pastebin.com Open in urlscan Pro
2606:4700:10::6817:62be Public Scan

Software

sffe /

Resource Hash

9eb83620a305b5cfbd47a770dd1f649d9ae99d34becf19308f9cc75106d1b5b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 May 2021 08:40:53 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 109330
x-xss-protection: 0
expires: Wed, 12 May 2021 02:08:45 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 66ms
20ms XHR
application/javascript 65.9.95.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 19:29:18 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin
age: 23968
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Wed, 07 Apr 2021 05:49:36 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: eEYYOb32LZFr6yGAi8hXG4401uAIPew2
via: 1.1 b5f551be30f63eca57ca04273cb75994.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: PRG50-C1
content-type: application/javascript
x-amz-cf-id: a5SPqoZ9bLMjGJ7hUNWIxo_wlSDT31-4kgAKaiKvw4RZ0mFszqotKA==

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 25ms
6ms XHR
application/json 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20210512

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

383e242f4d01436295f56ff9ee0179b9216a6c5cbfba737dbf155741fd0d6090

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 31783
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 939
etag: W/"6a0-UVUYH68seO+ykhC02SYX+GwEFXM"
x-served-by: cache-fra19153-FRA, cache-hhn4072-HHN
date: Wed, 12 May 2021 02:08:45 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

POST
H/1.1 204 prebid Show response
prebid.ad.smaato.net/oapi/ 0
339 B 122ms
33ms XHR
text/plain 54.216.200.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.ad.smaato.net/oapi/prebid
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.216.200.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-216-200-99.eu-west-1.compute.amazonaws.com
Software: SOMA /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://pastebin.com
Access-Control-Expose-Headers: X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
Access-Control-Allow-Credentials: true
Server: SOMA
Connection: keep-alive
Date: Wed, 12 May 2021 02:08:45 GMT
X-SMT-SessionId: 88a78994-0ac9-47e4-b832-eceb8243cda4

POST
H2 204 quantumdex Show response
useast.quantumdex.io/auction/ 0
623 B 220ms
201ms XHR
text/plain 2606:4700:20::ac43:47f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://useast.quantumdex.io/auction/quantumdex
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 12 May 2021 02:08:45 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST, GET
access-control-allow-origin: https://pastebin.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yFoRAKlHSrtQqqYxwei3MbzDmvg7ir0kwcp08IJ5RS4PMmGdx4gtgT1MLDUgnCoxlehjZviPjsvgdlNz2lf4W1YL1UXRyzQFAFEDuZQqbR2YW1cUP59SNPzG1umSLD2W%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 64e019dbafd4178a-FRA
cf-request-id: 09ffee7d4d0000178a6e846000000001

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 144 B
839 B 32ms
14ms XHR
application/json 37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

2a3df655b969a67d5a86d01ba34f8d54dc8b25df6b7691297844e14458aa0b41

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 02:08:45 GMT
X-Proxy-Origin: 159.48.53.198; 159.48.53.198; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.239:80
AN-X-Request-Uuid: f75f2a81-9f10-465c-b6e0-7e4f43ec972a
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://pastebin.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

ROS Show response
ads.us.e-planning.net/hb/1/2c995/1/pastebin.com/
Redirect Chain

https://ads.us.e-planning.net/hb/1/2c995/1/pastebin.com/ROS?rnd=0.36434071773842525&e=728x90_0%3A728x90%2C970x250%2C970x90%2C468x60%2C970x66%2C930x180%2C950x90%2C960x90%2C750x100&ur=https%3A%2F%2Fp...
https://ads.us.e-planning.net/hb/1/2c995/1/pastebin.com/ROS?ct=1&rnd=0.36434071773842525&e=728x90_0%3A728x90%2C970x250%2C970x90%2C468x60%2C970x66%2C930x180%2C950x90%2C960x90%2C750x100&ur=https%3A%2...

551 B
963 B

28ms
27ms

XHR
application/json

5.178.65.246
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.us.e-planning.net/hb/1/2c995/1/pastebin.com/ROS?ct=1&rnd=0.36434071773842525&e=728x90_0%3A728x90%2C970x250%2C970x90%2C468x60%2C970x66%2C930x180%2C950x90%2C960x90%2C750x100&ur=https%3A%2F%2Fpastebin.com%2FFMmQ5FdC&r=pbjs&pbv=4.36.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fpastebin.com%2FFMmQ5FdC&gdpr=1&gdprcs=
Requested by: Host: pastebin.com
URL: https://pastebin.com/FMmQ5FdC
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.178.65.246 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: 30938ecdd6c9afbbf0f55c79d96b727e71765f1d2010b64a0ac7832764c367cb

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:45 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://pastebin.com
expires: Wed, 12 May 2021 02:08:45 GMT
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 551
x-sid: AMS-602

Redirect headers

date: Wed, 12 May 2021 02:08:45 GMT
server: openresty
access-control-allow-origin: https://pastebin.com
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location: /hb/1/2c995/1/pastebin.com/ROS?ct=1&rnd=0.36434071773842525&e=728x90_0%3A728x90%2C970x250%2C970x90%2C468x60%2C970x66%2C930x180%2C950x90%2C960x90%2C750x100&ur=https%3A%2F%2Fpastebin.com%2FFMmQ5FdC&r=pbjs&pbv=4.36.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fpastebin.com%2FFMmQ5FdC&gdpr=1&gdprcs=
access-control-allow-credentials: true
content-type: text/html; charset=iso-8859-1
x-sid: AMS-602

