLdpU9x85_oGI_WxvHpfUqayOcVZZxxUlK1eMBrGIu7qbgWPJ81tIOjtmvFNbW-NCapZnDC7BtMHdkjbKBydphyDjkaTmE6s-FCGDzuy3EhZjWvcaEdYaZcYe31fq-KH-9PdOxwGiJPLPvtIUZb7tfjJwedD8vw51dOqnUcGO8wlZW46m6Qb4dTtQJpL_8oq3kBBqrFS30WiyDPLTjKlwgUyuepcxHWdySht600Lh-tCZFOOAoPOpLiWFuagPMroRjwSKLrt1SB2HCO8sYSD4o5puvqox33adj_OU3yznB0MGhMPeQkCVvY65WOkAC8kGW96wCb6GZFV4DcW_NFwcVAn_3i-iG3wfmeoH0JR38Dvk8_e2V2lXFW7QCj1Zy0QB1rmZ8sGAIiXoqDVvlX3AUiuAO5NfAm9YWjkUpieO1m5GX12rGOwerFycX1qHWGyREy-1BZL_mOdeAiXGTjf85hzMdjillJID2lEChm8u0-clmWVTW4W6m_a4IPKGNeA3W2lnQeu1Q2ijXpPBwXk%26adurl%3D&documentReferer=http%3A%2F%2Fcontrolc.com%2F&ancestorOrigins=http%3A%2F%2Fcontrolc.com&random=9160935830927&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Length
0
Expires
Fri, 17 Nov 2023 04:12:32 +0100
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame B818 		38 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: controlc.com
URL: http://controlc.com/c867d83d
Protocol
HTTP/1.1
Server
216.58.206.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f1.1e100.net
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://controlc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Age
68569
Cache-Control
public, max-age=31536000
Content-Encoding
gzip
Content-Length
14538
Content-Type
text/html
Cross-Origin-Opener-Policy
same-origin; report-to="adspam-signals-scs"
Cross-Origin-Resource-Policy
cross-origin
Date
Thu, 16 Nov 2023 09:09:43 GMT
Expires
Fri, 15 Nov 2024 09:09:43 GMT
Last-Modified
Fri, 25 Aug 2023 23:48:00 GMT
Report-To
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
Server
sffe
Timing-Allow-Origin
*
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
0
v1
match.sharethrough.com/FGMrCMMc/ 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsharethrough%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.65.142.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-142-57.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://controlc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:12:32 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 634C 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BKFFVL-hWZdvkDOOQ7_UP6qKy2AQAAAAAOAHgBAI&bg=!EBOlE1zNAAZxrfrxUa07ADQBe5WfOETtCJGaNzAryaQ8VAejgNxjtkWAaLWKKJTvMsOhJOEOu2V2wPbh5WiPU8sFZC2dAgAAAQpSAAAABGgBBwoAkRPYDa47DuZKl6euW1EwJfMyKa-gqrxCBsJB651JcTNysR4ous-YqNaxJ1uZvltmhvWZ9RFHAjN1yNtz5ysCM6oJBRaNasH68Y1puzJECgtH-2Z8Nqsr-5I82BS-NcameqmPDd204BECEBkXYJHvLo0oSnWJPprK-IudfUSFzC9ONKK04socTV_4iQ6ErkV2BG-ZAv3MjYyFi9Y24lL148bsf6UcRP0ftSTS5l6AsdfvHT3ZzAvms2gQN-Ry0VPgNz-d16O-JU_TmhWNlrHImKu-wRTuy_dUo93aX2Rk2P-O91juZgdtuD96oci6YFItqfq_R6JNl-EM_93ircO9mVZb-bkC5104XM1y-b5D4K3uAdu6Av7WuROXkjLrqYlVhvbuFtY3FudHJ0ABQHyoYB6ttagXpaoEYuSs1WbdDyssnjY5vbW1KNMQEepfiWNMwGT28vMLHiZga7USbWEphikSlLJqcoBmnpDvKlaYMXgHQAL9VIg5KPJxsZvubg4SN_X4IHS7nRY0cxiAiPJKk10XiuZs-bQFFcNcKcF0N4pe1u_Au7dItLVlq0EMym8BLmvV36DWIJXWm0e6Ipj3qL0zsDla0bg19Te7_ShaZIcYtcN8zlWH9T580aL4cGH4ZUEAtO3PsdkLyQEJdss7zk6_urthlw8IRTBzOKZdpcuUmD-XGPlCwU2741VyB79CwpckvILIDJGlJkeTGAHk92H3hCi171yyO-E0XfLfBAPb5FjINS0TQd59R-ZMHVk9b9fbPORBz9BclqL4bi6nWvaI5yw6Qlm33UsUOh30sfkHs4AQO05yXvQ5zabGBsY8yyGTKP47ReTyqFuwOd8OdgsKhnJQWTqvVRHhXMMsZF8PKecRyC4bwRG_0xp_ib9TyCUbJTaUlMsJiJMC9oSwKDFfctlU1BUrhSenHmDXyL9R_FyCtBLP4MH7PRPVq_TK14Wf3CpwkXYkCZyJgNM5PvSVBdV4Ohkjz2AG4wjREzbL2KOvnvh1wfbF5WqqlX2SCvtUYFZTl5BLsh2Gt23PRu_kRArL7JCv5pv8e5rUZttF_Jerho0j5p_UC6mna82KA9TdYoW-68FDe-PaWY1iQzUSZ7xhA8L_BFc3y6OCuCZG-H3DT_sqSLoT5mVaXf1MW3qWI7dLuAxyvDoV7hX6YzeHGhj--jYip4lXhF_vgsOITBahnAGeAjmca14O9mj2KxM
Requested by
Host: df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com
URL: https://df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame BF58 		0
596 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:32 GMT
an-x-request-uuid
beaa7959-8f3f-4ba3-92a6-a4e55013af81
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
62.202.181.36; 62.202.181.36; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame B818 		39 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: http://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
HTTP/1.1
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 09:59:31 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
238382
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
Cross-Origin-Resource-Policy
cross-origin
Content-Length
17074
X-XSS-Protection
0
Last-Modified
Mon, 06 Nov 2023 16:38:00 GMT
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="botguard-scs"
Vary
Accept-Encoding
Report-To
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
Content-Type
text/javascript
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Expires
Wed, 13 Nov 2024 09:59:31 GMT
usync.js
eus.rubiconproject.com/ Frame DAE8 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
16f6a89c89e20586fdb7ed77f218f6af5442e80c8c3116deb2ab0cdd5aae2001

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 17 Nov 2023 04:12:32 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 Nov 2023 12:56:28 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=31442
Connection
keep-alive
Content-Length
13230
Expires
Fri, 17 Nov 2023 12:56:34 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame F78D 		203 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: controlc.com
URL: http://controlc.com/c867d83d
Protocol
HTTP/1.1
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
sffe /
Resource Hash
f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://controlc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 17 Nov 2023 04:12:33 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
Content-Length
65395
X-XSS-Protection
0
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="active-view-scs-read-write-acl"
ETag
"1700052045412510"
Vary
Accept-Encoding
Report-To
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
Content-Type
text/javascript
Cache-Control
private, max-age=3000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Fri, 17 Nov 2023 04:12:33 GMT
index.html
s0.2mdn.net/sadbundle/17160266661673041920/Performance_300x250_S3_DE/ Frame AC2E 		12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17160266661673041920/Performance_300x250_S3_DE/index.html?ev=01_250
Requested by
Host: controlc.com
URL: http://controlc.com/c867d83d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f6.1e100.net
Software
sffe /
Resource Hash
6f4df8ec8a990788eef5a8df400db264190ff0038e3f3370879248166cb97594
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://controlc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
121774
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
3510
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 15 Nov 2023 18:22:59 GMT
expires
Thu, 14 Nov 2024 18:22:59 GMT
last-modified
Tue, 03 Oct 2023 09:31:29 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame F78D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsup4Lqbyymf5fmKd_NG--MC28w2k2BDmcBz2YKEv_YClsxiQKSPOK5YAG4g-mkTOrjT5tu2PlWPMiCk1svBrl6dfY2uPQnOWiuaCfIPThEhimdCLLmYS3ZLG9LJCTMJzs4mTemsgI2jD8JV7jwKxeZqfinfIE7YJKnr9xsav8RB4RNtpvrXMv34_hnXYlCQXzZFX4M_SPPyFkl27A&sai=AMfl-YTP22N0TwxF-ok0GYHDEORR8I74CclyynEcnHlHMGixJTobT-CXD62dtXGUFer_QY9YIVjUSiMOh08bQObbrGVIwfnOcqbGAl7mPBVpCDyDK_5Pyn-zuJKA05AtvoH6x_CPgMYCfGRZiIwNPYm0Vyao4xLIZ55W&sig=Cg0ArKJSzB9Y-eLSxU51EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=887&cbvp=1&cstd=875&cisv=r20231109.54354&arae=0&ftch=1&adurl=
Requested by
Host: controlc.com
URL: http://controlc.com/c867d83d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://controlc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:12:32 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
dds
rtb.openx.net/sync/ Frame 9366
Redirect Chain
  • https://rtb.openx.net/sync/dds
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=2UWo9sBOjdOqTlqn3I6BJA==&ox_sc=1&ox_init=1
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
43 B
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by
Host: freestar-d.openx.net
URL: https://freestar-d.openx.net/w/1.0/pd?cc=1
Protocol
H3
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://freestar-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:32 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
249
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
92d4448e-f964-a6b4-7ded-00e5f0c076d7
pr-bh.ybp.yahoo.com/sync/openx/ Frame 9366 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/92d4448e-f964-a6b4-7ded-00e5f0c076d7?gdpr=0
Requested by
Host: freestar-d.openx.net
URL: https://freestar-d.openx.net/w/1.0/pd?cc=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.114.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-114-225.eu-west-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://freestar-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:12:32 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sd
us-u.openx.net/w/1.0/ Frame 9366
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=openx
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_custom_parameter=618a9eb3-5ba8-4691-8c50-55dd42f94a36
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_custom_parameter=618a9eb3-5ba8-4691-8c50-55dd42f94a36
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=8d61d914-2525-40b6-aba1-9efa7482174e&user_group=1&ssp=openx&bsw_param=618a9eb3-5ba8-4691-8c50-55dd42f94a36
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=618a9eb3-5ba8-4691-8c50-55dd42f94a36&gdpr=&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072968&val=618a9eb3-5ba8-4691-8c50-55dd42f94a36&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: freestar-d.openx.net
URL: https://freestar-d.openx.net/w/1.0/pd?cc=1
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://freestar-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:33 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
//us-u.openx.net/w/1.0/sd?id=537072968&val=618a9eb3-5ba8-4691-8c50-55dd42f94a36&gdpr=&gdpr_consent=&us_privacy=
date
Fri, 17 Nov 2023 04:12:33 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
sd
us-u.openx.net/w/1.0/ Frame 9366
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=openx&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073053&val=ULvzg6dxdpm5jGsoqb4hRA0d8WqCco-6wuF269C1IyA&pi=openx&gdpr=0
43 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073053&val=ULvzg6dxdpm5jGsoqb4hRA0d8WqCco-6wuF269C1IyA&pi=openx&gdpr=0
Requested by
Host: freestar-d.openx.net
URL: https://freestar-d.openx.net/w/1.0/pd?cc=1
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://freestar-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:32 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073053&val=ULvzg6dxdpm5jGsoqb4hRA0d8WqCco-6wuF269C1IyA&pi=openx&gdpr=0
pragma
no-cache
date
Fri, 17 Nov 2023 04:12:32 GMT, Fri, 17 Nov 2023 04:12:32 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 9366
Redirect Chain
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=rOvogv_m79C3vbnSo-jwg6zpv4C37buFqujfG9sL
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=rOvogv_m79C3vbnSo-jwg6zpv4C37buFqujfG9sL
Requested by
Host: freestar-d.openx.net
URL: https://freestar-d.openx.net/w/1.0/pd?cc=1
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://freestar-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:32 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:32 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=rOvogv_m79C3vbnSo-jwg6zpv4C37buFqujfG9sL
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 9366
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5391045297437159480
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5391045297437159480
Requested by
Host: freestar-d.openx.net
URL: https://freestar-d.openx.net/w/1.0/pd?cc=1
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://freestar-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:32 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5391045297437159480
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
dcm
aax-eu.amazon-adsystem.com/s/ Frame 9366 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=5ec55eb7-7562-8f07-8c34-948767a4707e
Requested by
Host: freestar-d.openx.net
URL: https://freestar-d.openx.net/w/1.0/pd?cc=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.222.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://freestar-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Nov 2023 04:12:32 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
125QKK11A0XFFX7NKSZS
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
openx
match.adsrvr.org/track/cmf/ Frame 9366 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=061322ca-69c8-34fd-4c3a-16100f97bb9e&gdpr=0
Requested by
Host: freestar-d.openx.net
URL: https://freestar-d.openx.net/w/1.0/pd?cc=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://freestar-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:12:32 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 9366 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MmE3Y2YxMDAtYTBiZi02YTU5LTU5ZGEtNGNhOWM1NzU3NWZl
Requested by
Host: freestar-d.openx.net
URL: https://freestar-d.openx.net/w/1.0/pd?cc=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://freestar-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 9366
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEkt6ZdgPluWPFIAEujYTYs&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEkt6ZdgPluWPFIAEujYTYs&google_cver=1
Requested by
Host: freestar-d.openx.net
URL: https://freestar-d.openx.net/w/1.0/pd?cc=1
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://freestar-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:32 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEkt6ZdgPluWPFIAEujYTYs&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311090101&jk=1019442553089783&bg=!UlGlUR7NAAZxrfrxUa07ADQBe5WfOD_z_JF0NNPJekq_J2Y6wi81gchxM0GQYs1Ncisqq_ikiOwi_RaCJUwQOM9_hb2jAgAABadSAAAABmgBBwoAuzOzNEgdramxpGtMyoFDEqjAGHDd-8Lg2KKzj4NNdwcPlOjkESOiFuE1VlSdMz8e5A_yAXIiH-6ap1NE8vlh4i-98i0p2GaWPomT_rVesQXw4rYByCazPMzIxpFBvIu_kjOssOcYt5fN30faPqBnHNToyureBPRvRsFfy65y0FlT-zMd0lYwDgpf5twp7n7Y4IrBi2yxszo7lQS-t2RgVibctuOWEAUPsTCvYcxKdvRJpwbnuRYvan_C2ImZArWfd1qz-hivu962oO8dmlQwnjrbN0wkC8o8XDUOey0RZZ70A_d8yFqepD0HA9ZeGjRB7Ccx0u6-lmiPWPftZiABaWy_jhRRnw3-wiy3QcsLSe0TrVu5FIvJZQg9uXwiiDSKfaY81pun4-VlsNJBSFvxIEnK3J47OS8UORY1nyAY37UWdpjo2od93NaRt8uY9uc3-4pkBjCEhvM4R4L30XNCiRFKHqh-oVojfkixpbEolTURSGP5ndpE-4cUNSZE0STv0kPYYw_ELQlWdevOzt49HTjrskmkvNAMouam9qO5nSAN2Wwx2RHoY8nTQBZGLM5Fg3kvdZLOEOh1BC2jc3jqT82i5Og8uvnI5vJDYBKAc5FEhdgYPwNr1ZGxhjwwemD3c9bp8jnowoPFO5l3aTaU_drNEnLJIBC5EX6Z3ywLY8BDTUYdi7OUS9cgqdEEiqUOuPxNCz8VPeutPSA5vpRTvzbFx23KKIzy71WCyJZbCcUkxVMBGMf-mMwEc003wWQRjY-6J3tkXep_QtRtH_5AYaznEpgHzz-rgZbi7tY86ku9tByQmc3GpzYWgGCEtey4mBqrBZgxCDZeOh4gHV4Rtt-lF2NwdURQj5R0oIplSRMoH8Ys3yc8AZtov35FjvkCg9gIWjI3KvElKOZJJMmEZY7DeyUMK3aRp-lwGdlJYPUaoXjQEJzPeK2UpQ7ctLoKCySzvDQYTelXVpHrjEvUDPn4sxGfkhq6mFUyvYLaPIFbce_FVH9TaJD-p87el6loa8ZHHWeGkj9H14Lr6QsWo2OQmXwt-MP-ICNK8SgyO9z4hp5RlgwO-TW4BquMwtcsA63ZJap9EV78P1nXplv0kQ1L8nYPPuuR5Qh-4qXFkUdBGWnyPD4EQ1rzKv6_B401SJTme2iWuJZVRNTpNm7KL7HHqpA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://controlc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
setuid
s2s.t13.io/
Redirect Chain
  • https://cms.quantserve.com/pixel/p-N04C2m09Yy8f8.gif?idmatch=0&gdpr=&gdpr_consent=&us_privacy=&redir=
  • https://s2s.t13.io/setuid?bidder=quantcastfsx&gdpr=0&uid=MyXRU2Ao1gEoc4ADPCbJUjMnhlEoI4JUNSbKGTAl
86 B
115 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2s.t13.io/setuid?bidder=quantcastfsx&gdpr=0&uid=MyXRU2Ao1gEoc4ADPCbJUjMnhlEoI4JUNSbKGTAl
Protocol
H3
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://controlc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:32 GMT
content-encoding
gzip
via
1.1 google
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:32 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://s2s.t13.io/setuid?bidder=quantcastfsx&gdpr=0&uid=MyXRU2Ao1gEoc4ADPCbJUjMnhlEoI4JUNSbKGTAl
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
khaos.json
token.rubiconproject.com/ Frame DAE8 		7 B
778 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
402fba8a82f093def2459220061c8d31
Expires
0
SPug
simage4.pubmatic.com/AdServer/ Frame 3A29 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156212&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:12:31 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
activeview
pagead2.googlesyndication.com/pcs/ Frame F78D 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss9t8qWUSdpFqs8PVpQOrFDlOGD-_f5HYLIzkv95c5MrP5LGOLUecOpRV3V-xgdn3WB-wIbs6M0DuQ-aiTQleUNKcHIwEs2igNUmtBkKJ7Kdj0fERmukSaUhExb2eR03Pi7FmmLUeStLg&sig=Cg0ArKJSzD9N0WpIX5_6EAE&id=lidar2&mcvt=1000&p=103,650,353,950&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231115&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2225142635&rs=4&la=0&cr=0&vs=4&r=v&rst=1700194350167&rpt=1640&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://controlc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
u.openx.net/w/1.0/ Frame DC6B 		696 B
762 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
518331774eeaf7a95b4c794671e03013cf103069819cb57c2bfac81cef72bd55