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
174 B 46ms
14ms XHR
text/plain 185.184.8.30
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.30 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://pastebin.com
date: Wed, 12 May 2021 02:08:45 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 200 adreq Show response
ads.servenobid.com/ 4 KB
2 KB 152ms
84ms XHR
application/json 52.48.100.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servenobid.com/adreq?cb=5897
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.100.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-100-152.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 385d8efe1f94729ba34f48cf7cbdb987b52f9ac3c1185691b32b413e0a0ea126

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 12 May 2021 02:08:45 GMT
content-encoding: gzip
amp-access-control-allow-source-origin: *
vary: accept-encoding
content-type: application/json
access-control-allow-origin: https://pastebin.com
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
access-control-allow-credentials: true

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
259 B 295ms
115ms XHR
text/plain 136.144.59.88
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://pastebin.com
date: Wed, 12 May 2021 02:08:45 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 25
vary: origin

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ 95 B
729 B 106ms
58ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22184a18736251b19%22%3A%22d398e3afd25fd75bf33c%7C728x90%2C970x250%2C970x90%2C468x60%2C970x66%2C930x180%2C950x90%2C960x90%2C750x100%7Cf%3D0.01%22%7D&ref=https%3A%2F%2Fpastebin.com%2FFMmQ5FdC&s=1dae5ca8-2bbd-4df0-9d88-f1785477bf8d&pv=f252d050-b2f2-41ec-8c2f-5996028d051e&vp=desktop&lib_name=prebid&lib_v=4.36.0&us=0&ius=1&gdpr=true&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22interdogmedia.com%22%2C%22sid%22%3A%224734%22%2C%22hp%22%3A1%7D%5D%7D

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

Software

sonobi-go /

Resource Hash

f0721eb1d987ab41e2f20de19772bb8036f31b1d6bd22e2ac8ef6757cd1cbc2d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 02:08:45 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-10
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://pastebin.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 120
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 138 B
833 B 25ms
7ms XHR
application/json 37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

5d956a87e8a6028c5137d6a08b95eabbf765fceb639cc0aa93c03820c105e0c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 02:08:45 GMT
X-Proxy-Origin: 159.48.53.198; 159.48.53.198; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.196:80
AN-X-Request-Uuid: 261bd682-5b52-4621-86e9-4a8df4c86d65
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://pastebin.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
744 B 34ms
15ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96957d01727298b51a9a3aed860067&pos=8a96957d01727298b51a9a43018b007d&cmd=bid&secure=1&gdpr=1
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.128 /
Resource Hash: ec95ec8d6dc7e9c2e759548f048ebccf1f271114bcd8b52e8ec15495be40b099

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 12 May 2021 02:08:45 GMT
Server: ATS/7.1.2.128
Age: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://pastebin.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
744 B 34ms
15ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96957d01727298b51a9a3aed860067&pos=8a96957d01727298b51a9a3db518006f&cmd=bid&secure=1&gdpr=1
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.128 /
Resource Hash: d55b136537154d380b1ef1a84030659ca31c3c3d9a1c5cc117f1bc7b2ed00c2a

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 12 May 2021 02:08:45 GMT
Server: ATS/7.1.2.128
Age: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://pastebin.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 94 B
754 B 80ms
44ms XHR
application/json 72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.36.0
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: bfcac308cc3e4a544d759201bd23e912598511160323346d334da8af358c8a9e

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 12 May 2021 02:08:45 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://pastebin.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 98

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
369 B 66ms
64ms XHR
text/javascript 65.9.95.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fpastebin.com%2FFMmQ5FdC&pr=https%3A%2F%2Ft.co%2F&pid=jVLFtIbQ28tvR&cb=0&ws=1600x1200&v=7.64.00&t=2000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22Amazon%22%7D%5D&cfgv=0&schain=1.0%2C1!interdogmedia.com%2C4734%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:45 GMT
via: 1.1 79ba346413d83ce62db11c8d0b05c22d.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: PRG50-C1
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://pastebin.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: YbI0daAtaGZsxEbX3MRm-TxFQLGSSFm85BXhYH2SIv7nW6-0D6-8ww==

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 94 B
755 B 63ms
34ms XHR
application/json 72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.36.0
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: 00efe6606a0ee41985783725732340b7b36325d7a834e5ffcfaacb2b4dbe597b

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 12 May 2021 02:08:45 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://pastebin.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 99

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ 95 B
731 B 106ms
67ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2231031aae9168f99%22%3A%22d398e3afd25fd75bf33c%7C160x600%2C120x600%7Cf%3D0.01%22%7D&ref=https%3A%2F%2Fpastebin.com%2FFMmQ5FdC&s=5f8400f7-501a-47a0-a90b-8fe1a5f3c5f5&pv=f252d050-b2f2-41ec-8c2f-5996028d051e&vp=desktop&lib_name=prebid&lib_v=4.36.0&us=0&ius=1&gdpr=true&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22interdogmedia.com%22%2C%22sid%22%3A%224734%22%2C%22hp%22%3A1%7D%5D%7D