Request headers

Referer
http://controlc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
440
content-type
text/html
date
Fri, 17 Nov 2023 04:12:33 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
frstrOSd_8.js
cdn.springserve.com/assets/0/playerJS/ 		315 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.springserve.com/assets/0/playerJS/frstrOSd_8.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/5.19.15/pubfig.engine.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-108.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cebb34b91ef05c9f91a017e4e5aecba2e2f9dab6518af0f2e0c565f25e01a8bc

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://controlc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 07:18:26 GMT
content-encoding
gzip
via
1.1 0d5d2d408eb42296c7636196e25ef8a2.cloudfront.net (CloudFront)
last-modified
Tue, 01 Aug 2023 19:02:14 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
age
593647
x-amz-server-side-encryption
AES256
etag
W/"36c24396bd82f5e2e65d1d6548a8f1ac"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
JU2lBQ-zYn2SDESbKP78_PrauJX4SMzsjK1yZTow3_gwao5s63klyw==
ztpv.php
www.conrad.ch/ Frame 3856
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2246412&v=11467&q=346432&r=414915&pref1=89475100008044604438466012511008&pv=1
  • https://www.conrad.ch/ztpv.php?awc=11467_414915_1700194353_886b62d0-84ff-11ee-819e-22341370d01f&insert=AW&gdpr=&gdpr_consent=
0
490 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.conrad.ch/ztpv.php?awc=11467_414915_1700194353_886b62d0-84ff-11ee-819e-22341370d01f&insert=AW&gdpr=&gdpr_consent=
Requested by
Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request.php?zone=29okurnprew3&nw=20&renderingType=javascript&namespace=e6d88a1cf6&subid=&uid=0dd61bed6e89ca23&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCZRmCLehWZduyNeiT1PIPwKCb0ASRwdCbaZvog5LcD_AuEAEg2tfFOWD1hYCA4ATIAQmpAleMhPXaNbI-qAMByAObBKoEjwJP0OexRdn9KMCMKtMwalH_gByi0hp-GfRU8vrgToDMqaI5YU-lm4_fgoddPgCIECP8R2TKXKbFmK-Kjj2vULOKL0qhtyRMsNgAjgvvzH_SJAJIsz1rdIlFtUfkJ-QhToGInsnsw2dO0PtxN1AHP_mV62qwxEMYxikyu5-IVqGM8-Weh3_XK3_tmzOxGLCdoTIIPOBQD15F67Rrw1sZg9E0stGXrt3oKFSk3qbROs07gWu0eJHeogPkk5oW4JebYllDEepulFmn0X2OBf2DBgyJW1kny7zw7l9FfN1fX0JMu8wdAgA0EUAAUgVH42mtOQuyCI7LiMBHIlj6mwKT502ki13cwlKbxvAjjDXfoIDVwAT6xouO_APgBAOIBcHeovg9kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgGEQARgdMgKKAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaIMGCoWChTktLEC7rWxArW4sQLktLEC7rWxAqoNAkNI4g0TCLuh8MGVyoIDFegJVQgdQNAGSrATlbXRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNxp8Gdaw_2ICrKTKkB4c3OYYmSY36R7y3-uG7XEgp2TjC8FmSSFSiszsyUwiKe02Zc5AexdZ8GAE%26sig%3DAOD64_31VPK9s6Vdbln99eoOvxZ-xVCRbA%26client%3Dca-pub-3605257360853185%26dbm_c%3DAKAmf-AhWRonK-yUb9V6euquy8qJUn6_hFaJtPpwLCDbid_nNqhQsKPyv3KaX9DmTJ5qCKREiRmSre50fulMzG06iZExKvqmZqcJhC3Tj7rYGEvAR3eMYpMoYFIqvvVQy5N_Um_1FuYfHJFO0Zb4gF4rmWCaR7QTiEeCUftGCc5_CVbpFQXeoeo%26cry%3D1%26dbm_d%3DAKAmf-DLNmQBL0UU7jJQhTU8MXJwI2POa_PxLdpU9x85_oGI_WxvHpfUqayOcVZZxxUlK1eMBrGIu7qbgWPJ81tIOjtmvFNbW-NCapZnDC7BtMHdkjbKBydphyDjkaTmE6s-FCGDzuy3EhZjWvcaEdYaZcYe31fq-KH-9PdOxwGiJPLPvtIUZb7tfjJwedD8vw51dOqnUcGO8wlZW46m6Qb4dTtQJpL_8oq3kBBqrFS30WiyDPLTjKlwgUyuepcxHWdySht600Lh-tCZFOOAoPOpLiWFuagPMroRjwSKLrt1SB2HCO8sYSD4o5puvqox33adj_OU3yznB0MGhMPeQkCVvY65WOkAC8kGW96wCb6GZFV4DcW_NFwcVAn_3i-iG3wfmeoH0JR38Dvk8_e2V2lXFW7QCj1Zy0QB1rmZ8sGAIiXoqDVvlX3AUiuAO5NfAm9YWjkUpieO1m5GX12rGOwerFycX1qHWGyREy-1BZL_mOdeAiXGTjf85hzMdjillJID2lEChm8u0-clmWVTW4W6m_a4IPKGNeA3W2lnQeu1Q2ijXpPBwXk%26adurl%3D&documentReferer=http%3A%2F%2Fcontrolc.com%2F&ancestorOrigins=http%3A%2F%2Fcontrolc.com&random=9160935830927&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.186.224 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-cache
cf-ccp-worker
HTLPHandler-v1
cf-ray
827522daca2724be-ZRH
content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 17 Nov 2023 04:12:34 GMT
expires
-1
server
cloudflare
strict-transport-security
max-age=15552000
vary
Accept-Encoding

Redirect headers

Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
0
Date
Fri, 17 Nov 2023 04:12:33 GMT
Location
https://www.conrad.ch/ztpv.php?awc=11467_414915_1700194353_886b62d0-84ff-11ee-819e-22341370d01f&insert=AW&gdpr=&gdpr_consent=
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Strict-Transport-Security
max-age=86400
cshow.php
www.awin1.com/ Frame AB01 		43 B
704 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.awin1.com/cshow.php?s=2476255&v=15168&q=372492&r=414915&pref1=89475100008044604438466012511008&pv=1
Requested by
Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request.php?zone=29okurnprew3&nw=20&renderingType=javascript&namespace=e6d88a1cf6&subid=&uid=0dd61bed6e89ca23&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCZRmCLehWZduyNeiT1PIPwKCb0ASRwdCbaZvog5LcD_AuEAEg2tfFOWD1hYCA4ATIAQmpAleMhPXaNbI-qAMByAObBKoEjwJP0OexRdn9KMCMKtMwalH_gByi0hp-GfRU8vrgToDMqaI5YU-lm4_fgoddPgCIECP8R2TKXKbFmK-Kjj2vULOKL0qhtyRMsNgAjgvvzH_SJAJIsz1rdIlFtUfkJ-QhToGInsnsw2dO0PtxN1AHP_mV62qwxEMYxikyu5-IVqGM8-Weh3_XK3_tmzOxGLCdoTIIPOBQD15F67Rrw1sZg9E0stGXrt3oKFSk3qbROs07gWu0eJHeogPkk5oW4JebYllDEepulFmn0X2OBf2DBgyJW1kny7zw7l9FfN1fX0JMu8wdAgA0EUAAUgVH42mtOQuyCI7LiMBHIlj6mwKT502ki13cwlKbxvAjjDXfoIDVwAT6xouO_APgBAOIBcHeovg9kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgGEQARgdMgKKAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaIMGCoWChTktLEC7rWxArW4sQLktLEC7rWxAqoNAkNI4g0TCLuh8MGVyoIDFegJVQgdQNAGSrATlbXRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNxp8Gdaw_2ICrKTKkB4c3OYYmSY36R7y3-uG7XEgp2TjC8FmSSFSiszsyUwiKe02Zc5AexdZ8GAE%26sig%3DAOD64_31VPK9s6Vdbln99eoOvxZ-xVCRbA%26client%3Dca-pub-3605257360853185%26dbm_c%3DAKAmf-AhWRonK-yUb9V6euquy8qJUn6_hFaJtPpwLCDbid_nNqhQsKPyv3KaX9DmTJ5qCKREiRmSre50fulMzG06iZExKvqmZqcJhC3Tj7rYGEvAR3eMYpMoYFIqvvVQy5N_Um_1FuYfHJFO0Zb4gF4rmWCaR7QTiEeCUftGCc5_CVbpFQXeoeo%26cry%3D1%26dbm_d%3DAKAmf-DLNmQBL0UU7jJQhTU8MXJwI2POa_PxLdpU9x85_oGI_WxvHpfUqayOcVZZxxUlK1eMBrGIu7qbgWPJ81tIOjtmvFNbW-NCapZnDC7BtMHdkjbKBydphyDjkaTmE6s-FCGDzuy3EhZjWvcaEdYaZcYe31fq-KH-9PdOxwGiJPLPvtIUZb7tfjJwedD8vw51dOqnUcGO8wlZW46m6Qb4dTtQJpL_8oq3kBBqrFS30WiyDPLTjKlwgUyuepcxHWdySht600Lh-tCZFOOAoPOpLiWFuagPMroRjwSKLrt1SB2HCO8sYSD4o5puvqox33adj_OU3yznB0MGhMPeQkCVvY65WOkAC8kGW96wCb6GZFV4DcW_NFwcVAn_3i-iG3wfmeoH0JR38Dvk8_e2V2lXFW7QCj1Zy0QB1rmZ8sGAIiXoqDVvlX3AUiuAO5NfAm9YWjkUpieO1m5GX12rGOwerFycX1qHWGyREy-1BZL_mOdeAiXGTjf85hzMdjillJID2lEChm8u0-clmWVTW4W6m_a4IPKGNeA3W2lnQeu1Q2ijXpPBwXk%26adurl%3D&documentReferer=http%3A%2F%2Fcontrolc.com%2F&ancestorOrigins=http%3A%2F%2Fcontrolc.com&random=9160935830927&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.205.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-205-163.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Awin-Akamai-Rule-Set
default
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 17 Nov 2023 04:12:33 GMT
Expires
0
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Pragma
no-cache
Strict-Transport-Security
max-age=86400
request_content.php
hal90008.redintelligence.net/ Frame 978A 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal90008.redintelligence.net/request_content.php?s=89475100008044604438466012511008&a=83534387
Requested by
Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request.php?zone=29okurnprew3&nw=20&renderingType=javascript&namespace=e6d88a1cf6&subid=&uid=0dd61bed6e89ca23&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCZRmCLehWZduyNeiT1PIPwKCb0ASRwdCbaZvog5LcD_AuEAEg2tfFOWD1hYCA4ATIAQmpAleMhPXaNbI-qAMByAObBKoEjwJP0OexRdn9KMCMKtMwalH_gByi0hp-GfRU8vrgToDMqaI5YU-lm4_fgoddPgCIECP8R2TKXKbFmK-Kjj2vULOKL0qhtyRMsNgAjgvvzH_SJAJIsz1rdIlFtUfkJ-QhToGInsnsw2dO0PtxN1AHP_mV62qwxEMYxikyu5-IVqGM8-Weh3_XK3_tmzOxGLCdoTIIPOBQD15F67Rrw1sZg9E0stGXrt3oKFSk3qbROs07gWu0eJHeogPkk5oW4JebYllDEepulFmn0X2OBf2DBgyJW1kny7zw7l9FfN1fX0JMu8wdAgA0EUAAUgVH42mtOQuyCI7LiMBHIlj6mwKT502ki13cwlKbxvAjjDXfoIDVwAT6xouO_APgBAOIBcHeovg9kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgGEQARgdMgKKAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaIMGCoWChTktLEC7rWxArW4sQLktLEC7rWxAqoNAkNI4g0TCLuh8MGVyoIDFegJVQgdQNAGSrATlbXRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNxp8Gdaw_2ICrKTKkB4c3OYYmSY36R7y3-uG7XEgp2TjC8FmSSFSiszsyUwiKe02Zc5AexdZ8GAE%26sig%3DAOD64_31VPK9s6Vdbln99eoOvxZ-xVCRbA%26client%3Dca-pub-3605257360853185%26dbm_c%3DAKAmf-AhWRonK-yUb9V6euquy8qJUn6_hFaJtPpwLCDbid_nNqhQsKPyv3KaX9DmTJ5qCKREiRmSre50fulMzG06iZExKvqmZqcJhC3Tj7rYGEvAR3eMYpMoYFIqvvVQy5N_Um_1FuYfHJFO0Zb4gF4rmWCaR7QTiEeCUftGCc5_CVbpFQXeoeo%26cry%3D1%26dbm_d%3DAKAmf-DLNmQBL0UU7jJQhTU8MXJwI2POa_PxLdpU9x85_oGI_WxvHpfUqayOcVZZxxUlK1eMBrGIu7qbgWPJ81tIOjtmvFNbW-NCapZnDC7BtMHdkjbKBydphyDjkaTmE6s-FCGDzuy3EhZjWvcaEdYaZcYe31fq-KH-9PdOxwGiJPLPvtIUZb7tfjJwedD8vw51dOqnUcGO8wlZW46m6Qb4dTtQJpL_8oq3kBBqrFS30WiyDPLTjKlwgUyuepcxHWdySht600Lh-tCZFOOAoPOpLiWFuagPMroRjwSKLrt1SB2HCO8sYSD4o5puvqox33adj_OU3yznB0MGhMPeQkCVvY65WOkAC8kGW96wCb6GZFV4DcW_NFwcVAn_3i-iG3wfmeoH0JR38Dvk8_e2V2lXFW7QCj1Zy0QB1rmZ8sGAIiXoqDVvlX3AUiuAO5NfAm9YWjkUpieO1m5GX12rGOwerFycX1qHWGyREy-1BZL_mOdeAiXGTjf85hzMdjillJID2lEChm8u0-clmWVTW4W6m_a4IPKGNeA3W2lnQeu1Q2ijXpPBwXk%26adurl%3D&documentReferer=http%3A%2F%2Fcontrolc.com%2F&ancestorOrigins=http%3A%2F%2Fcontrolc.com&random=9160935830927&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.150 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.150.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
3ca51323724381eb62f12066c6c618f77c9b4e6fe37d05d68e4af0abc44d4e6d

Request headers

Referer
https://df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
2164
Content-Type
text/html; charset=utf-8
Date
Fri, 17 Nov 2023 04:12:33 GMT
Expires
Fri, 17 Nov 2023 04:12:33 +0100
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
impression.php
t23.intelliad.de/ Frame 0D6C 		43 B
555 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t23.intelliad.de/impression.php?cl=2353636373136323131303&cp=101&ag=248&bm=100&bmcl=5373735313236323131303&crid=101&timestamp=1700194353&co=
Requested by
Host: df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com
URL: https://df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.49.61 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-49-61.eu-central-1.compute.amazonaws.com
Software
Apache /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:33 GMT
server
Apache
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW NID PSAo PSDo OUR STP OTC"
content-type
image/gif
cache-control
no-store, no-cache, max-age=0, must-revalidate
content-length
43
expires
Sat, 26 Jul 1997 05:00:00 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 5862 		1 KB
740 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com
URL: https://df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
23740
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 16 Nov 2023 21:36:53 GMT
etag
48472445140208031
expires
Fri, 17 Nov 2023 21:36:53 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 0D6C 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
df646682fc270d2264b0c9f86205790b73bb8ff2a940e9dee9513f93970a85b1