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

Software

sonobi-go /

Resource Hash

ae7cf136d0dc05c6fc7ea169d8996fead14008fb949848bc052047f736e97ab0

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 02:08:45 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-132
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://pastebin.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 120
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 145 B
840 B 13ms
13ms XHR
application/json 37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

f81dc67f25ed76938b9e7892875ec6fcff0d00239e7639955958f3817d5bcf86

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 02:08:45 GMT
X-Proxy-Origin: 159.48.53.198; 159.48.53.198; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.150:80
AN-X-Request-Uuid: b541738c-6b20-40ea-a39e-5763fa2d994a
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://pastebin.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
744 B 28ms
13ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96957d01727298b51a9a3aed860067&pos=8a96957d01727298b51a9a3ee5990072&cmd=bid&secure=1&gdpr=1
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.128 /
Resource Hash: 5c69cd1905cfea6e16eea4f1f7c26860cb08301b92250f94cdba3842378ea380

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 12 May 2021 02:08:45 GMT
Server: ATS/7.1.2.128
Age: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://pastebin.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
361 B 240ms
93ms XHR
text/plain 136.144.59.88
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://pastebin.com
date: Wed, 12 May 2021 02:08:44 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 4
vary: origin

POST
H2 204 quantumdex Show response
useast.quantumdex.io/auction/ 0
367 B 238ms
238ms XHR
text/plain 2606:4700:20::ac43:47f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://useast.quantumdex.io/auction/quantumdex
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 12 May 2021 02:08:45 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST, GET
access-control-allow-origin: https://pastebin.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=eYNP4ASAAkVsu7hJGOUVb0o7AQPhhWdZBq98lcz7WZYvC%2FkD0W6BTeY1q16mxFbbPFU46kMyQKS61rLd1Qm7Slb6a9hgYgwhm9Rkpjadnv9s3nvN%2FFWgzja86S9XKIKRZA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 64e019dbd804178a-FRA
cf-request-id: 09ffee7d650000178a2d3a4000000001

POST
H2 200 adreq Show response
ads.servenobid.com/ 301 B
542 B 106ms
77ms XHR
application/json 52.48.100.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servenobid.com/adreq?cb=5310
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.100.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-100-152.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 3bf2cdef54772b1204773e9534ce2ba2cfd29a55f65e10587a590bed98b5ca17

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 12 May 2021 02:08:45 GMT
content-encoding: gzip
amp-access-control-allow-source-origin: *
vary: accept-encoding
content-type: application/json
access-control-allow-origin: https://pastebin.com
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
access-control-allow-credentials: true

GET
H2

200

ROS Show response
ads.us.e-planning.net/hb/1/2c995/1/pastebin.com/
Redirect Chain

https://ads.us.e-planning.net/hb/1/2c995/1/pastebin.com/ROS?rnd=0.36434071773842525&e=160x600_0%3A160x600%2C120x600&ur=https%3A%2F%2Fpastebin.com%2FFMmQ5FdC&r=pbjs&pbv=4.36.0&ncb=1&vs=F&crs=UTF-8&f...
https://ads.us.e-planning.net/hb/1/2c995/1/pastebin.com/ROS?ct=1&rnd=0.36434071773842525&e=160x600_0%3A160x600%2C120x600&ur=https%3A%2F%2Fpastebin.com%2FFMmQ5FdC&r=pbjs&pbv=4.36.0&ncb=1&vs=F&crs=UT...

552 B
965 B

28ms
28ms

XHR
application/json

5.178.65.246
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.us.e-planning.net/hb/1/2c995/1/pastebin.com/ROS?ct=1&rnd=0.36434071773842525&e=160x600_0%3A160x600%2C120x600&ur=https%3A%2F%2Fpastebin.com%2FFMmQ5FdC&r=pbjs&pbv=4.36.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fpastebin.com%2FFMmQ5FdC&gdpr=1&gdprcs=
Requested by: Host: pastebin.com
URL: https://pastebin.com/FMmQ5FdC
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.178.65.246 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: fa6cebd6b2b96b908d1e944b8f2945ee915189d391a877ba9383d7950ae29c3a

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:45 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://pastebin.com
expires: Wed, 12 May 2021 02:08:45 GMT
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 552
x-sid: AMS-602

Redirect headers

date: Wed, 12 May 2021 02:08:45 GMT
server: openresty
access-control-allow-origin: https://pastebin.com
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location: /hb/1/2c995/1/pastebin.com/ROS?ct=1&rnd=0.36434071773842525&e=160x600_0%3A160x600%2C120x600&ur=https%3A%2F%2Fpastebin.com%2FFMmQ5FdC&r=pbjs&pbv=4.36.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fpastebin.com%2FFMmQ5FdC&gdpr=1&gdprcs=
access-control-allow-credentials: true
content-type: text/html; charset=iso-8859-1
x-sid: AMS-602

POST
H/1.1 204 prebid Show response
prebid.ad.smaato.net/oapi/ 0
339 B 105ms
32ms XHR
text/plain 54.216.200.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.ad.smaato.net/oapi/prebid
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.216.200.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-216-200-99.eu-west-1.compute.amazonaws.com
Software: SOMA /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://pastebin.com
Access-Control-Expose-Headers: X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
Access-Control-Allow-Credentials: true
Server: SOMA
Connection: keep-alive
Date: Wed, 12 May 2021 02:08:44 GMT
X-SMT-SessionId: b151eb5f-97d0-4836-b737-6d88b6d86b0b

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
174 B 16ms
14ms XHR
text/plain 185.184.8.30
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.30 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://pastebin.com
date: Wed, 12 May 2021 02:08:45 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 139 B
833 B 13ms
11ms XHR
application/json 37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

7fa97a61477bb7c5d01900b22b096917f029d7e79901a5944ac0f2bd96466494

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 02:08:45 GMT
X-Proxy-Origin: 159.48.53.198; 159.48.53.198; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.88:80
AN-X-Request-Uuid: 7f56c81a-d826-494e-bd50-ac1a5a22126c
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://pastebin.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 139
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
368 B 67ms
67ms XHR
text/javascript 65.9.95.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fpastebin.com%2FFMmQ5FdC&pr=https%3A%2F%2Ft.co%2F&pid=jVLFtIbQ28tvR&cb=1&ws=1600x1200&v=7.64.00&t=2000&slots=%5B%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22Amazon%22%7D%5D&cfgv=0&schain=1.0%2C1!interdogmedia.com%2C4734%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:45 GMT
via: 1.1 79ba346413d83ce62db11c8d0b05c22d.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: PRG50-C1
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://pastebin.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: 1H6l2tGr3MyGZPXeEWFZygmi6hrhxv0j41haVeVHHuvZdFi3BkBJ8g==

GET
H2 200 /
logs.vlitag.com/sub/ 0
301 B 139ms
123ms Image
image/jpeg 2606:4700:20::681a:eee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://logs.vlitag.com/sub/?d=pastebin.com&h=pastebin.com
Requested by: Host: pastebin.com
URL: https://pastebin.com/FMmQ5FdC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:eee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:45 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jLa9EbRR8on8HdU7EP%2Boj9tMomVE4FXDUTB%2Fv9yxNtcmDa4iWdzLcruKz9eyJHnRo54pcW90kXZHnLbKtbOvVY8x3Avk%2FIvNX7pOZUuQHp3ICVprbUonSsUuUVY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
cf-ray: 64e019dc0f172b29-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
cf-request-id: 09ffee7d8400002b292a9c2000000001

GET
H2 200 /
stats.vlitag.com/abd/ 0
289 B 136ms
128ms Image
image/jpeg 2606:4700:20::681a:eee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stats.vlitag.com/abd/?id=adf050ece17b957604b4bbfc1829059f&detect=notfound
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:eee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:45 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=M1xccKgFj%2FOIaSPVYv6WObCIH%2FuyTye6BkgEtXVsADQ%2B8tDhTbfzk1DhaYF92ARKWcwjdzezDbJcfVKC7%2F9c5KVbCxFwJytIPPdOWhvn3sN3GwNtJgNTGANtRe6L"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: no-cache, no-store, must-revalidate
cf-ray: 64e019de29bd2b29-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
cf-request-id: 09ffee7ee600002b2972971000000001

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
799 B 37ms
15ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=pastebin.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 12 May 2021 02:08:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
553 B 40ms
14ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=pastebin.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 12 May 2021 02:08:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 10 KB
5 KB 137ms
122ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4441367774568930&correlator=1078872673701408&output=ldjh&impl=fifs&eid=31061018%2C21068031%2C44740387&vrg=2021050601&ptt=17&gdpr=1&sc=1&sfv=1-0-38&ecs=20210512&iu_parts=307492156%2C12825_Pastebin.com%2C12825_Pastebin.com_2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C160x600%7C120x600&fluid=height&prev_scp=vli_adslot%3D50008%26vli_adtype%3Ddisplay%26hb_width%3D160%26hb_height%3D600%26vli_sf%3D0%26hb_pb%3D0.00%26hb_adid%3DcustomAd_63efa928-5c94-498e-b612-dbe00eddb3c6&eri=1&cust_params=hb_domain%3Dpastebin.com&cookie_enabled=1&bc=31&abxe=1&lmt=1620785326&dt=1620785326226&dlt=1620785324263&idt=1206&frm=20&biw=1600&bih=1200&oid=3&adxs=1229&adys=439&adks=3116884977&ucis=1&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fpastebin.com%2FFMmQ5FdC&ref=https%3A%2F%2Ft.co%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=160x0&msz=160x0&ga_vid=861194447.1620785325&ga_sid=1620785326&ga_hid=1797356772&ga_fc=false&fws=512&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050601.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c2d113a078956cd704ffd839ec0a41a59c945be47acffde13c9065b718f2ae19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4676
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pastebin.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
18f34aadf5b5bb994b05cb8f6a4026b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 0
0 48ms
13ms Other
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://18f34aadf5b5bb994b05cb8f6a4026b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050601.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ 0
0 30ms
6ms Other
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050601.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 30ms
15ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=pastebin.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050601.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 12 May 2021 02:08:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 28ms
14ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=pastebin.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050601.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 12 May 2021 02:08:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 10 KB
4 KB 129ms
129ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4441367774568930&correlator=2504074011235955&output=ldjh&impl=fifs&eid=31061018%2C21068031%2C44740387&vrg=2021050601&ptt=17&gdpr=1&sc=1&sfv=1-0-38&ecs=20210512&iu_parts=307492156%2C12825_Pastebin.com%2C12825_Pastebin.com_1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C728x90%7C970x250%7C970x90%7C468x60%7C970x66%7C930x180%7C950x90%7C960x90%7C750x100&fluid=height&prev_scp=vli_adslot%3D50010%26vli_adtype%3Ddisplay%26hb_width%3D970%26hb_height%3D250%26vli_sf%3D1%26hb_bidder%3Dnobid%26hb_adid%3D51e50ca29d0abb6%26hb_pb%3D0.01%26hb_size%3D728x90%26hb_source%3Dclient%26hb_format%3Dbanner%26hb_domain%3Dpastebin.com&eri=1&cust_params=hb_domain%3Dpastebin.com&cookie_enabled=1&bc=31&abxe=1&lmt=1620785326&dt=1620785326312&dlt=1620785324263&idt=1206&frm=20&biw=1600&bih=1200&oid=3&adxs=225&adys=58&adks=2121424616&ucis=2&ifi=2&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fpastebin.com%2FFMmQ5FdC&ref=https%3A%2F%2Ft.co%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x0&msz=970x0&ga_vid=861194447.1620785325&ga_sid=1620785326&ga_hid=1797356772&ga_fc=false&fws=4&ohw=998&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050601.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3d86b9d71d5b5a4ad7b5ae6dbc405e0d0e91676a6cff5a73ff1ecd4122f5ee25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4568
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pastebin.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 container.html Show response
18f34aadf5b5bb994b05cb8f6a4026b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6506 6 KB
3 KB 20ms
6ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://18f34aadf5b5bb994b05cb8f6a4026b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050601.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 18f34aadf5b5bb994b05cb8f6a4026b6.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://pastebin.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://pastebin.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Wed, 12 May 2021 02:08:46 GMT
expires: Thu, 12 May 2022 02:08:46 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 29ms
16ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050601.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ef9a18aef9847638b3b4344a0b2ebed14e84fb0aeb8ce29292af06826a2580a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620696588139699"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28014
x-xss-protection: 0
expires: Wed, 12 May 2021 02:08:46 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
8 KB 39ms
19ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021050601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04410f7285bf09b04dab9746d0ba4606ee579da0766f98e5dc1fe2a4e230c8c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 12 May 2021 02:08:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7576
x-xss-protection: 0