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
setuid
s2s.t13.io/ Frame DC6B 		0
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2s.t13.io/setuid?bidder=openx&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=b&uid=3fcdad05-d057-0714-27b6-d6058ecc7913
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:33 GMT
via
1.1 google
content-type
text/html
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0
sd
us-u.openx.net/w/1.0/ Frame DC6B
Redirect Chain
  • https://p.rfihub.com/cm?pub=25&in=1
  • https://us-u.openx.net/w/1.0/sd?id=537073062&val=5134455422232211553
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073062&val=5134455422232211553
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:33 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537073062&val=5134455422232211553
Date
Fri, 17 Nov 2023 04:12:33 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sd
us-u.openx.net/w/1.0/ Frame DC6B
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0&gdpr=0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZVboLwAAOeqJBQBU
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZVboLwAAOeqJBQBU
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:33 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by
cache-ams21026-AMS
pragma
no-cache
date
Fri, 17 Nov 2023 04:12:33 GMT
via
1.1 varnish
server
Varnish
x-timer
S1700194353.412294,VS0,VE0
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZVboLwAAOeqJBQBU
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
openx
tr.blismedia.com/v1/api/sync/ Frame DC6B 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/openx
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:12:33 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
sd
us-u.openx.net/w/1.0/ Frame DC6B
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ox
  • https://us-u.openx.net/w/1.0/sd?val=AABtSE7KrdAAABU8cM6m8w&id=537125688
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?val=AABtSE7KrdAAABU8cM6m8w&id=537125688
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:33 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?val=AABtSE7KrdAAABU8cM6m8w&id=537125688
Date
Fri, 17 Nov 2023 04:12:33 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
sd
us-u.openx.net/w/1.0/ Frame DC6B
Redirect Chain
  • https://openx2-match.dotomi.com/match/bounce/current?networkId=15900&version=1&nuid={OX_USER_ID}
  • https://openx2-match.dotomi.com/match/bounce/current?DotomiTest=48e13e6bd8d18c1&is_secure=true&networkId=15900&version=1&nuid=%7BOX_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAAIY6Qykz-BkQMKq3HSAAAAAAA&expiration=1700280753&nuid={OX_USER_ID}&is_secure=true
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAAIY6Qykz-BkQMKq3HSAAAAAAA&expiration=1700280753&nuid={OX_USER_ID}&is_secure=true
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:33 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:33 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAAIY6Qykz-BkQMKq3HSAAAAAAA&expiration=1700280753&nuid={OX_USER_ID}&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
sd
us-u.openx.net/w/1.0/ Frame DC6B
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=268&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537082476&val=hqOB4ZSOXJJ7g5sYTYSGaU3vKkc
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537082476&val=hqOB4ZSOXJJ7g5sYTYSGaU3vKkc
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:33 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537082476&val=hqOB4ZSOXJJ7g5sYTYSGaU3vKkc
Date
Fri, 17 Nov 2023 04:12:33 GMT
Connection
keep-alive
Content-Length
103
Content-Type
text/html; charset=utf-8
google
match.adsrvr.org/track/cmf/ Frame 5862 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEHv537AowRoK_DOHpPLrDu0&google_cver=1&google_push=AXcoOmQEV4OJknZoYYHqfcF1BKXLmVJMkvYfdUvcnneMKYkE0Ehxb8En-jCJzhLP4Jwvy_buPcUL5BYQjbfFPZUS2nCT88c4vQH9
Requested by
Host: df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com
URL: https://df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:12:33 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 5862
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEIoZVjZB4uz0PwbECvukjik&google_cver=1&google_push=AXcoOmTwnBgYWRxzUkCDnxr_FbGCZXV90StmCRQD6yXYGTQ1B94BFFc7G1XsqHZxnjwf5mKSb2P7vq2QrfsnAQZ_...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=DsshPnssR2UiYS3UO8I28w&google_push=AXcoOmTwnBgYWRxzUkCDnxr_FbGCZXV90StmCRQD6yXYGTQ1B94BFFc7G1XsqHZxnjwf5mKSb2P7vq2QrfsnAQZ_boObR4gBdaw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=DsshPnssR2UiYS3UO8I28w&google_push=AXcoOmTwnBgYWRxzUkCDnxr_FbGCZXV90StmCRQD6yXYGTQ1B94BFFc7G1XsqHZxnjwf5mKSb2P7vq2QrfsnAQZ_boObR4gBdaw
Requested by
Host: df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com
URL: https://df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 17 Nov 2023 04:12:33 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=DsshPnssR2UiYS3UO8I28w&google_push=AXcoOmTwnBgYWRxzUkCDnxr_FbGCZXV90StmCRQD6yXYGTQ1B94BFFc7G1XsqHZxnjwf5mKSb2P7vq2QrfsnAQZ_boObR4gBdaw
x-host
tde-deliveryengine-production-bb588bf9-rwjq5
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 5862
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=4&uid=CAESEAyLUmxLpMTStciMzFALi0o&google_cver=1&google_push=AXcoOmRAYoDibsVW8Jomz9nXw70ZUo2PrXzZCSB5j0erWqrwGG6LvBhVua6F25FsIk7umWCUxmRXWsidkJepLHrtHngLo_IaiYV-
  • https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=853313337714&us_privacy=1---
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=853313337714&us_privacy=1---
Requested by
Host: df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com
URL: https://df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=853313337714&us_privacy=1---
content-length
0
pixel
cm.g.doubleclick.net/ Frame 5862
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEAuhk3YmrDyrTL35Oo8dmhI&google_cver=1&google_push=AXcoOmQHwqqx-fHQt625kg3wFuwNxBZX0QV1UZqbBV4mCZwAd8unvMlrKB-LB4t0JAJusP0p_8Qku3P-3m5dLLzri1dSIReXErbK
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzcwMjc2NDE3ODM4MDQyMzc4NzczOQ%3D%3D&google_push=AXcoOmQHwqqx-fHQt625kg3wFuwNxBZX0QV1UZqbBV4mCZwAd8unvMlr...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzcwMjc2NDE3ODM4MDQyMzc4NzczOQ%3D%3D&google_push=AXcoOmQHwqqx-fHQt625kg3wFuwNxBZX0QV1UZqbBV4mCZwAd8unvMlrKB-LB4t0JAJusP0p_8Qku3P-3m5dLLzri1dSIReXErbK
Requested by
Host: df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com
URL: https://df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzcwMjc2NDE3ODM4MDQyMzc4NzczOQ%3D%3D&google_push=AXcoOmQHwqqx-fHQt625kg3wFuwNxBZX0QV1UZqbBV4mCZwAd8unvMlrKB-LB4t0JAJusP0p_8Qku3P-3m5dLLzri1dSIReXErbK
date
Fri, 17 Nov 2023 04:12:33 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame 5862
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEPdV6qgMOcTIwm62bpKvq5Q&google_cver=1&google_push=AXcoOmQJ_5ikxxwKpY4eh0Y9z-OIAskEtNXAptybAQitb5V7PT7k6Lf9hqzLmusE03HXISqq5MyhM9...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmQJ_5ikxxwKpY4eh0Y9z-OIAskEtNXAptybAQitb5V7PT7k6Lf9hqzLmusE03HXISqq5MyhM9X4HIUPAvMcdxcHweh9aEmT&google_hm=NjE2ODU2OT...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmQJ_5ikxxwKpY4eh0Y9z-OIAskEtNXAptybAQitb5V7PT7k6Lf9hqzLmusE03HXISqq5MyhM9X4HIUPAvMcdxcHweh9aEmT&google_hm=NjE2ODU2OTU5MDI0OTgxNTEyMw%3D%3D
Requested by
Host: df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com
URL: https://df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmQJ_5ikxxwKpY4eh0Y9z-OIAskEtNXAptybAQitb5V7PT7k6Lf9hqzLmusE03HXISqq5MyhM9X4HIUPAvMcdxcHweh9aEmT&google_hm=NjE2ODU2OTU5MDI0OTgxNTEyMw%3D%3D
date
Fri, 17 Nov 2023 04:12:33 GMT
content-length
0
google
sync-dmp.aura-dsp.com/match/ Frame 5862 		0
0
pixel
cm.g.doubleclick.net/ Frame 5862
Redirect Chain
  • https://trace.mediago.io/cs/google?google_gid=CAESEL5H3hn08CRRB2GMcPibmeY&google_cver=1&google_push=AXcoOmRFZbUHZ0XqXyav6PSo4kKXNpK4a1ZFYBubn-QZ71qMWQE5MnccR0nuq3FlYjhDaX_G9EH2jLSVYXVs5UnMZxLhxad8q...
  • https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmRFZbUHZ0XqXyav6PSo4kKXNpK4a1ZFYBubn-QZ71qMWQE5MnccR0nuq3FlYjhDaX_G9EH2jLSVYXVs5UnMZxLhxad8qY94nw&google_hm=f34e96994d77...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmRFZbUHZ0XqXyav6PSo4kKXNpK4a1ZFYBubn-QZ71qMWQE5MnccR0nuq3FlYjhDaX_G9EH2jLSVYXVs5UnMZxLhxad8qY94nw&google_hm=f34e96994d774bcc181fz400lp23tjzg
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmRFZbUHZ0XqXyav6PSo4kKXNpK4a1ZFYBubn-QZ71qMWQE5MnccR0nuq3FlYjhDaX_G9EH2jLSVYXVs5UnMZxLhxad8qY94nw&google_hm=f34e96994d774bcc181fz400lp23tjzg
date
Fri, 17 Nov 2023 04:12:34 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
248
content-type
text/html; charset=utf-8
attr
cm.g.doubleclick.net/pixel/ Frame 5862 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KU-wyQJhQHPmsRt5Jcz_Ukcg7RBsB_VM02KisocsjlanTkNg3wfvqzHjHBjIA5LD9qlKvCFBE
Requested by
Host: df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com
URL: https://df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:12:33 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
PugMaster
image6.pubmatic.com/AdServer/ Frame 3A29 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=91880142&p=156212&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
57f5ba460b88b1e887d9c46f39f8b4068d864fd458bc86a621be0c022abe3460

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Fri, 17 Nov 2023 04:12:30 GMT
content-length
1583
content-type
text/html; charset=UTF-8
apstag.js
c.amazon-adsystem.com/aax2/
Redirect Chain
  • http://c.amazon-adsystem.com/aax2/apstag.js
  • https://c.amazon-adsystem.com/aax2/apstag.js
267 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c484c78d502a9769494d9fe87c9a826618b36fd60b567dee2cfa0f4e9163d79d

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://controlc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 03:40:29 GMT
content-encoding
gzip
via
1.1 91353a8aba9ab05d79e9678e004043bc.cloudfront.net (CloudFront), 1.1 c3fc8d1fb362a6655af993732c376dc4.cloudfront.net (CloudFront)
last-modified
Mon, 13 Nov 2023 20:18:41 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P6
age
1926
x-amz-server-side-encryption
AES256
etag
W/"08899ab5b5f986f64974630ad47b39a1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
td4mRx5F4rLgD-l0BslBnDdpTmSLnp8fphTjxuCJ5GE6DP5o8z3n9Q==

Redirect headers

Date
Fri, 17 Nov 2023 04:12:33 GMT
Via
1.1 61c90c70feca5f532bf48bc0dc85d516.cloudfront.net (CloudFront)
Server
CloudFront
X-Amz-Cf-Pop
FRA56-P6
X-Cache
Redirect from cloudfront
Content-Type
text/html
Location
https://c.amazon-adsystem.com/aax2/apstag.js
Connection
keep-alive
Content-Length
167
X-Amz-Cf-Id
KsFGaFyQnA-yt6rHrngPCrrEszNp4L2Ft46myLWucVTW0FgwHOO8ww==
async_usersync
ib.adnxs.com/ Frame BF58 		0
596 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:33 GMT
an-x-request-uuid
628253c9-6334-4e11-94df-9b42a76f3fa4
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
62.202.181.36; 62.202.181.36; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
ecm3
aax-eu.amazon-adsystem.com/s/ Frame DAE8
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=rJ7sZt4nQjiL5oCDfOosGg&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=rJ7sZt4nQjiL5oCDfOosGg
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=rJ7sZt4nQjiL5oCDfOosGg
Protocol
HTTP/1.1
Server
52.94.222.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Nov 2023 04:12:34 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
2E07ST2AA1PYKZNQH2Y4
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=rJ7sZt4nQjiL5oCDfOosGg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f5982f4f9cc79eb2b489dda8b92e3144
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame DAE8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELL46YOPYSEJF1U2PFAEF-0&google_cver=1
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELL46YOPYSEJF1U2PFAEF-0&google_cver=1
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
e8e3ec71b160ae7345e4e302cc752a77
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:33 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELL46YOPYSEJF1U2PFAEF-0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
px.ads.linkedin.com/ Frame DAE8
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LP23TFKZ-1F-2JRM
0
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LP23TFKZ-1F-2JRM
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:12:33 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 20E35BED925B4660820B052061CFE4E7 Ref B: ZRHEDGE1815 Ref C: 2023-11-17T04:12:33Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYKUViEZfW6Rq5rcnIUPg==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LP23TFKZ-1F-2JRM
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
402fba8a82f093def2459220061c8d31
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame DAE8
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjMyYTgwNTE5YTY3OGFlMWUzY2Q3MWI3OWI4YjhlMGJlOTRmZTk0Yg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjMyYTgwNTE5YTY3OGFlMWUzY2Q3MWI3OWI4YjhlMGJlOTRmZTk0Yg
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjMyYTgwNTE5YTY3OGFlMWUzY2Q3MWI3OWI4YjhlMGJlOTRmZTk0Yg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
402fba8a82f093def2459220061c8d31
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
dcm
s.amazon-adsystem.com/ Frame DAE8 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Nov 2023 04:12:34 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
TAGB256HC8WWE1BACYWE
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame DAE8
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFAyM1RGS1otMUYtMkpSTQ==
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKqIuJIUTIj-VE1QDDORQP8&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFAyM1RGS1otMUYtMkpSTQ==&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFAyM1RGS1otMUYtMkpSTQ==&google_push=
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFAyM1RGS1otMUYtMkpSTQ==&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b71bced807741b20dd93dce6c2d26405
Expires
0
rubicon
match.adsrvr.org/track/cmf/ Frame DAE8 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:12:33 GMT
server
Kestrel
content-length
70
content-type
image/gif
ecm3
s.amazon-adsystem.com/ Frame DAE8
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us
  • https://s.amazon-adsystem.com/ecm3?id=LP23TFKZ-1F-2JRM&ex=d-rubiconproject.com&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LP23TFKZ-1F-2JRM&ex=d-rubiconproject.com&status=ok
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Nov 2023 04:12:34 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
EFJ9RTDS4FS3Y6YQ5R8W
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LP23TFKZ-1F-2JRM&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e8e3ec71b160ae7345e4e302cc752a77
Expires
0
tap.php
pixel.rubiconproject.com/ Frame DAE8
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/9rV_NxpzbcmTruqLcutZgcn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-Xr0.ahhE2oJ6u2mvWwYrQVrNmbooW7Rw9NjtDQ--~A
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-Xr0.ahhE2oJ6u2mvWwYrQVrNmbooW7Rw9NjtDQ--~A
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
e8e3ec71b160ae7345e4e302cc752a77
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Fri, 17 Nov 2023 04:12:34 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-Xr0.ahhE2oJ6u2mvWwYrQVrNmbooW7Rw9NjtDQ--~A
content-length
0
tap.php
pixel.rubiconproject.com/ Frame DAE8
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AABtSE7KrdAAABU8cM6m8w&expires=30
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AABtSE7KrdAAABU8cM6m8w&expires=30
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
b71bced807741b20dd93dce6c2d26405
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AABtSE7KrdAAABU8cM6m8w&expires=30
Date
Fri, 17 Nov 2023 04:12:33 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
cksync
hb.yahoo.net/ Frame DAE8
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LP23TFKZ-1F-2JRM&redir=true
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LP23TFKZ-1F-2JRM&redir=true
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1tQkRLUGtORTJ1RS43dnJ5emtNVlpGWGVfck12bDZ4X35B&ovsid=LP23TFKZ-1F-2JRM&dpid=58160
52 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1tQkRLUGtORTJ1RS43dnJ5emtNVlpGWGVfck12bDZ4X35B&ovsid=LP23TFKZ-1F-2JRM&dpid=58160
Protocol
H2
Server
23.48.23.8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-23-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5f20338b9aab2f5f33562eb3b0b23d999896ce426cacd2231b4123510571df4e
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Fri, 17 Nov 2023 04:12:34 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
52
x-mnet-hl2
E
expires
Fri, 17 Nov 2023 04:12:34 GMT