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 6506 0
0 43ms
42ms Fetch
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=COOQLrjibYP_OEJLsgAeVpp3AA-b-o_dcjsqU12nAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItOTAzNTA4Nzc5MjY5Mjc3NcgBCakCNPy-p7hhtD7gAgCoAwGqBOsBT9Aj_FO6rx--Wd6-wKVk_QHgWb6qNw-m3Y9iZ7EA04uVwt27R-QzLbxpB63MD2RPYTc-k04BAwIPfbNRmXqu7W1KZlUkZ_zYMDQc8DMqxfp4TaXeULl01CtI7bRjz7c5lgYUgDwgIe2GKva8zgpqu0-mTd53Ntzf7HhxtZPmiJUlwBJovEv9CJu7gCWuK6Cx7-fCVe9_luJ4SriHZaTH14pONzplNukyVklZJWA73sEQqc1iZ3AEKCKtitMUlsp48arXv7gY_7OGDGQL59qa1ucBIlft9RKeLr84356EEtasRHYBHQsXCatgMOAEAYAG17OK4pyg7Y0RoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YBQEAHyCBthZHgtc3Vic3luLTc5MDQ5MDE4Njk5Nzc3NjWACgP6CwIIAYAMAdAVAYAXAbIXGAoWEhRwdWItOTAzNTA4Nzc5MjY5Mjc3NQ&sigh=7DFsvclHKAo
Requested by: Host: t.co
URL: https://t.co/9Vk8hb9h3x
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://18f34aadf5b5bb994b05cb8f6a4026b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 200 Cookie set ShowAd Show response
brain.rvty.net/RTB/ Frame 1CE4 2 KB
2 KB 37ms
12ms Document
text/html 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=120&adFormat=2&adslotId=&siteId=94859637&bannerId=146056&e=3&p=YJs4rgAEJ38K4DYSAAdTFcRAC8iMWRdRf38m4A&penc=&bp=38462&a=609b38ae-0004-d37e-0a77-8b197d07aa5e&n=1&geo=412122&rawURL=https%3A%2F%2Fpastebin.com%2FFMmQ5FdC&rawReferrerURL=&uid=ff60c67f-6142-4e7a-bd36-bbce98a85107&euid=&encn=N4IgXglgDiBcIgDQgMYHsCuA7ALgJwE84QARAUSRAEMc4BGZAGywHM4BOAOjoA4BmPshQQcReJQDOOGgFNiAISoATGVgC0AdQA-eHDhkBbAEYy8bJjTgAWHpwDsANgd2AvkA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCU9iKrjibYP_OEJLsgAeVpp3AA-b-o_dcjsqU12nAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItOTAzNTA4Nzc5MjY5Mjc3NcgBCakCNPy-p7hhtD7gAgCoAwGqBO4BT9Aj_FO6rx--Wd6-wKVk_QHgWb6qNw-m3Y9iZ7EA04uVwt27R-QzLbxpB63MD2RPYTc-k04BAwIPfbNRmXqu7W1KZlUkZ_zYMDQc8DMqxfp4TaXeULl01CtI7bRjz7c5lgYUgDwgIe2GKva8zgpqu0-mTd53Ntzf7HhxtZPmiJUlwBJovEv9CJu7gCWuK6Cx7-fCVe9_luJ4SriHZaTH14pONzplNukyVklZJWA73sEQqc1iZ3AEKCKtitMUlsp48arXv7gY_7OGDGQL59qa1ucBIlft9RKeLv060gwO8xCUuLBIltU5hl0aJCVP_uAEAYAG17OK4pyg7Y0RoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YBQEAHyCBthZHgtc3Vic3luLTc5MDQ5MDE4Njk5Nzc3NjX6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3lzqnVtqCuWcGpLDYdHBKEWxCwoA%26client%3Dca-pub-9035087792692775%26adurl%3D&gdpr=1&gdpr_consent=
Requested by: Host: 18f34aadf5b5bb994b05cb8f6a4026b6.safeframe.googlesyndication.com
URL: https://18f34aadf5b5bb994b05cb8f6a4026b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: 9a4501a2c284aa91185245a19981c7b68ba3c538a06eaa018a03ce6248a3a9c5