Redirect headers

location
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1tQkRLUGtORTJ1RS43dnJ5emtNVlpGWGVfck12bDZ4X35B&ovsid=LP23TFKZ-1F-2JRM&dpid=58160
date
Fri, 17 Nov 2023 04:12:34 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
setuid
ib.adnxs.com/prebid/ Frame DAE8
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LP23TFKZ-1F-2JRM
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LP23TFKZ-1F-2JRM
Protocol
H2
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:34 GMT
an-x-request-uuid
6a7635b2-7324-4c5d-bd22-4b1faf7a4c07
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
62.202.181.36; 62.202.181.36; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LP23TFKZ-1F-2JRM
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b71bced807741b20dd93dce6c2d26405
Expires
0
check
pixel.tapad.com/idsync/ex/receive/ Frame DAE8
Redirect Chain
  • https://token.rubiconproject.com/token?pid=37556&a=1
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LP23TFKZ-1F-2JRM
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LP23TFKZ-1F-2JRM
95 B
436 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LP23TFKZ-1F-2JRM
Protocol
H2
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:12:34 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

date
Fri, 17 Nov 2023 04:12:34 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LP23TFKZ-1F-2JRM
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
v1
match.sharethrough.com/sync/ Frame DAE8
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LP23TFKZ-1F-2JRM
0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LP23TFKZ-1F-2JRM
Protocol
H2
Server
3.65.142.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-142-57.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:12:34 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LP23TFKZ-1F-2JRM
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Expires
0
pixel
capi.connatix.com/us/ Frame DAE8
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564
  • https://capi.connatix.com/us/pixel?puid=LP23TFKZ-1F-2JRM&pId=11&gdpr=&gdpr_consent=&us_privacy=
  • https://capi.connatix.com/us/pixel?puid=LP23TFKZ-1F-2JRM&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
82 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/us/pixel?puid=LP23TFKZ-1F-2JRM&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
Protocol
H2
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:12:35 GMT
cf-cache-status
DYNAMIC
server
cloudflare
surrogate-control
no-cache, no-store, must-revalidate, max-age=0
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
827522e02eaa3b5e-GVA
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Fri, 17 Nov 2023 04:12:35 GMT
cf-cache-status
DYNAMIC
server
cloudflare
location
https://capi.connatix.com/us/pixel?puid=LP23TFKZ-1F-2JRM&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
827522deee843b5e-GVA
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400
merge
ce.lijit.com/ Frame DAE8
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn
  • https://ce.lijit.com/merge?pid=80&3pid=LP23TFKZ-1F-2JRM
0
1012 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=80&3pid=LP23TFKZ-1F-2JRM
Protocol
HTTP/1.1
Server
216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Expires
Fri, 20 Mar 2009 00:00:00 GMT
Pragma
no-cache
Date
Fri, 17 Nov 2023 04:12:34 GMT
X-MERGE
GDPR Optout true
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap6ams1
P3P
CP="CUR ADM OUR NOR STA NID"

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ce.lijit.com/merge?pid=80&3pid=LP23TFKZ-1F-2JRM
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f5982f4f9cc79eb2b489dda8b92e3144
Expires
0
match
c1.adform.net/serving/cookie/ Frame 85E5 		35 B
591 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=0D6E816A-664C-47F1-814A-17779A42A949&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.229 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Fri, 17 Nov 2023 04:12:33 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
usersyncsupply
cm-supply-web.gammaplatform.com/adx/ Frame 49CD 		0
0
i.match
s.tribalfusion.com/z/ Frame B773
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
426 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
827522dc8ef33b58-GVA
content-length
43
content-type
image/gif; charset=utf-8
date
Fri, 17 Nov 2023 04:12:34 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
827522dacedb3b58-GVA
content-type
text/html
date
Fri, 17 Nov 2023 04:12:34 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
1440
Pug
image2.pubmatic.com/AdServer/ Frame 2CB6
Redirect Chain
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
  • https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26red...
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=3cb0bf8ec8f3d1d92b360e9d009ed1fa&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4OD...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=woK5xk2lhMaXjSQggnXWahnU&gdpr=0&gdpr_consent=
42 B
280 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=woK5xk2lhMaXjSQggnXWahnU&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 17 Nov 2023 04:12:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=woK5xk2lhMaXjSQggnXWahnU&gdpr=0&gdpr_consent=
pub
matching.truffle.bid/sync/ Frame 3365 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.55.120.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.196.120.55.162.clients.your-server.de
Software
nginx/1.23.3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Connection
keep-alive
Date
Fri, 17 Nov 2023 04:12:34 GMT
Server
nginx/1.23.3
Strict-Transport-Security
max-age=15768000
sync
sync-pm.ads.yieldmo.com/ Frame 441C
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:C678A7A34944497693A6916DA9EC23EB&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160648&pmc=1&pr=https%3A%2F%2Fsync-pm.ads.yieldmo.com%2Fsync%3Fpn_id%3Dpub%26id%3D0D6E816A-664C-47F1-814A-17779A42A949%26gdpr%3D0%26gdpr_consent%3...
  • https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=0D6E816A-664C-47F1-814A-17779A42A949&gdpr=0&gdpr_consent=
43 B
628 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=0D6E816A-664C-47F1-814A-17779A42A949&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.140.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-140-195.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d346801abbf9bb4e9e9a055239053d4ab5596514304f601a6c70604187acb744

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
content-length
43
content-type
image/gif;charset=utf-8
date
Fri, 17 Nov 2023 04:12:35 GMT
pragma
no-cache

Redirect headers

cache-control
no-store, no-cache, private
date
Fri, 17 Nov 2023 04:12:34 GMT
location
https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=0D6E816A-664C-47F1-814A-17779A42A949&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame A960
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1700194354368
  • https://ad.turn.com/r/cs?pid=45&rndcb=6597316601
  • https://sync.1rx.io/usersync/turn/3659974528374296936?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-9e1da839-44d2-4792-838f-455eac3facfc-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-9e1da839-44d2-4792-838f-455eac3facfc-003
42 B
334 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-9e1da839-44d2-4792-838f-455eac3facfc-003
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 17 Nov 2023 04:12:34 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-type
text/html
date
Fri, 17 Nov 2023 04:12:35 GMT
etag
RX9e1da83944d24792838f455eac3facfc003
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-9e1da839-44d2-4792-838f-455eac3facfc-003
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
merge
ce.lijit.com/ Frame FCCE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=71&3pid=0D6E816A-664C-47F1-814A-17779A42A949
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Fri, 17 Nov 2023 04:12:33 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-MERGE
GDPR Optout true
X-Sovrn-Pod
ad_ap6ams1
mw
mwzeom.zeotap.com/ Frame 3A29 		95 B
439 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=0D6E816A-664C-47F1-814A-17779A42A949
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.24.87 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:12:34 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
827522daafed2c7b-FRA
access-control-allow-headers
*
content-length
95
info2
uipglob.semasio.net/pubmatic/1/ Frame 3A29
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=0D6E816A-664C-47F1-814A-17779A42A949&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=0D6E816A-664C-47F1-814A-17779A42A949&sInitiator=external&gdpr=0&gdpr_consent=
42 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=0D6E816A-664C-47F1-814A-17779A42A949&sInitiator=external&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
77.243.51.121 , Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:38 GMT
frontend-id
10
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:38 GMT
frontend-id
9
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=0D6E816A-664C-47F1-814A-17779A42A949&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
52799
stags.bluekai.com/site/ Frame 3A29
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=0D6E816A-664C-47F1-814A-17779A42A949&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=bf02c8daae240be6/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=3cb0bf8ec8f3d1d92b360e9d009ed1fa&gdpr=0
  • https://c1.adform.net/serving/cookie/match?party=1242&redirect=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D68%26icm%26cver%26mapped%3D__ADFUID__%26gdpr%3D0
  • https://pixel.onaudience.com/?partner=68&icm&cver&mapped=5391045297437159480&gdpr=0
  • https://pixel.onaudience.com/?partner=282&icm&cver&gdpr=0&smartmap=1&redirect=stags.bluekai.com%2Fsite%2F52799%3Fid%3D%25m
  • https://stags.bluekai.com/site/52799?id=d8216fb57777d2e5
62 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stags.bluekai.com/site/52799?id=d8216fb57777d2e5
Protocol
H2
Server
69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-160-219.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Fri, 17 Nov 2023 04:12:35 GMT
content-length
62
content-type
image/gif

Redirect headers

location
https://stags.bluekai.com/site/52799?id=d8216fb57777d2e5
content-length
0
Enabler.js
s0.2mdn.net/ads/studio/ Frame AC2E 		139 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/Enabler.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17160266661673041920/Performance_300x250_S3_DE/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f6.1e100.net
Software
sffe /
Resource Hash
c3ec5fd82b2b5642bcd2bb6f6db113306135239c684e8b41ee971aaeeb436d84
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17160266661673041920/Performance_300x250_S3_DE/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:06:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
390
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48652
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 21:28:49 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 17 Nov 2023 04:21:03 GMT
gsap.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/3.5.1/ Frame AC2E 		60 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/3.5.1/gsap.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17160266661673041920/Performance_300x250_S3_DE/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:12:34 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1310378
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
21845
last-modified
Wed, 26 Aug 2020 23:14:08 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f46ecc0-eeae"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LJX0rb4EKM1Khe9M84tguAvcoxnBs5atKiOtITecoxIcMnryiJsMvV6Bp7ufDzFRZOUKLg%2BFy4v6mjdsDmT77BQGGwdkwMdBXhFiaTpTcHjA2aSH%2BX0rf9auSQ%2ByiWWvUdWO116A"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
827522daba3124c2-ZRH
expires
Wed, 06 Nov 2024 04:12:34 GMT
bg.jpg
s0.2mdn.net/sadbundle/17160266661673041920/Performance_300x250_S3_DE/pics/ Frame AC2E 		92 KB
92 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17160266661673041920/Performance_300x250_S3_DE/pics/bg.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17160266661673041920/Performance_300x250_S3_DE/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f6.1e100.net
Software
sffe /
Resource Hash
8698450d06cb4f13a63a974f8fe42f015af817bc9ce02450f23ef440d9b12409
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17160266661673041920/Performance_300x250_S3_DE/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 22:31:27 GMT
x-content-type-options
nosniff
age
193266
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
94079
x-xss-protection
0
last-modified
Tue, 03 Oct 2023 09:31:29 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Nov 2024 22:31:27 GMT
hl2.png
s0.2mdn.net/sadbundle/17160266661673041920/Performance_300x250_S3_DE/pics/ Frame AC2E 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17160266661673041920/Performance_300x250_S3_DE/pics/hl2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17160266661673041920/Performance_300x250_S3_DE/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f6.1e100.net
Software
sffe /
Resource Hash
dcde77413c285177c95ca3d9b4311692afda3d6019a13762f23251ef5be2e39e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17160266661673041920/Performance_300x250_S3_DE/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 17:54:21 GMT
x-content-type-options
nosniff
age
555492
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3949
x-xss-protection
0
last-modified
Tue, 03 Oct 2023 09:31:29 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 09 Nov 2024 17:54:21 GMT
hl3.png
s0.2mdn.net/sadbundle/17160266661673041920/Performance_300x250_S3_DE/pics/ Frame AC2E 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17160266661673041920/Performance_300x250_S3_DE/pics/hl3.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17160266661673041920/Performance_300x250_S3_DE/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f6.1e100.net
Software
sffe /
Resource Hash
583d24c0fa1d77f34623be9be284a5303f7b904dcf23e3bb3e11ebfc744180cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17160266661673041920/Performance_300x250_S3_DE/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 19:02:21 GMT
x-content-type-options
nosniff
age
33012
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2766
x-xss-protection
0
last-modified
Tue, 03 Oct 2023 09:31:29 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Nov 2024 19:02:21 GMT
sl4_bike_hinten_elems.png
s0.2mdn.net/sadbundle/17160266661673041920/Performance_300x250_S3_DE/pics/ Frame AC2E 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17160266661673041920/Performance_300x250_S3_DE/pics/sl4_bike_hinten_elems.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17160266661673041920/Performance_300x250_S3_DE/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f6.1e100.net
Software
sffe /
Resource Hash
736b03ffd408ef5ef167ea138b1cc8573d1c1f129bf8a38713f562f9f794df92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17160266661673041920/Performance_300x250_S3_DE/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 22:31:27 GMT
x-content-type-options
nosniff
age
193267
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7579
x-xss-protection
0
last-modified
Tue, 03 Oct 2023 09:31:29 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Nov 2024 22:31:27 GMT
sl4_bike_rad.png
s0.2mdn.net/sadbundle/17160266661673041920/Performance_300x250_S3_DE/pics/ Frame AC2E 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17160266661673041920/Performance_300x250_S3_DE/pics/sl4_bike_rad.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17160266661673041920/Performance_300x250_S3_DE/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f6.1e100.net
Software
sffe /
Resource Hash
51fe70edbe104885444e15487ca7cbec6059ef1ae9a660aee7c7d126eefc6a69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17160266661673041920/Performance_300x250_S3_DE/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 17:08:05 GMT
x-content-type-options
nosniff
age
39869
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22419
x-xss-protection
0
last-modified
Tue, 03 Oct 2023 09:31:29 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Nov 2024 17:08:05 GMT
sl4_bike_rahmen.png
s0.2mdn.net/sadbundle/17160266661673041920/Performance_300x250_S3_DE/pics/ Frame AC2E 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17160266661673041920/Performance_300x250_S3_DE/pics/sl4_bike_rahmen.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17160266661673041920/Performance_300x250_S3_DE/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f6.1e100.net
Software
sffe /
Resource Hash
853f4fa09ab06cf66a637110256dab9d50b6fca8a97f67ae2f7e8c88e7f4f97f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17160266661673041920/Performance_300x250_S3_DE/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 05:09:24 GMT
x-content-type-options
nosniff
age
514990
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27288
x-xss-protection
0
last-modified
Tue, 03 Oct 2023 09:31:29 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 10 Nov 2024 05:09:24 GMT
cta.png
s0.2mdn.net/sadbundle/17160266661673041920/Performance_300x250_S3_DE/pics/ Frame AC2E 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17160266661673041920/Performance_300x250_S3_DE/pics/cta.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17160266661673041920/Performance_300x250_S3_DE/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f6.1e100.net
Software
sffe /
Resource Hash
2a5bbb625f5a8a8f18218e9d5c791411d7a60205f29d540d914d5aa7fad1f1fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17160266661673041920/Performance_300x250_S3_DE/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 23:12:44 GMT
x-content-type-options
nosniff
age
17990
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1077
x-xss-protection
0
last-modified
Tue, 03 Oct 2023 09:31:29 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Nov 2024 23:12:44 GMT
logo.png
s0.2mdn.net/sadbundle/17160266661673041920/Performance_300x250_S3_DE/pics/ Frame AC2E 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17160266661673041920/Performance_300x250_S3_DE/pics/logo.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17160266661673041920/Performance_300x250_S3_DE/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f6.1e100.net
Software
sffe /
Resource Hash
c9a2fdb33b1128c29c6551a1aaa71c3bc1876f3bfcdc28390b8bdf3cfb3d26bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17160266661673041920/Performance_300x250_S3_DE/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 05:07:07 GMT
x-content-type-options
nosniff
age
515127
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1743
x-xss-protection
0
last-modified
Tue, 03 Oct 2023 09:31:29 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 10 Nov 2024 05:07:07 GMT
logo_sl4.png
s0.2mdn.net/sadbundle/17160266661673041920/Performance_300x250_S3_DE/pics/ Frame AC2E 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17160266661673041920/Performance_300x250_S3_DE/pics/logo_sl4.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17160266661673041920/Performance_300x250_S3_DE/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f6.1e100.net
Software
sffe /
Resource Hash
aeea444066d2814ec0ae535cfe601e3bcd65ed5cdc5fac45ad2e6da22bbdcee7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17160266661673041920/Performance_300x250_S3_DE/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 18:06:01 GMT
x-content-type-options
nosniff
age
122793
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3115
x-xss-protection
0
last-modified
Tue, 03 Oct 2023 09:31:29 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 14 Nov 2024 18:06:01 GMT
c
c.pub.network/v2/ 		36 B
53 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/analytics/1.2.5/analytics.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
40446f70ac0f8ed9ae4912bda6f9e9333badad89bc616a4594edcf67521fb771

Request headers

Referer
http://controlc.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 17 Nov 2023 04:12:33 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
http://controlc.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
c
c.pub.network/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
http://controlc.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
http://controlc.com
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Fri, 17 Nov 2023 04:12:33 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
via
1.1 google
css
fonts.googleapis.com/ Frame 978A 		5 KB
887 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Requested by
Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=89475100008044604438466012511008&a=83534387
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f10.1e100.net
Software
ESF /
Resource Hash
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://hal90008.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 17 Nov 2023 04:12:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32/mr
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 17 Nov 2023 02:36:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 17 Nov 2023 04:12:33 GMT
Conrad_Logo_120x60.png
ct.conrad.ch/content-chb2c/affiliate/banner/logo1/ Frame 978A
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2246412&v=11467&q=346432&r=414915&pref1=89475100008044604438466012511008&pv=0
  • https://ct.conrad.ch/content-chb2c/affiliate/banner/logo1/Conrad_Logo_120x60.png
1012 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ct.conrad.ch/content-chb2c/affiliate/banner/logo1/Conrad_Logo_120x60.png
Requested by
Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=89475100008044604438466012511008&a=83534387
Protocol
H2
Server
104.19.241.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76621d3b2561de39d3266e42c194d7e0265989a375a2e234be586fa227573e8c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://hal90008.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:12:34 GMT
via
1.1 google
cf-cache-status
HIT
strict-transport-security
max-age=15552000
age
4039
cf-polished
origFmt=png, origSize=2194
content-disposition
inline; filename="Conrad_Logo_120x60.webp"
content-length
1012
cf-bgj
imgq:85,h2pri
last-modified
Mon, 06 Feb 2023 15:01:05 GMT
server
cloudflare
etag
"892-5f4094ce178c6"
vary
Accept
content-type
image/webp
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
827522db9e8b021d-ZRH
expires
Fri, 17 Nov 2023 08:12:34 GMT