Request headers

Host: brain.rvty.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://18f34aadf5b5bb994b05cb8f6a4026b6.safeframe.googlesyndication.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://18f34aadf5b5bb994b05cb8f6a4026b6.safeframe.googlesyndication.com/

Response headers

Server: nginx/1.13.4
Date: Wed, 12 May 2021 02:08:46 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: RTBUserId=ff60c67f-6142-4e7a-bd36-bbce98a85107; path=/; SameSite=None; secure; Expires=Thu, 12 May 2022 04:08:46 CEST RTBUserId-Old=ff60c67f-6142-4e7a-bd36-bbce98a85107; path=/; secure; Expires=Thu, 12 May 2022 04:08:46 CEST RTBUserId-Plain=ff60c67f-6142-4e7a-bd36-bbce98a85107; path=/; Expires=Thu, 12 May 2022 04:08:46 CEST
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Encoding: gzip

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210510/r20110914/client/ Frame 6506 2 KB
1 KB 23ms
8ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210510/r20110914/client/window_focus_fy2019.js

Requested by

Host: 18f34aadf5b5bb994b05cb8f6a4026b6.safeframe.googlesyndication.com
URL: https://18f34aadf5b5bb994b05cb8f6a4026b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://18f34aadf5b5bb994b05cb8f6a4026b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 01:12:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3378
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 May 2021 01:12:28 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6506 116 KB
35 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 18f34aadf5b5bb994b05cb8f6a4026b6.safeframe.googlesyndication.com
URL: https://18f34aadf5b5bb994b05cb8f6a4026b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e3de2e14d9c8708fe42cbb220f1c4d52b720493b1503aa266fac9361b64ac31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://18f34aadf5b5bb994b05cb8f6a4026b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620696594685118"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36097
x-xss-protection: 0
expires: Wed, 12 May 2021 02:08:46 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210510/r20110914/client/ Frame 6506 13 KB
6 KB 23ms
8ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210510/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 18f34aadf5b5bb994b05cb8f6a4026b6.safeframe.googlesyndication.com
URL: https://18f34aadf5b5bb994b05cb8f6a4026b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://18f34aadf5b5bb994b05cb8f6a4026b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 01:27:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2468
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5621
x-xss-protection: 0
server: cafe
etag: 8169261014141303515
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 May 2021 01:27:38 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 6506 0
0 38ms
13ms Image
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTuhPksN7aA8smCWIs67arCdu6fyJ5ivlpnm6fWc-BZ0Is8qG9RLc6FzktCX6qOKCj_gjHi
Requested by: Host: 18f34aadf5b5bb994b05cb8f6a4026b6.safeframe.googlesyndication.com
URL: https://18f34aadf5b5bb994b05cb8f6a4026b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://18f34aadf5b5bb994b05cb8f6a4026b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 6506 22 KB
7 KB 21ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 18f34aadf5b5bb994b05cb8f6a4026b6.safeframe.googlesyndication.com
URL: https://18f34aadf5b5bb994b05cb8f6a4026b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://18f34aadf5b5bb994b05cb8f6a4026b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 09:30:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59890
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 May 2022 09:30:36 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050601.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Wed, 12 May 2021 02:08:46 GMT

GET
H3-29 200 container.html Show response
18f34aadf5b5bb994b05cb8f6a4026b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 62FB 6 KB
3 KB 8ms
6ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://18f34aadf5b5bb994b05cb8f6a4026b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050601.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 18f34aadf5b5bb994b05cb8f6a4026b6.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://pastebin.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://pastebin.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Wed, 12 May 2021 02:08:46 GMT
expires: Thu, 12 May 2022 02:08:46 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 3ADB 12 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://pastebin.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://pastebin.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Tue, 11 May 2021 21:18:12 GMT
expires: Wed, 11 May 2022 21:18:12 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 17434
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 6506 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7eb6694a1b92dea23107429c76ada074cae954ddc68e21c6ba9eb3755279f827