Redirect headers

Date
Fri, 17 Nov 2023 04:12:33 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://ct.conrad.ch/content-chb2c/affiliate/banner/logo1/Conrad_Logo_120x60.png
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
0
/
hal9000.redintelligence.net/scale/ Frame 978A 		25 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/11287/creativesup/NativeAd_Fruehling_1200x627.jpg
Requested by
Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=89475100008044604438466012511008&a=83534387
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.219.174 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.174.219.99.88.clients.your-server.de
Software
Apache /
Resource Hash
7cb0696f9e3a15009a10a022ad1876bf519fccae6f17598d14cec5ce01359f46

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://hal90008.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 17 Nov 2023 04:12:34 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
24887
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 978A 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/71572/creativesup/iQ_Online-Deutschkurse_1200x627px.jpg
Requested by
Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=89475100008044604438466012511008&a=83534387
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.219.174 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.174.219.99.88.clients.your-server.de
Software
Apache /
Resource Hash
6ef55973c1965bd715ee8518cd61227c7ed63e6434f7a86d61c1b54a177e6166

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://hal90008.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 17 Nov 2023 04:12:34 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
10145
Vary
Accept-Encoding
Content-Type
image/png
/
ssc-cms.33across.com/ps/ Frame A250 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D33XUSERID33X
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.23 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip23.67-202-105.static.steadfastdns.net
Software
33XP014 /
Resource Hash

Request headers

Referer
http://controlc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

date
Fri, 17 Nov 2023 04:12:34 GMT
server
33XP014
x-33x-status
2020008
viewability
hal90008.redintelligence.net/ Frame 978A 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90008.redintelligence.net/viewability?s=89475100008044604438466012511008&a=4f57ee0b&vb=m
Requested by
Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=89475100008044604438466012511008&a=83534387
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.150 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.150.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://hal90008.redintelligence.net/request_content.php?s=89475100008044604438466012511008&a=83534387
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 17 Nov 2023 04:12:34 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 978A 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f3.1e100.net
Software
sffe /
Resource Hash
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal90008.redintelligence.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 03:55:33 GMT
x-content-type-options
nosniff
age
346621
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14824
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Nov 2024 03:55:33 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 978A 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f3.1e100.net
Software
sffe /
Resource Hash
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal90008.redintelligence.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 23:30:11 GMT
x-content-type-options
nosniff
age
276143
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14892
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Nov 2024 23:30:11 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B818 		0
459 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B4STJL-hWZcvCCtDgx_APlfGNsAwAAAAAOAHgBAI&bg=!2dql2pXNAAZxrfrxUa07ADQBe5WfOMe1_SjlS4Lagv3hyCBMJLmNNEJRWdd0cGCcoNL0DbdBuVpMouIH7KaCP7HXRB6iAgAAAitSAAAAC2gBBwoAjT-bQrfwxpXswSCkEnE3IEI1y4s6Pijr0GYW8T46XaQiW_XYY5Fiix_ww6m6OHmSeIHH8DpMY3nd3AFdYMa1jSxWKVdpwtqB5J67oxOS5M2Jkca3RH8KBtt-Y8OxzFnWGKP-xuBMnl27LmQ_fu1Z-oSIurZQTEblhdaIPU4beUR00ojb1pM2kA5Lu9LWeZkCxZ0dIn_wOUlpRJCU0JcCcUH1QUWYv_idle_HMjpATQWLMZ_glGDSBVcS787abbtl1V7aQb3QIKk6YkoppSn9Fg4nb8F4dGK1DpDsY_DxYnbJiqmlXiibXH2Zxqb65nLUtHGnVVEP4unmr5pKTM59PHxUW23Rib9RuyhROtnXm8g8MK4KyVdNtqQVakU90qPHmXZgpogVdz9YkiEtiXxVZ8IN6R1Koff4MoqAFV_3fb7WjyDLBF0t-yFPdsCvrXeP5AbPJeEl3QY1qhSTxineQxARLh3K37VQVKwiUFT6YO9S348etLRgGWtpaIg03z36Jir6wjSSnbPOOn0-OzvQVBf1rGdUqW05UEH6zuxZy1111vg4Q8IOAf6dfr64refQcymBRFZ0ELL9zYNzNhChFtxRJEUyBO1f-oEncgEcBpkJAfVkuHPNEPaAhyVLugdJEmFISgEb3NWYZis-ix20PzBL7gTlgLwCCqExOj_ASczMaVAvljfkuvIgsWnhTxLh7V-Yd9MLsm49htnoiPDbefNr7546XzJNPaAoEgEUejuSj444WxmKocswV7gMtX71HwQZTu4DIMsGP1H9hxmGMg_4IIiLpbO2egL-IvenbaJ0zwdTardI4Z6JoLsoyZ5bZA7lz_54NIiavG8F2oI7q9cN2hIkudiSZgQnRT8EHEzUr4Du8CPok5ZZ85HYYIHbAkC7N9jGBdP6HryPXoRXyC_elduGRWbwmgUcIzzO6_MTmGru5y6AShxflQqp5MkTiyUzTMPK_4lH_Y_G0lCYttff5bgkOvtBAUWC5GmEbMdpXzkVVE17jJkMvRKuQ7GXuX9XInqh0ahuRJW7nYJfhIFY5_sWaj4-qKwFr20DA-UsvtTxrkfaZPyw0mm4ELdOdXaXSIqy2nCqCSAAmK_C43qk2jyqEIj5WQU-ju5xezY8vIVvoc0
Requested by
Host: controlc.com
URL: http://controlc.com/c867d83d
Protocol
HTTP/1.1
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Nov 2023 04:12:33 GMT
X-Content-Type-Options
nosniff
Server
cafe
Content-Type
image/gif
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
no-cache, must-revalidate
Cross-Origin-Resource-Policy
cross-origin
Timing-Allow-Origin
*
Content-Length
0
X-XSS-Protection
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 0D6C 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssLFnERUcrQb2uWXRd-RTwzzAqb9vAEfaadYNbjU20Bw9m4llnE1-doO5-VnX-nyvGYHXdMzMvJFi1QP3Py2SEuSFhKtCh5crlKxt_hlmL6yd-Brh3iia5pi96CbG3J&sai=AMfl-YRWyB2OKkKLFNiUkLK6Wjv7CFK7YG5BZMo552IbWts2CnLabe3R22aKzyu3ShZoElloB_gFgNeL2owFto3DwIz86NeiO5S8JCj44ThfKI_yc9uXdevp6ZL9HQY&sig=Cg0ArKJSzMQqM4NHHQx2EAE&cid=CAQSOwDICaaNxp8Gdaw_2ICrKTKkB4c3OYYmSY36R7y3-uG7XEgp2TjC8FmSSFSiszsyUwiKe02Zc5AexdZ8GAE&id=lidar2&mcvt=1002&p=1110,296,1200,1266&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20231115&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=78061733&rs=4&la=0&cr=0&vs=4&r=v&rst=1700194350237&rpt=2948&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame F78D 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstNEhJAV-PpXFnuTTrw8ijA9quvKb8zpOsqkGdHD-ebwEpOPvoZKOhhFKeLoKU-KWFxfiMY-gaDI1bmC4cQ04u2-T_xnp9cBgWJTA9FBt2ilG9jJhYXg6BIencp&sig=Cg0ArKJSzNx3WuCpXJklEAE&id=lidar2&mcvt=1002&p=0,0,250,300&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20231115&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=34&adk=0&rs=6&la=0&cr=0&vs=4&r=v&rst=1700194350167&rpt=3157&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://controlc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
460 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?u=http%3A%2F%2Fcontrolc.com%2Fc867d83d&pid=3MgE6ZvNb4q58&cb=0&ws=1600x1200&v=23.1108.2350&t=2000&slots=%5B%7B%22id%22%3A%22undefined%22%2C%22mt%22%3A%22v%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.9.235 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-9-235.fra56.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://controlc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:12:34 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 dd09b3b5f5b8dc626e1ba6804a73af40.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-amz-rid
D471KN956SJCA8W5M2P6
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
http://controlc.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
DgMygepXi_tzAYWZlxvYNmXOoP62X5MijX6jBJqYJzMVv9NxUb6nIA==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://controlc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 08:10:28 GMT
x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 0e37105a96e87c22ff4981659a6dc176.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
age
72127
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
j9OG8i-VqjJQlgPV8fB_hQc3ObkBmMSl72Cu5s_NfGsRH2MpHDwAIA==
view
googleads4.g.doubleclick.net/pcs/ Frame F78D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsup4Lqbyymf5fmKd_NG--MC28w2k2BDmcBz2YKEv_YClsxiQKSPOK5YAG4g-mkTOrjT5tu2PlWPMiCk1svBrl6dfY2uPQnOWiuaCfIPThEhimdCLLmYS3ZLG9LJCTMJzs4mTemsgI2jD8JV7jwKxeZqfinfIE7YJKnr9xsav8RB4RNtpvrXMv34_hnXYlCQXzZFX4M_SPPyFkl27A&sai=AMfl-YTP22N0TwxF-ok0GYHDEORR8I74CclyynEcnHlHMGixJTobT-CXD62dtXGUFer_QY9YIVjUSiMOh08bQObbrGVIwfnOcqbGAl7mPBVpCDyDK_5Pyn-zuJKA05AtvoH6x_CPgMYCfGRZiIwNPYm0Vyao4xLIZ55W&sig=Cg0ArKJSzB9Y-eLSxU51EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2917&vt=11&dtpt=2030&dett=3&cstd=875&cisv=r20231109.54354&arae=0&ftch=1&adurl=
Requested by
Host: controlc.com
URL: http://controlc.com/c867d83d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://controlc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:12:34 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
viewability
hal90008.redintelligence.net/ Frame 978A 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90008.redintelligence.net/viewability?s=89475100008044604438466012511008&a=4f57ee0b&vb=v
Requested by
Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=89475100008044604438466012511008&a=83534387
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.150 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.150.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://hal90008.redintelligence.net/request_content.php?s=89475100008044604438466012511008&a=83534387
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 17 Nov 2023 04:12:35 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
truncated
/ 		630 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b66b3852ff6dbd325b0ba68ff6e6a86419269ac0a8d0f3f339feba3d9123fac2

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://controlc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
728159
vid.springserve.com/vast/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.springserve.com/vast/728159?w=400&h=225&url=http%3A%2F%2Fcontrolc.com%2Fc867d83d&cb=0.21547483289404856&consent=&gdpr=0&us_privacy=1---&schain=1.0,1!freestar.com,1715,1,,,,&undefined
Requested by
Host: cdn.springserve.com
URL: https://cdn.springserve.com/assets/0/playerJS/frstrOSd_8.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.8.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-8-255.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
65bfb1d123a1408878ce65467de646f66207ff8e9142f49c0f6d43d37aeca216

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://controlc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
http://controlc.com
date
Fri, 17 Nov 2023 04:12:35 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/xml
1
serving.stat-rock.com/v1/log/js/ 		35 B
165 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://serving.stat-rock.com/v1/log/js/1?id=1700194355057.075&type=INIT&placementId=OpE_G2eQEIVcnqleHDYoCw7EE8VuwpK8BwG1KH8rz7xSWoy4ivaH&tagId=&message=&u=http%3A%2F%2Fcontrolc.com%2Fc867d83d&t=1584&v=112.sp&p=fashKfMyO1atCB74r89nrYxfXH2rIGIWJHvOs0KaPtwhV3AIQxnp&width=400&z=p%3Ast%3Bv%3AinView%3B&r=0.7975976776192473
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.140.185.32 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
ap8.adplayer.pro
Software
nginx /
Resource Hash
0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Referer
http://controlc.com/
Origin
http://controlc.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
http://controlc.com
date
Fri, 17 Nov 2023 04:12:35 GMT
srvf
78.140.185.32
server
nginx
srvb
127.0.0.1:8082
content-length
35
content-type
image/gif
1
serving.stat-rock.com/v1/log/js/ 		35 B
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://serving.stat-rock.com/v1/log/js/1?id=1700194355057.075&type=REQUEST&placementId=OpE_G2eQEIVcnqleHDYoCw7EE8VuwpK8BwG1KH8rz7xSWoy4ivaH&tagId=&message=&u=http%3A%2F%2Fcontrolc.com%2Fc867d83d&t=1596&v=112.sp&p=fashKfMyO1atCB74r89nrYxfXH2rIGIWJHvOs0KaPtwhV3AIQxnp&width=400&z=p%3Ast%3Bpt%3APRE%3Bv%3AinView%3Bc%3Avast%3B&r=0.2006096693103352
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.140.185.32 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
ap8.adplayer.pro
Software
nginx /
Resource Hash
0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Referer
http://controlc.com/
Origin
http://controlc.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
http://controlc.com
date
Fri, 17 Nov 2023 04:12:35 GMT
srvf
78.140.185.32
server
nginx
srvb
127.0.0.1:8082
content-length
35
content-type
image/gif
c
c.pub.network/v2/ 		36 B
53 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/analytics/1.2.5/analytics.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
40446f70ac0f8ed9ae4912bda6f9e9333badad89bc616a4594edcf67521fb771

Request headers

Referer
http://controlc.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 17 Nov 2023 04:12:35 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
http://controlc.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
c
c.pub.network/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
http://controlc.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
http://controlc.com
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Fri, 17 Nov 2023 04:12:35 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
via
1.1 google
PugMaster
image6.pubmatic.com/AdServer/ Frame 35DD 		47 B
226 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=12554342&p=156696&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Fri, 17 Nov 2023 04:12:34 GMT
content-length
47
content-type
text/html; charset=UTF-8
vpaid_ef07200f.js
vpaid.springserve.com/production/ Frame 7DEC 		530 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.springserve.com/production/vpaid_ef07200f.js
Requested by
Host: cdn.springserve.com
URL: https://cdn.springserve.com/assets/0/playerJS/frstrOSd_8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-116.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0483daadda3d2e4c229fdce8d1f649cf6ad4176299867d4e66d4748ed7513bac