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK ads_view.js Show response
cdn.rvty.net/view/ Frame 1CE4 3 KB
4 KB 35ms
12ms Script
application/javascript 89.163.211.242
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rvty.net/view/ads_view.js
Requested by: Host: brain.rvty.net
URL: https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=120&adFormat=2&adslotId=&siteId=94859637&bannerId=146056&e=3&p=YJs4rgAEJ38K4DYSAAdTFcRAC8iMWRdRf38m4A&penc=&bp=38462&a=609b38ae-0004-d37e-0a77-8b197d07aa5e&n=1&geo=412122&rawURL=https%3A%2F%2Fpastebin.com%2FFMmQ5FdC&rawReferrerURL=&uid=ff60c67f-6142-4e7a-bd36-bbce98a85107&euid=&encn=N4IgXglgDiBcIgDQgMYHsCuA7ALgJwE84QARAUSRAEMc4BGZAGywHM4BOAOjoA4BmPshQQcReJQDOOGgFNiAISoATGVgC0AdQA-eHDhkBbAEYy8bJjTgAWHpwDsANgd2AvkA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCU9iKrjibYP_OEJLsgAeVpp3AA-b-o_dcjsqU12nAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItOTAzNTA4Nzc5MjY5Mjc3NcgBCakCNPy-p7hhtD7gAgCoAwGqBO4BT9Aj_FO6rx--Wd6-wKVk_QHgWb6qNw-m3Y9iZ7EA04uVwt27R-QzLbxpB63MD2RPYTc-k04BAwIPfbNRmXqu7W1KZlUkZ_zYMDQc8DMqxfp4TaXeULl01CtI7bRjz7c5lgYUgDwgIe2GKva8zgpqu0-mTd53Ntzf7HhxtZPmiJUlwBJovEv9CJu7gCWuK6Cx7-fCVe9_luJ4SriHZaTH14pONzplNukyVklZJWA73sEQqc1iZ3AEKCKtitMUlsp48arXv7gY_7OGDGQL59qa1ucBIlft9RKeLv060gwO8xCUuLBIltU5hl0aJCVP_uAEAYAG17OK4pyg7Y0RoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YBQEAHyCBthZHgtc3Vic3luLTc5MDQ5MDE4Njk5Nzc3NjX6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3lzqnVtqCuWcGpLDYdHBKEWxCwoA%26client%3Dca-pub-9035087792692775%26adurl%3D&gdpr=1&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.242 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: 00bb2f69ab06efff6555f6ccae10902e87bb6aea861e83de082a45a07e525054

Request headers

Referer: https://brain.rvty.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 02:08:46 GMT
Last-Modified: Fri, 20 Dec 2019 09:27:25 GMT
Server: nginx/1.13.4
ETag: "5dfc93fd-d40"
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3392

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 62FB 0
0 42ms
42ms Fetch
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CmGmArjibYN6PFYX1-gb035qYD-b-o_dc7ousiF_AjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItOTAzNTA4Nzc5MjY5Mjc3NcgBCakCKsu9ywlitD7gAgCoAwGqBOsBT9ADU5AzNthOvMw2Es3jpsFQD0-wJZtsjm-Qk_Kunn48mjdnagmYB7DCC7Vcm9E79n2hk7NzlwRLyesKzpaMt6GcYZnkVgVPknUl7_EvIza6oPlPs1IrjmoSAvDWvqEfHC1oPsQEwFNGrsKUvUVHEIUnwPI7SwV5wBA7YbNm46prx-jTXVb2WL_cOlnns4jLFEVQx14uACX1tC_tNSVZmcbf7jKFjYB_zrN8HoVnrT4IvXvDWviaOdShhhHHBfaSDSG8S9V6zAiShG2C9kKspybNESyWCyCMyOd02SmEn1rA5q7zgjBTLPm6mOAEAYAGnPah-N7y5czxAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIiOGAEBAB8ggbYWR4LXN1YnN5bi03OTA0OTAxODY5OTc3NzY1gAoD-gsCCAGADAHQFQGAFwGyFxgKFhIUcHViLTkwMzUwODc3OTI2OTI3NzU&sigh=Zo-gfuhsx74
Requested by: Host: t.co
URL: https://t.co/9Vk8hb9h3x
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://18f34aadf5b5bb994b05cb8f6a4026b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 200 Cookie set ShowAd Show response
brain.rvty.net/RTB/ Frame 5942 2 KB
2 KB 13ms
12ms Document
text/html 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/ShowAd?adHeight=90&adWidth=728&adFormat=4&adslotId=&siteId=94859637&bannerId=146072&e=3&p=YJs4rgAFR94K3rqFAAav9FkYZQcYFJ5HEd1p1w&penc=&bp=38462&a=609b38ae-0005-e22b-0ae0-25ca59038aa8&n=1&geo=412122&rawURL=https%3A%2F%2Fpastebin.com%2FFMmQ5FdC&rawReferrerURL=&uid=ff60c67f-6142-4e7a-bd36-bbce98a85107&euid=&encn=N4IgXglgDiBcIgDQgMYHsCuA7ALgJwE84QARAUSRAEMc4BGZAGywHM4BOAOjoA4BmPshQQcReJQDOOGgFNiAISoATGVgC0AdQA-eHDhkBbAEYy8bJjTgAWHpwDsANgd2AvkA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJUROrjibYN6PFYX1-gb035qYD-b-o_dc7ousiF_AjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItOTAzNTA4Nzc5MjY5Mjc3NcgBCakCKsu9ywlitD7gAgCoAwGqBO4BT9ADU5AzNthOvMw2Es3jpsFQD0-wJZtsjm-Qk_Kunn48mjdnagmYB7DCC7Vcm9E79n2hk7NzlwRLyesKzpaMt6GcYZnkVgVPknUl7_EvIza6oPlPs1IrjmoSAvDWvqEfHC1oPsQEwFNGrsKUvUVHEIUnwPI7SwV5wBA7YbNm46prx-jTXVb2WL_cOlnns4jLFEVQx14uACX1tC_tNSVZmcbf7jKFjYB_zrN8HoVnrT4IvXvDWviaOdShhhHHBfaSDSG8S9V6zAiShG2C9kKspybNESyWCyCMyKV21LsOfpz4Gmi6Ce59ow_AjHR7_-AEAYAGnPah-N7y5czxAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIiOGAEBAB8ggbYWR4LXN1YnN5bi03OTA0OTAxODY5OTc3NzY1-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_021CBPoQadwF5MZZcOsjeb7Vf6jQ%26client%3Dca-pub-9035087792692775%26adurl%3D&gdpr=1&gdpr_consent=
Requested by: Host: 18f34aadf5b5bb994b05cb8f6a4026b6.safeframe.googlesyndication.com
URL: https://18f34aadf5b5bb994b05cb8f6a4026b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: 4970df27e4c5b1d6a51953ab17859881564ef3cd84fce557096b9295db0e7e01