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://controlc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 16:45:19 GMT
content-encoding
br
via
1.1 5ab5e654a3dc7079aad7ac64ec697d82.cloudfront.net (CloudFront)
last-modified
Thu, 26 Oct 2023 22:19:09 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
1510038
etag
W/"bcb9a826fdf2c845d2e7400c960d5f69"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=2678400
x-amz-cf-id
sqj49qOmn5a372cmKNPRYXAN86DEsjqnbNW1SPOTUuF47vucRRTNFg==
1
serving.stat-rock.com/v1/log/js/ 		35 B
165 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://serving.stat-rock.com/v1/log/js/1?id=1700194355057.075&type=OPPORTUNITY&placementId=OpE_G2eQEIVcnqleHDYoCw7EE8VuwpK8BwG1KH8rz7xSWoy4ivaH&tagId=&message=&u=http%3A%2F%2Fcontrolc.com%2Fc867d83d&t=2057&v=112.sp&p=fashKfMyO1atCB74r89nrYxfXH2rIGIWJHvOs0KaPtwhV3AIQxnp&width=400&z=p%3Ast%3Bpt%3APRE%3Bv%3AinView%3Bc%3Avast%3B&r=0.4893458681565124
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.140.185.32 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
ap8.adplayer.pro
Software
nginx /
Resource Hash
0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Referer
http://controlc.com/
Origin
http://controlc.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
http://controlc.com
date
Fri, 17 Nov 2023 04:12:35 GMT
srvf
78.140.185.32
server
nginx
srvb
127.0.0.1:8082
content-length
35
content-type
image/gif
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0D6C 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9419705855894&version=m202309260101&ct=77&x=1&cor=10064233596252742000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 3A29 		0
129 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156212&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:12:35 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
gen_204
pagead2.googlesyndication.com/pagead/ Frame F78D 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9789229386991&version=m202309260101&ct=76&x=38&cor=3261320598423061500
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://controlc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 04:12:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ima3vpaid
tpc.googlesyndication.com/ Frame 7DEC 		899 B
638 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/ima3vpaid?vad_format=linear&adtagurl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fads%3Fiu%3D%2F15184186%2C23008567153%2Ffreestar_springserve_adx_video_outstream_controlc_6234%26description_url%3Dhttp%253A%252F%252Fcontrolc.com%252Fc867d83d%26tfcd%3D%26npa%3D0%26sz%3D1x1%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26impl%3Ds%26correlator%3D1700194355463%26nofb%3D1%26ord%3D1700194355463&type=all
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_ef07200f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f1.1e100.net
Software
cafe /
Resource Hash
a6e01c1e4be79a0b3ed2b1728c011b622bfc96164d10b6b467f900d78fff59bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://controlc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:12:36 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
http://controlc.com
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
508
x-xss-protection
0
vpaid_adapter.js
imasdk.googleapis.com/js/sdkloader/ Frame B07A 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fiu%3D/15184186,23008567153/freestar_springserve_adx_video_outstream_controlc_6234%26description_url%3Dhttp%253A%252F%252Fcontrolc.com%252Fc867d83d%26tfcd%3D%26npa%3D0%26sz%3D1x1%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26impl%3Ds%26correlator%3D1700194355463%26nofb%3D1%26ord%3D1700194355463%26channel%3Dvastadp
Requested by
Host: controlc.com
URL: http://controlc.com/c867d83d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f10.1e100.net
Software
sffe /
Resource Hash
789d8f170c52f6d93590d7f64505a397d236b00caabffb840571543de0cc559b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://controlc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:12:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16140
x-xss-protection
0
last-modified
Wed, 15 Nov 2023 19:13:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=900
accept-ranges
bytes
expires
Fri, 17 Nov 2023 04:27:37 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame B07A 		365 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fiu%3D/15184186,23008567153/freestar_springserve_adx_video_outstream_controlc_6234%26description_url%3Dhttp%253A%252F%252Fcontrolc.com%252Fc867d83d%26tfcd%3D%26npa%3D0%26sz%3D1x1%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26impl%3Ds%26correlator%3D1700194355463%26nofb%3D1%26ord%3D1700194355463%26channel%3Dvastadp
Protocol
HTTP/1.1
Server
142.250.186.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f10.1e100.net
Software
sffe /
Resource Hash
4b11a3cb86b8e90ee13ac577dbb1a2398373c7d7777a18066cf50b991ecae129
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://controlc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 17 Nov 2023 04:12:37 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="ads-doubleclick-instream-static"
Vary
Accept-Encoding
Report-To
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
Content-Type
text/javascript
Cache-Control
private, max-age=900, stale-while-revalidate=3600
Cross-Origin-Resource-Policy
cross-origin
Accept-Ranges
bytes
Content-Length
128095
X-XSS-Protection
0
Expires
Fri, 17 Nov 2023 04:12:37 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B07A 		0
459 B 		Ping
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/gen_204?id=vpaid_adapter_js&event=init-dv3&vps=0.3050356143154789&wt=1700194357299&sdkv=h.3.605.0&xai=undefined&url=2,http%3A%2F%2Fcontrolc.com%2Fc867d83d$0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fiu%3D/15184186,23008567153/freestar_springserve_adx_video_outstream_controlc_6234%26description_url%3Dhttp%253A%252F%252Fcontrolc.com%252Fc867d83d%26tfcd%3D%26npa%3D0%26sz%3D1x1%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26impl%3Ds%26correlator%3D1700194355463%26nofb%3D1%26ord%3D1700194355463%26channel%3Dvastadp
Protocol
HTTP/1.1
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://controlc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Nov 2023 04:12:37 GMT
X-Content-Type-Options
nosniff
Server
cafe
Content-Type
image/gif
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
no-cache, must-revalidate
Cross-Origin-Resource-Policy
cross-origin
Timing-Allow-Origin
*
Content-Length
0
X-XSS-Protection
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
bridge3.605.0_en.html
imasdk.googleapis.com/js/core/ Frame 58D4 		752 KB
242 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
HTTP/1.1
Server
142.250.186.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f10.1e100.net
Software
sffe /
Resource Hash
a2eacbd0a55e794d92e79a03b68c07f613a0ab710ffaffe5f1d12d67aac843a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://controlc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Age
81692
Cache-Control
public, max-age=31536000
Content-Encoding
gzip
Content-Length
246766
Content-Type
text/html
Cross-Origin-Opener-Policy
same-origin; report-to="ads-doubleclick-instream-static"
Cross-Origin-Resource-Policy
cross-origin
Date
Thu, 16 Nov 2023 05:31:06 GMT
Expires
Fri, 15 Nov 2024 05:31:06 GMT
Last-Modified
Wed, 15 Nov 2023 02:49:47 GMT
Report-To
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
Server
sffe
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
0
client.js
s0.2mdn.net/instream/video/ Frame B07A 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f6.1e100.net
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://controlc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:12:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 17 Nov 2023 04:12:38 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 7D56 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 03:12:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3595
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Fri, 17 Nov 2023 04:12:43 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 58D4 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ad.mrtnsvr.com
URL
https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Domain
sync-dmp.aura-dsp.com
URL
https://sync-dmp.aura-dsp.com/match/google?google_gid=CAESELsljo56Yxn0yLTn9ER7YSg&google_cver=1&google_push=AXcoOmQYR2Unsdd6U38duYtUbiw26lXDfE3hiGQ8W5qtRvVQI6xptkY3l-whfghmPhU_mh4nEIyMJpobQ7iXb8y0nKsamOIXJZeLhQ
Domain
cm-supply-web.gammaplatform.com
URL
https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Domain
pubads.g.doubleclick.net
URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F15184186%2C23008567153%2Ffreestar_springserve_adx_video_outstream_controlc_6234&description_url=http%3A%2F%2Fcontrolc.com%2Fc867d83d&tfcd&npa=0&sz=1x1&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2263015789793327&nofb=1&ord=1700194355463&channel=vastadp%2Bvpaidadp_html5&sdkv=h.3.605.0%2Fvpaid_adapter&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&u_so=l&ctv=0&sdki=445&ptt=20&adk=126574574&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.605.0&sid=8FA5EB90-6043-42E3-88BA-900F98E27522&nel=0&eid=420706098%2C44731965%2C44772139%2C44777649%2C44781409%2C44801479%2C44802074%2C44802463%2C44804291&url=http%3A%2F%2Fcontrolc.com%2Fc867d83d&dt=1700194358416&cookie=ID%3D3d7f079ab8461a1c%3AT%3D1700194348%3ART%3D1700194348%3AS%3DALNI_MY7e6i_1q3Q0n4zqHpE38dwdY6YfA&gpic=UID%3D00000cca31fc2481%3AT%3D1700194348%3ART%3D1700194348%3AS%3DALNI_MY9RpGEqFoCAxkTQahomNunoE98Nw&scor=3369202674116488&ged=ve4_td2_tt0_pd2_la2000_er875.2800.1100.3200_vi0.0.1200.1600_vp0_eb16491

Verdicts & Comments Add Verdict or Comment

82 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 number| _sf_startpt string| root_url function| socialNetwork function| socialNetworkTwitter function| socialNetworkFacebook function| socialNetworkOther function| popPreview function| embedCode function| getARealBrowser function| $ function| jQuery function| clickAd boolean| num function| lineNumbers object| freestar string| the_paste string| paste_hash function| gtag object| dataLayer function| admiral object| googletag object| google_tag_manager object| google_tag_data object| gaGlobal function| 4dm1r11545242527 object| fsprebid function| load_script object| fsprebidChunk object| _pbjsGlobals object| mnet object| confiant object| ggeac object| google_js_reporting_queue undefined| google_measure_js_timing function| _hadron object| _qevents object| google_reactive_ads_global_state number| google_unique_id function| pubHadronCb object| __bt object| __bt_intrnl object| __bt_tag_d object| __bt_tag_am object| GoogleGcLKhOms boolean| __bt_already_invoked object| hadron boolean| __halo_loaded__ function| quantserve function| __qc object| ezt object| _qoptions object| au object| googDdmPs object| google_image_requests object| _ssPlayer function| tokvps function| loadPlayer function| AdPlayerPro function| playerPro object| apstag object| _aps boolean| apstagLOADED

177 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIoQEQ3Ozr270xCgoIkQIQ3Ozr270xCgoItAIQ3Ozr270xCgoI5gEQ3Ozr270xCgoIhwIQ3Ozr270xCgoItwIQ3Ozr270xCgkIOhDc7OvbvTEKCgiMAhDc7OvbvTEKCQhfENzs69u9MQoJCB8Q3Ozr270x
i.liadm.com/s Name: _li_ss
Value: ChAKBgjSARDCFgoGCKIBEMIW
controlc.com/ Name: PHPSESSID
Value: 55ce2602f437d120d430f7d239b3c125
.pub.network/ Name: _fsuid
Value: 2c98d381-afe1-483c-84d7-18c8119d76f0
.controlc.com/ Name: _ga_3KD3DPS4TE
Value: GS1.1.1700194345.1.0.1700194345.60.0.0
.controlc.com/ Name: _ga
Value: GA1.1.319769920.1700194346
.controlc.com/ Name: _awl
Value: 2.1700194346.5-bafe2953143346a11830b4e2220413dd-6763652d6575726f70652d7765737431-0
controlc.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.controlc.com/ Name: cookie
Value: 2e3e332e-598d-4e18-95c5-15be8f3e5fd2
.adnxs.com/ Name: icu
Value: ChgIodc0EAoYASABKAEwrNDbqgY4AUABSAEQrNDbqgYYAA..
.openx.net/ Name: receive-cookie-deprecation
Value: 1
.adnxs.com/ Name: uuid2
Value: 6445747934427449614
.controlc.com/ Name: __gads
Value: ID=3d7f079ab8461a1c:T=1700194348:RT=1700194348:S=ALNI_MY7e6i_1q3Q0n4zqHpE38dwdY6YfA
.controlc.com/ Name: __gpi
Value: UID=00000cca31fc2481:T=1700194348:RT=1700194348:S=ALNI_MY9RpGEqFoCAxkTQahomNunoE98Nw
.rubiconproject.com/ Name: khaos
Value: LP23TFKZ-1F-2JRM
.lijit.com/ Name: ljt_reader
Value: Hq18uTZH7hLogYVXROyUCxgB
.lijit.com/ Name: ljtrtbexp
Value: eJxdzbERwDAIA8BdqFMIzAWU1XLe3YUrVP4Jid8a9nnBE4vJx5LTvcTvdPm0QwqhAyUPJSd5LxCNSu4DaMMgdA%3D%3D
.quantserve.com/ Name: mc
Value: 6556e82d-cdf96-767b4-3f106
.creativecdn.com/ Name: u
Value: memMGlsQwXRz0MqYaKSH
.creativecdn.com/ Name: g
Value: memMGlsQwXRz0MqYaKSH_1700194349991
.creativecdn.com/ Name: ts
Value: 1700194349
.contextweb.com/ Name: V
Value: wRap5GlMEgyp
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 87c2c2aa5eb619c6
.adx.opera.com/ Name: UID
Value: OPUb95334c93fbf4649b8c05728128875c9
.doubleclick.net/ Name: IDE
Value: AHWqTUm2rFvoEo4lirAJSSXUQBSySWf9PpMMQfvf6ixkD4XSe-hcDsZHlNd-v7Y8aRg
.lijit.com/ Name: _ljtrtb_43
Value: CAq8oVsHu_MTXO3xBwmkoAgI66MTDO-mDgmQSgXb
.lijit.com/ Name: _ljtrtb_49
Value: wRap5GlMEgyp
.lijit.com/ Name: _ljtrtb_83
Value: LP23TFKZ-1F-2JRM
.lijit.com/ Name: _ljtrtb_86
Value: ULvzg6dxdpm5jGsoqb4hRA0d8WqCco-6wuF269C1IyA
.amazon-adsystem.com/ Name: ad-id
Value: A032t2atpEwFjDfJPp2jXNg
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.lijit.com/ Name: ljtrtb
Value: eJyrVjKxVLJSKg9KLDB1z%2FF1Ta8sUNJRsjAGivkEGBmHuHlH6Rq66Rp5BfmCxM2A4qE%2BZVXpZikVKQW5plnuxfmFSSYZQY4GKRbhhc7J%2Bbpm5aVuRmaWzoaelY5ALSYgo5wdCy3yw4o9SuN9QyL8jSucynOz8x3TPc3MfENc%2FHVzXdJzA4PTI5KUagGblSqp
.lijit.com/ Name: _ljtrtb_80
Value: LP23TFKZ-1F-2JRM
.mfadsrvr.com/ Name: tuuid
Value: 031db250-f8fe-4eaf-828e-073140af5da2
.mfadsrvr.com/ Name: c
Value: 1700194350
.mfadsrvr.com/ Name: tuuid_lu
Value: 1700194350
.controlc.com/ Name: __qca
Value: P0-1578183487-1700194349311
.3lift.com/ Name: tluid
Value: 3702764178380423787739
.bidswitch.net/ Name: tuuid
Value: 618a9eb3-5ba8-4691-8c50-55dd42f94a36
.bidswitch.net/ Name: c
Value: 1700194350
.bidswitch.net/ Name: tuuid_lu
Value: 1700194350
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 0D6E816A-664C-47F1-814A-17779A42A949
.mfadsrvr.com/ Name: ssh
Value: !bidswitch,1700194350!sovrn,1700194350
.adfarm1.adition.com/ Name: UserID1
Value: 7302279134389139599
.ctnsnet.com/ Name: cid_30f5c5db0291457dac456b349e6218a3
Value: 1
.weborama.fr/ Name: AFFICHE_W
Value: JoC68FCWIbkm31
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZVboLwAAOeqJBQBU
.simpli.fi/ Name: suid
Value: C678A7A34944497693A6916DA9EC23EB
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7302279134389139599&KRTB&23369-7302279134389139599
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-618a9eb3-5ba8-4691-8c50-55dd42f94a36
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-6445747934427449614&KRTB&23339-6445747934427449614
.de17a.com/ Name: guid
Value: 1.6377349369375825056
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-XEwvkQ9BKMNHGn7BU083kFxOeJNHSnyWWk_IzKRZ&KRTB&19420-XEwvkQ9BKMNHGn7BU083kFxOeJNHSnyWWk_IzKRZ&KRTB&22979-XEwvkQ9BKMNHGn7BU083kFxOeJNHSnyWWk_IzKRZ&KRTB&23462-XEwvkQ9BKMNHGn7BU083kFxOeJNHSnyWWk_IzKRZ
.pubmatic.com/ Name: KRTBCOOKIE_1323
Value: 23480-OPUb95334c93fbf4649b8c05728128875c9&KRTB&23485-OPUb95334c93fbf4649b8c05728128875c9&KRTB&23524-OPUb95334c93fbf4649b8c05728128875c9
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEGErtJIPOdJWYpjfODEQxAA&KRTB&23025-CAESEGErtJIPOdJWYpjfODEQxAA&KRTB&23386-CAESEGErtJIPOdJWYpjfODEQxAA
.adform.net/ Name: C
Value: 1
.sitescout.com/ Name: ssi
Value: 424f8257-bf4b-47aa-bd06-0cf50d1a948a#1700194351228
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0NjExNTUxMjIyNjIyNDQ1NRbiM9QNLzCviooMLDTyCEkFAHM27cMlAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0NjExNTUxMjIyNjIyNDQ1NRbiM9QNLzCviooMLDTyCEkFAHM27cMlAAAA
.csync.loopme.me/ Name: viewer_token
Value: 31cb65fc-910d-475f-970e-d46bd99e8b85
.audrte.com/ Name: arcki2
Value: 393kJ5--Fj-QXOvXOB-vMwiHQ!20220908!1700194351263!ip#77.239.42.71
.audrte.com/ Name: arcki2_pubmatic
Value: 0D6E816A-664C-47F1-814A-17779A42A949!20220908!1700194351263
.adform.net/ Name: uid
Value: 5391045297437159480
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-5134455422232211553
.turn.com/ Name: uid
Value: 3659974528374296936
.bidr.io/ Name: bito
Value: AABtSE7KrdAAABU8cM6m8w
.bidr.io/ Name: bitoIsSecure
Value: ok
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTcwMDE5NDM1MTM5N30
.yahoo.com/ Name: A3
Value: d=AQABBC_oVmUCEJ7VMwKaQgtO0cQY-6BtSjsFEgEBAQE5WGVgZQAAAAAA_eMAAA&S=AQAAAnqCs5jj2q_erhG3I_UVTcI
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: 3cb0bf8ec8f3d1d92b360e9d009ed1fa
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-86a381e1-948e-5c92-7b83-9b184d848669.G3r8%2BCRb2qQng%2BxaJitUr%2FvkWeBQYif8vQlvxXLDMis
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-86a381e1-948e-5c92-7b83-9b184d848669.G3r8%2BCRb2qQng%2BxaJitUr%2FvkWeBQYif8vQlvxXLDMis
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AhqOB4ZSOXJJ7g5sYTYSGaU3vKkc.gd%2FNomch3Ikr2YBLAVnTywyIWamZmEX4vwDrxCee8Q4
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AhqOB4ZSOXJJ7g5sYTYSGaU3vKkc.gd%2FNomch3Ikr2YBLAVnTywyIWamZmEX4vwDrxCee8Q4
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIMUwNwC7WyiKr2k6OW5hguN2EuS9PHvtAT18_zEgsDDvEHwYBCCv0NuqBjABOgTwi70wQgS0_AGr.0bMsDFiOoWgJomTlTHkQ%2FF1lM%2FwTT2sTAdufUf0BLIk
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIMUwNwC7WyiKr2k6OW5hguN2EuS9PHvtAT18_zEgsDDvEHwYBCCv0NuqBjABOgTwi70wQgS0_AGr.0bMsDFiOoWgJomTlTHkQ%2FF1lM%2FwTT2sTAdufUf0BLIk
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-5391045297437159480&KRTB&23263-5391045297437159480&KRTB&23481-5391045297437159480
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-3659974528374296936&KRTB&23150-3659974528374296936&KRTB&23527-3659974528374296936
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-424f8257-bf4b-47aa-bd06-0cf50d1a948a-6556e82f-4348&KRTB&23418-424f8257-bf4b-47aa-bd06-0cf50d1a948a-6556e82f-4348
.audrte.com/ Name: arcki2_ddp2
Value: 393kJ5--Fj-QXOvXOB-vMwiHQ!20220908!1700194351525
.linkedin.com/ Name: bcookie
Value: "v=2&682f242f-4aaf-44f8-85fe-2f6f58fcde4d"
.linkedin.com/ Name: li_gc
Value: MTswOzE3MDAxOTQzNTE7MjswMjE3cOsxFUdc67LZCLWch0EhCUZbio++mzP3EPuoiV5Jyg==
.linkedin.com/ Name: lidc
Value: "b=OGST00:s=O:r=O:a=O:p=O:g=3137:u=1:x=1:i=1700194351:t=1700280751:v=2:sig=AQFGJLx7uyDePfPSN_OmKJ9r8Bio8pKK"
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-hqOB4ZSOXJJ7g5sYTYSGaU3vKkc&KRTB&23334-hqOB4ZSOXJJ7g5sYTYSGaU3vKkc&KRTB&23417-hqOB4ZSOXJJ7g5sYTYSGaU3vKkc&KRTB&23426-hqOB4ZSOXJJ7g5sYTYSGaU3vKkc
.adsby.bidtheatre.com/ Name: __kuid
Value: dfa634a4-55db-4c11-89c5-1cec3e9a3de0.469408351
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-6377349369375825056
.doubleclick.net/ Name: ar_debug
Value: 1
ads.smartstream.tv/ Name: DID
Value: 79d2b1fa57fcf812964e2c2b768a8c3a
ads.smartstream.tv/ Name: idt
Value: 100
ads.smartstream.tv/ Name: permanent
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_945
Value: 19558-uid:&KRTB&23513-uid:&KRTB&23537-uid:
.casalemedia.com/ Name: CMPS
Value: 2171
.casalemedia.com/ Name: CMID
Value: ZVboL2W604ow4w.0eyPOEgAA
.casalemedia.com/ Name: CMPRO
Value: 5192
.sportradarserving.com/ Name: zuuid
Value: dec256e1-9d52-4e49-bba6-c7248d7b9d8b
.sportradarserving.com/ Name: c
Value: 1700194351
.sportradarserving.com/ Name: zuuid_lu
Value: 1700194351
.sportradarserving.com/ Name: zuuid_k
Value: 1
.sportradarserving.com/ Name: zuuid_k_lu
Value: 1700194351
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAAH2-1_9rTdYQN9elkZAAAAAAA&KRTB&22713-AAAH2-1_9rTdYQN9elkZAAAAAAA&KRTB&22715-AAAH2-1_9rTdYQN9elkZAAAAAAA&KRTB&23519-AAAH2-1_9rTdYQN9elkZAAAAAAA
.audrte.com/ Name: arcki2_adform
Value: 5391045297437159480!20220908!1700194351964
cm.adsafety.net/ Name: UID
Value: CM12023111704297f15d1bf1a7086266
.adsafety.net/ Name: cm_uid
Value: CM12023111704297f15d1bf1a7086266
cm.adsafety.net/ Name: cache0
Value: L2UzeGVJMkNTL0pzMlRFUXR5b1cvcHc4VGUrN1k2Z09WZThDbG5mS081VGduS3pWc3l5b21lbUROMHBsZktrY2lIbVMyZTRXVHJZeEpMdFVwa2VOMFlMZWRyRkYxYjVYSXJyLzVpaXQwSkFZYmQ2MXp4QytXSkR5a2xXbHM3Rm8yTUNGcmpOT3p0ZVc3cFB0dVhlVUd1MlFHb0EwL0tjNTJQRG9pdjA1QmZJUG5MNjR1cTQzZytUL1dkNkRZazZqNGxCOUw2a3JhSDdHUWk1M3R0c05LZkFERjRFVWxEOVlnQmszaHo1SEJyWi9CZjNHSThpR0l2eUJwZkxaMUxoUEJDUVMvd2x4c25uMVQ3MHFJQS9GUGdtS0hYVGZ1VFF3MThURDluMkptM29sUjlGNWl3bEYxTTkvVzliejhWOXZwbGhuVy9mWjkyNnE0T1ZJdDBFL0xBPT0%3D
.yieldmo.com/ Name: yieldmo_id
Value: 3FMy777dd47L3ru1qjlX%7C1700179200000%7C3408596345834127664
.ads.yieldmo.com/ Name: re_sync
Value: pp%3D1181530%7Crc%3D1181530%7Cdv360%3D1181530%7Cpub%3D1181530%7Can%3D1181530
.smartadserver.com/ Name: pid
Value: 6168569590249815123
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: csync
Value: 127:AABtSE7KrdAAABU8cM6m8w
.company-target.com/ Name: tuuid
Value: 10c2b80d-f892-4c5c-baaa-020121cb8029
.company-target.com/ Name: tuuid_lu
Value: 1700194352|ix:0
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1o1b|7TZ.0.1|7dN.0.AABtSE7KrdAAABU8cM6m8w|7dW.0.1
.ads.yieldmo.com/ Name: ptrrc
Value: LP23TFKZ-1F-2JRM
.ads.yieldmo.com/ Name: ptrpp
Value: wRap5GlMEgyp
.ads.yieldmo.com/ Name: ptran
Value: 6445747934427449614
.openx.net/ Name: i
Value: d5bf1d93-c04f-0b0a-16ec-def86bb08863|1700194352
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AABtSE7KrdAAABU8cM6m8w
.redintelligence.net/ Name: 8lcfmzhxc8d6_uid
Value: 70f93f1dcc212061
.liadm.com/ Name: lidid
Value: 6172120c-6aba-4df1-9357-838d57b80eb5
.quantserve.com/ Name: d
Value: ELwBHgG5KvijDejbEJ-SDKnsEA
.openx.net/ Name: pd
Value: v2|1700194352.1|gqwkiysLvQmOgevNgun0.j8vSiSsfnswL
s2s.t13.io/ Name: uids
Value: eyJ1aWRzIjp7fSwidGVtcFVJRHMiOnsidHJpcGxlbGlmdCI6eyJ1aWQiOiIzNzAyNzY0MTc4MzgwNDIzNzg3NzM5IiwiZXhwaXJlcyI6IjIwMjMtMTItMDFUMDQ6MTI6MzAuODcwNDg4MTE2WiJ9LCJxdWFudGNhc3Rmc3giOnsidWlkIjoiTXlYUlUyQW8xZ0VvYzRBRFBDYkpVak1uaGxFb0k0SlVOU2JLR1RBbCIsImV4cGlyZXMiOiIyMDIzLTEyLTAxVDA0OjEyOjMyLjg0NTExMDI3WiJ9LCJtZWRpYW5ldCI6eyJ1aWQiOiIwMDAwRUVBIiwiZXhwaXJlcyI6IjIwMjMtMTItMDFUMDQ6MTI6MzAuMTI3NTk0NzUyWiJ9LCJzb3ZybiI6eyJ1aWQiOiJIcTE4dVRaSDdoTG9nWVZYUk95VUN4Z0IiLCJleHBpcmVzIjoiMjAyMy0xMi0wMVQwNDoxMjoyOS44NDYwNTgzNTZaIn0sIm9wZW54Ijp7InVpZCI6IjNmY2RhZDA1LWQwNTctMDcxNC0yN2I2LWQ2MDU4ZWNjNzkxMyIsImV4cGlyZXMiOiIyMDIzLTEyLTAxVDA0OjEyOjMzLjQzMDU1OTg5OVoifSwiaXgiOnsidWlkIjoiWlZib0wyVzYwNG93NHcuMGV5UE9FZ0FBJjUxOTIiLCJleHBpcmVzIjoiMjAyMy0xMi0wMVQwNDoxMjozMS45NzAxNzA1ODNaIn19fQ==
.t23.intelliad.de/ Name: iact
Value: 0001C87AAB383DB8335AC453AB1A8E52D4E5
.t23.intelliad.de/ Name: iaimp_42842
Value: 1700194353:42842:100:137:101:248:101:20231117041233398265f3cfacc615
.dotomi.com/ Name: DotomiTest
Value: 48e13e6bd8d18c1
.pubmatic.com/ Name: DPSync3
Value: 1701388800%3A197_201_245_241_235_227_226_219
.pubmatic.com/ Name: SyncRTB3
Value: 1701388800%3A264_81_88_251_238_22_249_71_7_166_165_161_196_233_99_204_8_220_214_243_234_3_55_254_176_13_56_46_54_21%7C1700784000%3A15_223_2%7C1702771200%3A203%7C1701043200%3A63%7C1701475200%3A35%7C1705363200%3A69
.awin1.com/ Name: awpv11467
Value: 414915|1700194353|886b62d0-84ff-11ee-819e-22341370d01f
pool.admedo.com/ Name: tuuid
Value: 8d61d914-2525-40b6-aba1-9efa7482174e
pool.admedo.com/ Name: c
Value: 1700194353
pool.admedo.com/ Name: tuuid_lu
Value: 1700194353
.awin1.com/ Name: awpv15168
Value: 414915|1700194353|887092f1-84ff-11ee-819e-22341370d01f
.blismedia.com/ Name: b
Value: 6556E83173DBB97B5B915A72BLIS
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%220ECB213E-7B2C-4765-2261-2DD43BC236F3%22%7D
.acuityplatform.com/ Name: auid
Value: 853313337714
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANPqNdXNlck1hdGNoaW5nSWTIkWxhc3REcm9wVGltZU1pbGxpcyUBRXZvMBK0mGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUV2bzAStI90aGlyZFBhcnR5VXNlcklkWkNBRVNFQXlMVW14THBNVFN0Y2lNekZBTGkwb/v7hnZlcnNpb27C+w=="
.awin1.com/ Name: AWSESS
Value: 346432:2246412
.analytics.yahoo.com/ Name: IDSYNC
Value: "18z8~2f3g:18vk~2f3g:19e0~2f3g"
.zeotap.com/ Name: zc
Value: 32678b3b-0cdc-4c59-7710-a536a11469dd
.onaudience.com/ Name: cookie
Value: bf02c8daae240be6
.onaudience.com/ Name: done_redirects104
Value: 1
www.conrad.ch/ Name: HTLP_timestamp
Value: 1700194354383
www.conrad.ch/ Name: CEAffHA
Value: AW
.www.conrad.ch/ Name: __cf_bm
Value: Ojnhw8oju4P8G.iQrO.Ist2zuJprS3K3z.s3YLHa32Q-1700194354-0-AUFEb7SgsGaBJ2jhHiAim170rEksxihQVxfNBL0Qt3TP5au9y0nqSgsqc7StA1eG34rIRaoyYvgzijo9JXcCuFU=
.semasio.net/ Name: SEUNCY
Value: A50CB4311127E111
.tapad.com/ Name: TapAd_TS
Value: 1700194354464
.tapad.com/ Name: TapAd_DID
Value: 795eb2b0-c9f0-4be8-82d2-9f4a8c20e32f
.conrad.ch/ Name: __cf_bm
Value: Aoatoac060arYgII7cZNcpG0Z2O34r__FCizSi40ps8-1700194354-0-AWLbIRXFgS1xZhGYGnL5dTHa9dBOjMx5mKisPie7l3mabzlQfNYDW64Sx2DUyoD1soDLLQmjqljBzJX0zzLQ+G0=
.rezync.com/ Name: zync-uuid
Value: 1427ad7e-2971-4e8c-b8b7-d84c9f6c4c87:1700194354.4357219
.adnxs.com/ Name: anj
Value: dTM7k!M4/0DunaTF']wIg2E>7dAotq!]tb?8bhzs#DNA_<'.OaUcK'lN[`P5Q7vN9_'`fhSl5LRa`jzEcv)tdA3^AR/ky(+%ZBAIubQISPYdZ#pt11y+P5Qc%BgA<*KWqG!!$0e+Q1vm
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJ0cmlwbGVsaWZ0X25hdGl2ZSI6eyJ1aWQiOiIzNzAyNzY0MTc4MzgwNDIzNzg3NzM5IiwiZXhwaXJlcyI6IjIwMjQtMDItMTVUMDQ6MTI6MzBaIn0sInJ1Ymljb24iOnsidWlkIjoiTFAyM1RGS1otMUYtMkpSTSIsImV4cGlyZXMiOiIyMDI0LTAyLTE1VDA0OjEyOjM0WiJ9fSwiYmlydGhkYXkiOiIyMDIzLTExLTE3VDA0OjEyOjMwWiJ9
.mediago.io/ Name: __mguid_
Value: f34e96994d774bcc181fz400lp23tjzg
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAA_w3EwRGAMAwDsA_rhKuDixO2oWkZhMlBD72bQNc9tcxTMK4oGzFkM1j5nMUKXVBrSB6d-58c-QGSb3PiOgAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_9vEyGtobmBgaGlibGpoZGq2C4lvbGxpPEnY3NDEyDwxxTxV18jS3FDXJNUiWTfJIslcN8XCJNkyzSzZJNnC3AquyUQPSJgbGVrOEkaYZGJmar4IjQ8ASas6wHoAAAA
.rubiconproject.com/ Name: audit
Value: 1|SDziDG3X/EhVst9IpuR7Z+cMDvczsB15C+Uv07FAmXVUzvpq0v63hc8s0R4GLQi9wRcTr40sb9up09IPATRuerFSoH8hsDdNpmvllXEtYN4=
.onaudience.com/ Name: done_redirects68
Value: 1
.tribalfusion.com/ Name: ANON_ID
Value: aGntuJoNIvapmVrCI2OCbpqCOk833gtqGdckGLY9QVZdSQMSifVUaFLmZaPZbdsLXEx1MqSm7fQZcw4905YTZaVMVhm8w
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-9e1da839-44d2-4792-838f-455eac3facfc-003%22%2C%22nxtrdr%22%3Afalse%7D
.onaudience.com/ Name: done_redirects200
Value: 1
live.rezync.com/ Name: sd-session-id
Value: .eJwNytEKgzAMQNF_ybMdJk2Wtj8j2mZQNt2w7mXiv68vFw7cE6aP7eu82XZAOvavDZBftatBOqHV32pPSCDomUWYiDwRooiHa4BmrdX3NtXSH2TSuag5ioqOLWS3hEVdCZzj4545B02o44iRvfCtRwkjXH-pciWZ.ZVboMg.JCz7moC8GJ_UBr9e-2_Dbnn0tak
.onaudience.com/ Name: done_redirects282
Value: 1
.ads.yieldmo.com/ Name: ptrpub
Value: 0D6E816A-664C-47F1-814A-17779A42A949
.connatix.com/ Name: cnx_userId
Value: 97002ae2c108419d85456595cc90ab1b
.rlcdn.com/ Name: rlas3
Value: MI58CB7CCjrWYUwz6TvdM8AHrx3aLgKfat1hlobnJlw=
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-9e1da839-44d2-4792-838f-455eac3facfc-003%22%7D
.pubmatic.com/ Name: KRTBCOOKIE_409
Value: 22966-woK5xk2lhMaXjSQggnXWahnU
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 5
.pubmatic.com/ Name: pi
Value: 156696:4
.rlcdn.com/ Name: pxrc
Value: CLPQ26oGEgUI6AcQABIGCLrqARAA
.ads.pubmatic.com/ Name: pubsyncexp
Value: 1700215955381
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17105-RX-9e1da839-44d2-4792-838f-455eac3facfc-003&KRTB&17107-RX-9e1da839-44d2-4792-838f-455eac3facfc-003
.pubmatic.com/ Name: PugT
Value: 1700194354
.springserve.com/ Name: ssid
Value: 1650f1fc-b2ac-4338-a10b-c4e50b75f1cd
.springserve.com/ Name: sst
Value: 1700194355463
.pubmatic.com/ Name: SPugT
Value: 1700194355

4 Console Messages

Source Level URL
Text
network error URL: https://t.adx.opera.com/pub/sync?pubid=pub10014056052800&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 417 ()
other error URL: http://tpc.googlesyndication.com/sodar/62bHydCX.html
Message:
The Cross-Origin-Opener-Policy header has been ignored, because the URL's origin was untrustworthy. It was defined either in the final response or a redirect. Please deliver the response using the HTTPS protocol. You can also use the 'localhost' origin instead. See https://www.w3.org/TR/powerful-features/#potentially-trustworthy-origin and https://html.spec.whatwg.org/#the-cross-origin-opener-policy-header.
network error URL: https://sync-dmp.aura-dsp.com/match/google?google_gid=CAESELsljo56Yxn0yLTn9ER7YSg&google_cver=1&google_push=AXcoOmQYR2Unsdd6U38duYtUbiw26lXDfE3hiGQ8W5qtRvVQI6xptkY3l-whfghmPhU_mh4nEIyMJpobQ7iXb8y0nKsamOIXJZeLhQ
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
other error URL: http://imasdk.googleapis.com/js/core/bridge3.605.0_en.html#goog_1507309180
Message:
The Cross-Origin-Opener-Policy header has been ignored, because the URL's origin was untrustworthy. It was defined either in the final response or a redirect. Please deliver the response using the HTTPS protocol. You can also use the 'localhost' origin instead. See https://www.w3.org/TR/powerful-features/#potentially-trustworthy-origin and https://html.spec.whatwg.org/#the-cross-origin-opener-policy-header.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ad.gt
a.audrte.com
a.pub.network
a.sportradarserving.com
a.tribalfusion.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad-delivery.net
ad.doubleclick.net
ad.mrtnsvr.com
ad.turn.com
ads.playground.xyz
ads.pubmatic.com
ads.smartstream.tv
ads.travelaudience.com
ads.yieldmo.com
ap.lijit.com
api.btloader.com
aws-fr-sync.bidswitch.net
b1sync.zemanta.com
b1t-eudc1.zemanta.com
bh.contextweb.com
btloader.com
c.amazon-adsystem.com
c.pub.network
c1.adform.net
capi.connatix.com
casale-match.dotomi.com
cdn.confiant-integrations.net
cdn.hadronid.net
cdn.springserve.com
cdnjs.cloudflare.com
ce.lijit.com
cm-supply-web.gammaplatform.com
cm.adgrx.com
cm.adsafety.net
cm.g.doubleclick.net
cms.quantserve.com
controlc.com
core.iprom.net
cr.frontend.weborama.fr
creativecdn.com
csync.loopme.me
ct.conrad.ch
d.pub.network
d.turn.com
d5p.de17a.com
df8cebb9b928c641b774bc75eedd3033.safeframe.googlesyndication.com
dis.criteo.com
dmp.adform.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
eu-u.openx.net
eus.rubiconproject.com
fastlane.rubiconproject.com
flutteringfireman.com
fonts.googleapis.com
fonts.gstatic.com
freestar-d.openx.net
freestar-io.videoplayerhub.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
green.erne.co
grid-mercury.criteo.com
grid.bidswitch.net
gum.criteo.com
hal9000.redintelligence.net
hal90008.redintelligence.net
hb.yahoo.net
hbopenbid.pubmatic.com
hbx.media.net
i.liadm.com
ib.adnxs.com
id.hadron.ad.gt
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
imasdk.googleapis.com
ipac.ctnsnet.com
live.rezync.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
matching.truffle.bid
media.grid.bidswitch.net
mwzeom.zeotap.com
openx2-match.dotomi.com
optimise.net
p.rfihub.com
pagead2.googlesyndication.com
pixel-eu.onaudience.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pool.admedo.com
pr-bh.ybp.yahoo.com
protected-by.clarium.io
pubads.g.doubleclick.net
pubmatic-match.dotomi.com
px.ads.linkedin.com
region1.analytics.google.com
rtb-csync.smartadserver.com
rtb.mfadsrvr.com
rtb.openx.net
rules.quantcount.com
s.amazon-adsystem.com
s.company-target.com
s.tribalfusion.com
s0.2mdn.net
s2s.t13.io
secure.quantserve.com
securepubads.g.doubleclick.net
serving.stat-rock.com
simage2.pubmatic.com
simage4.pubmatic.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.adsafeprotected.com
stats.g.doubleclick.net
sync-dmp.aura-dsp.com
sync-pm.ads.yieldmo.com
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.mathtag.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
t.adx.opera.com
t23.intelliad.de
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
trace.mediago.io
u.openx.net
uipglob.semasio.net
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
vid.springserve.com
vpaid.springserve.com
widgets.outbrain.com
www.awin1.com
www.conrad.ch
www.google.ch
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
ad.mrtnsvr.com
cm-supply-web.gammaplatform.com
pubads.g.doubleclick.net
sync-dmp.aura-dsp.com
104.17.25.14
104.18.186.224
104.18.21.206
104.18.24.173
104.18.36.155
104.18.43.90
104.19.241.24
104.22.24.87
104.22.4.69
104.26.2.70
108.128.8.255
108.138.1.25
108.138.9.235
13.107.42.14
13.248.245.213
13.32.27.108
13.32.27.28
130.211.23.194
138.201.63.150
141.94.171.212
141.94.242.204
142.250.181.226
142.250.181.227
142.250.184.225
142.250.185.226
142.250.185.228
142.250.186.102
142.250.186.106
142.250.186.162
142.250.186.66
142.250.186.72
146.59.148.16
151.101.129.108
151.101.2.49
154.59.122.79
16.171.99.149
162.55.120.196
172.217.16.130
172.217.16.131
172.217.18.6
172.64.144.166
172.64.146.152
172.64.151.101
172.67.23.234
172.67.36.110
172.67.41.60
172.67.74.207
178.250.1.11
178.250.1.39
178.250.1.9
18.192.135.64
18.195.61.190
18.66.112.44
18.66.97.81
184.30.16.195
184.30.17.67
184.30.24.22
185.184.8.90
185.29.132.245
185.64.189.112
185.64.190.78
185.64.190.79
185.64.191.210
185.86.138.146
185.89.210.122
188.114.97.3
188.166.17.21
193.0.160.131
193.135.9.127
193.135.9.135
195.5.165.20
198.47.127.20
198.47.127.205
208.93.169.131
209.54.182.161
213.155.156.167
213.19.162.43
213.227.153.223
216.239.34.36
216.52.2.30
216.58.206.33
216.58.206.34
216.58.212.170
23.48.23.8
23.56.205.163
3.33.220.150
3.65.116.7
3.65.142.57
3.67.63.57
3.75.62.37
34.102.253.54
34.107.140.113
34.110.189.112
34.111.113.62
34.111.129.221
34.111.152.239
34.160.152.31
34.250.99.225
34.96.105.8
34.96.71.22
35.157.49.61
35.158.43.241
35.186.193.173
35.186.253.211
35.190.0.66
35.204.74.118
35.208.249.213
35.210.53.219
35.214.189.64
35.244.159.8
35.244.174.68
37.157.2.229
46.228.164.11
46.228.164.13
46.228.174.117
52.18.217.211
52.19.114.225
52.49.140.195
52.50.95.14
52.94.222.140
54.164.160.224
54.165.29.149
54.74.177.179
63.251.14.3
64.202.112.223
65.9.66.116
67.202.105.23
69.173.144.139
69.173.144.165
69.192.160.219
72.251.241.206
74.125.206.156
77.243.51.121
78.140.185.32
8.43.72.97
82.145.213.8
85.114.159.118
88.99.219.174
89.149.192.197
89.207.16.140
91.228.74.159
95.101.149.233
98.98.134.243
04011cfc7eda18e8567f9c27899514e871cf823d1101bbedb9f270767d98f14e
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
0483daadda3d2e4c229fdce8d1f649cf6ad4176299867d4e66d4748ed7513bac
0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07702d076f8c28644a2b09299dac52af3abbf7bd5d3c6d23c6c8ea6aa133cdea
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0fe0ad94fcc522dbb657256c29f0f42848e862674f0712de12d30925bf2783d0
10d260de958aa225f5add9155e9194221b65c1c991ec3bc9132a40d4f4fabff2
121307a83e1baa63996c3b15c72c6960b2f35ddefebf6c4043788a2c4f670743
13417d43b84c9e97dc817502f8ceceef787536d2a6d7c6bec093649dfae401dd
150abf5d65851c215b785dc90f363002897279f75a0f466caa6c92534a20a2d7
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
16f6a89c89e20586fdb7ed77f218f6af5442e80c8c3116deb2ab0cdd5aae2001
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18d8329b2e4b430a4f34b5247ba02ca5378fcdf574eb7ba5f1ef00ac0a705c5a
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
1bf5435c55a81e3f050dc22ed008eb354bcecd1c042316e81a95a488a6c0ae43
243f880b68d91b07742b30f0d9fe0846f407eed1d3567c77a0592a057ec91e8c
25b1b4e9934aa4cb8e8bdf5fd7911f6ec67acde6b6b39f1561aec2244f7826af
262154738151ed97e804c8c5095c3ccf2ba55a8bbe49958bbb266d7220e43275
296bd0aa075d532826ad19555af1bff1529840d45286c0d86a712d60f63b561c
2a11c133fc51a4bdbf16a612562fd43d160e9e4b27006127d4e1325b02a027d6
2a5bbb625f5a8a8f18218e9d5c791411d7a60205f29d540d914d5aa7fad1f1fc
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
304632f6cdd1c554543203bcafb40a06c857b21a51069a888a2bbd67a109feed
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3395777c1ebe5c24771e66c989bdefd74e1f31faf7cf728479d8868bb0a4fa13
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
399419e7de854b4b859640e77106a9d5b944a23d9554b2ac33cd5a2dd4495f88
39c0495e4b24a50cf3183d811eb53e90364b9ef103a90d0ae4a14823dcb379bf
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
3ca51323724381eb62f12066c6c618f77c9b4e6fe37d05d68e4af0abc44d4e6d
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40446f70ac0f8ed9ae4912bda6f9e9333badad89bc616a4594edcf67521fb771
4224c100ed3ee83211bdce69aebc3f37e2bd4a6b26a54db5c931fcd7f7a6b7fd
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
4355a46b19d348dc2f57c046f8ef63d4538ebb936000f3c9ee954a27460dd865
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
439211cb90e7da0f52c80f15dc2ca868ac9419e83350a1ff2d0372031f359986
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44ab4295426ae6c791f4c9c452e07a22dcebea21d40ced3b2ead61b018d5a2be
45c513de1b36b18482e9302311d174cd6a9a0e0d8a2bfc23060f8344ae12872a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b11a3cb86b8e90ee13ac577dbb1a2398373c7d7777a18066cf50b991ecae129
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
518331774eeaf7a95b4c794671e03013cf103069819cb57c2bfac81cef72bd55
51fe70edbe104885444e15487ca7cbec6059ef1ae9a660aee7c7d126eefc6a69
53c4ead44add22da6a363b4231834b6bcac7f960249791f00e98b8bc6dd16115
5443c1680fb28b421ca2dea045234717853efacf3d12a1a7cb47cfea10588a0b
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57f5ba460b88b1e887d9c46f39f8b4068d864fd458bc86a621be0c022abe3460
583d24c0fa1d77f34623be9be284a5303f7b904dcf23e3bb3e11ebfc744180cd
5f20338b9aab2f5f33562eb3b0b23d999896ce426cacd2231b4123510571df4e
610d24f5996131b3ab98f18e05441cc246aa8674c3842df0df2b40b57ac9fd0c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
65bfb1d123a1408878ce65467de646f66207ff8e9142f49c0f6d43d37aeca216
66e0544bf9c0551518f0a48b84efbed0711b5c79ee8bc9bac79d017e99d1175f
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
6ee69abe38a87fd8aa0867401e1e14d2831eab6dfb1bb2d97abf65ac57cb5705
6ef55973c1965bd715ee8518cd61227c7ed63e6434f7a86d61c1b54a177e6166
6f4df8ec8a990788eef5a8df400db264190ff0038e3f3370879248166cb97594
6fd403284ca5961eb216859a939ae0155823cbeb814171721f9c2d06e9b7ae5b
72b59d9449d39bb7d7a4d3637e3b9e3d5040aee7efd14872b3f52982295e73a9
736b03ffd408ef5ef167ea138b1cc8573d1c1f129bf8a38713f562f9f794df92
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
76621d3b2561de39d3266e42c194d7e0265989a375a2e234be586fa227573e8c
770a5be4937bf757134b47d4845e28c82e6dda0c7eee72875fda2ad3dbc93718
77daa4388c965a3e23b5a6c800727d8025ab108f89cf5679e79136986d5b4561
788c13994d09fd809cb431d4a0a2aaba6dd88c9b2ba4c0c9e03345362d9633ec
789d8f170c52f6d93590d7f64505a397d236b00caabffb840571543de0cc559b
79fa7edbb895098ba7b57f42dd619676db8ae71bf31e9f7825618e756cc8b993
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7cb0696f9e3a15009a10a022ad1876bf519fccae6f17598d14cec5ce01359f46
7ebadfb0328064c5cee4e463f60f6b67ad4111578429bb00206d358826752596
8097f7d71457717dc3475e64b6bfa7a666ff403ca4b0059df01ee94bd8538d5c
810f6742860e4873f9bee456b76055c7a365d4059aa02b366789a2fc9454fb1d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
853f4fa09ab06cf66a637110256dab9d50b6fca8a97f67ae2f7e8c88e7f4f97f
86924cd006db30b9d4f1418e06cd7bd83eef2be768a10f27d2cff26e6977cced
8698450d06cb4f13a63a974f8fe42f015af817bc9ce02450f23ef440d9b12409
87ceee16f56ee42590a207bb578a1ffc1627893d3be9b6a207c4bf317c0604f6
8b9072104b9806e02fe6397cfc8e04a63b42382b29e95b28781e1408cf43942f
8d59600c71819efd9513ea48d57eb86572a2c6f2a71020c00b5cee27c46766cd
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
956718e46d7ed67273205318bb008c5b6acdf6591ea49de517889cadc1f9b15f
975774f69c7197b570de3beb1273f1dba1c9e4a3bf78fd11fc053f19c099dfb8
98594e460ff17af1539c7e4ae40379981a3d6f0aef84b8490c5273f29715a7dc
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9917a1ddf6291257fff25cf5b97c66470551f5a8df5ca2d9e0af24a7a847d35b
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0f95dcad4811c2b85289326687f5e63764a1a24b5f8bd2d4ad59da3858f7992
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a2eacbd0a55e794d92e79a03b68c07f613a0ab710ffaffe5f1d12d67aac843a1
a4c41da879603c2cab554c16a0979686f277feb3a5bb3d4439f895d32be65180
a6e01c1e4be79a0b3ed2b1728c011b622bfc96164d10b6b467f900d78fff59bd
a6e4f5791b28024452bd6f440e74709608dd12e4c5db86483cdf7580893df282
a7b5f5f96f81dea4efc53e1d4dae8b37c28bec27a45b42ccf604ee759e20caec
a7d95017fa2379a4bf437aff9c95977004ffa0f3f4ab9544a685afa3120a0e6b
abac43600ec218d8281b6c268da1f2e16b9276213b8cfce0780647ecced00605
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ace1d229db9104ad73abb2f1e841dd2aeee2c3f03b1ca732cbcf2ffc651b3818
aec0abde4c303d54a2c9bb8ca14ace3138a8d6346ba11ceb09da425ddf673946
aeea444066d2814ec0ae535cfe601e3bcd65ed5cdc5fac45ad2e6da22bbdcee7
b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b60f65161ce3517c2794eecab25981c51ffbcbc951a781270403e2f3572d0290
b66b3852ff6dbd325b0ba68ff6e6a86419269ac0a8d0f3f339feba3d9123fac2
bafbed60844c7113252124ca42cf6cb3ab28905fac0c1260a7202dedf9025bf2
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb4f8df5602b561c6a5247851f27cebac4099886c0f337e67e5ea9fa0f9caac8
bb626f0574c64d061fbdeed5ffe8650eccae8217f79739eeff73b655be2dca7e
bd00ba9e7f476f6c886775aae38aaecf71529b2022e13ff95a613f6f35a94539
bfd36292cf5f81718793308519a9aa371a7ca39ebf85b3b4e67d0818540ed212
c02c9b8dd3efe3ce56658443eda15913d37210a18ae85c71ccf41ed91759eb74
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c3ec5fd82b2b5642bcd2bb6f6db113306135239c684e8b41ee971aaeeb436d84
c484c78d502a9769494d9fe87c9a826618b36fd60b567dee2cfa0f4e9163d79d
c9a2fdb33b1128c29c6551a1aaa71c3bc1876f3bfcdc28390b8bdf3cfb3d26bc
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
cbc2bddaf09245f604abf9758875bcaa5f12d9dba9dfd54c7b753717028e5b34
cdc3d463fbf8dc91b46728d74a9c89f764c826417efa236c81162a6a626d119f
cebb34b91ef05c9f91a017e4e5aecba2e2f9dab6518af0f2e0c565f25e01a8bc
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfa02cf94e6d7b28d9344315fe1392783fe7df4ae4dbb0ca573b5c1f8b69ebc0
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d346801abbf9bb4e9e9a055239053d4ab5596514304f601a6c70604187acb744
d6438c63069c5b897cbab71927f7069ec113a2917e0f1e7bc4ffb2fc4e03bccd
d7d4812cfe8a4ec82b78c748b83162b1318aa33aba32c59186c93c69d3e744af
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
dae99c129d73015c343b43cb45ba9daa7daec567dadc5335176827e1817aa4a5
dcde77413c285177c95ca3d9b4311692afda3d6019a13762f23251ef5be2e39e
df646682fc270d2264b0c9f86205790b73bb8ff2a940e9dee9513f93970a85b1
dfa649acfcab7a46033aeccb5ca71fa43b3b458ad5c33c6b7819bca854220c51
e07671e8ba9c10d4c3d1f455dc391061fed58524c612b9edc7151269067f0e03
e160fa1936f54e597621a2427041b2bc8356aa88075c4f71cfe41f246725d576
e2262d6284a73b0b1904b84ae3f22fa9f21981799330b7508502eddc388712f6
e329117bbdc12ee0649ed6654138a9ba8e600eaddf9138752631a50d236d135a
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5632e1dc48b408038e0ca71ecbcb3b731b2926680e5956e550789eec702663a
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ecc20ed3c5dedbe5bbe73d1e7b14270c65a85f7d0ec4c94c4f0c9f0071e471a2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f403fad3806ce3425ef5364d1d161f63e7e23534eec42ac3be831d6a9cb6ba6b
f469a9b49fdb41ab7ee8e91664480df04ad47c98e3364760647d7b080622bd3c
f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e
f7f6c3dab1c81ddde75da0debbb56f0694e6afbff0ec4762d8d37df89f8b0a13
fa72b4d4e12d4d99c69067b5228ed6f6cacd4c9ba12255d8b08feb264c487108
fbeb331f108ca678698f5026cd71a47442460dbb8db88d8150fbb87a2f90a5a7
fcbe6729bef5735fd812e033480df7d503688d31b9e8c8bb431335321845a26c