Request headers

Host: brain.rvty.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://18f34aadf5b5bb994b05cb8f6a4026b6.safeframe.googlesyndication.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: RTBUserId=ff60c67f-6142-4e7a-bd36-bbce98a85107
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://18f34aadf5b5bb994b05cb8f6a4026b6.safeframe.googlesyndication.com/

Response headers

Server: nginx/1.13.4
Date: Wed, 12 May 2021 02:08:46 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: RTBUserId=ff60c67f-6142-4e7a-bd36-bbce98a85107; path=/; SameSite=None; secure; Expires=Thu, 12 May 2022 04:08:46 CEST RTBUserId-Old=ff60c67f-6142-4e7a-bd36-bbce98a85107; path=/; secure; Expires=Thu, 12 May 2022 04:08:46 CEST RTBUserId-Plain=ff60c67f-6142-4e7a-bd36-bbce98a85107; path=/; Expires=Thu, 12 May 2022 04:08:46 CEST
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Encoding: gzip

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210510/r20110914/client/ Frame 62FB 2 KB
1 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210510/r20110914/client/window_focus_fy2019.js

Requested by

Host: 18f34aadf5b5bb994b05cb8f6a4026b6.safeframe.googlesyndication.com
URL: https://18f34aadf5b5bb994b05cb8f6a4026b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://18f34aadf5b5bb994b05cb8f6a4026b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 01:12:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3378
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 May 2021 01:12:28 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 62FB 116 KB
35 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 18f34aadf5b5bb994b05cb8f6a4026b6.safeframe.googlesyndication.com
URL: https://18f34aadf5b5bb994b05cb8f6a4026b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e3de2e14d9c8708fe42cbb220f1c4d52b720493b1503aa266fac9361b64ac31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://18f34aadf5b5bb994b05cb8f6a4026b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620696594685118"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36097
x-xss-protection: 0
expires: Wed, 12 May 2021 02:08:46 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210510/r20110914/client/ Frame 62FB 13 KB
6 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210510/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 18f34aadf5b5bb994b05cb8f6a4026b6.safeframe.googlesyndication.com
URL: https://18f34aadf5b5bb994b05cb8f6a4026b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://18f34aadf5b5bb994b05cb8f6a4026b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 01:27:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2468
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5621
x-xss-protection: 0
server: cafe
etag: 8169261014141303515
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 May 2021 01:27:38 GMT

GET
H3-29 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 62FB 22 KB
7 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 18f34aadf5b5bb994b05cb8f6a4026b6.safeframe.googlesyndication.com
URL: https://18f34aadf5b5bb994b05cb8f6a4026b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://18f34aadf5b5bb994b05cb8f6a4026b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 09:30:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59890
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 May 2022 09:30:36 GMT

GET
H3-29 200 TMm5Vd8VytjbCcmIcJumdaM-J7Gy9TN2HX45D5FEMFw.js Show response
pagead2.googlesyndication.com/bg/ Frame 3ADB 14 KB
6 KB 20ms
6ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/TMm5Vd8VytjbCcmIcJumdaM-J7Gy9TN2HX45D5FEMFw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4cc9b955df15cad8db09c988709ba675a33e27b1b2f533761d7e390f9144305c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 06:45:02 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 06 May 2021 09:28:00 GMT
server: sffe
age: 69824
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5679
x-xss-protection: 0
expires: Wed, 11 May 2022 06:45:02 GMT

GET
H/1.1 200
OK ads_view.js Show response
cdn.rvty.net/view/ Frame 5942 3 KB
4 KB 15ms
10ms Script
application/javascript 89.163.211.242
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rvty.net/view/ads_view.js
Requested by: Host: brain.rvty.net
URL: https://brain.rvty.net/RTB/ShowAd?adHeight=90&adWidth=728&adFormat=4&adslotId=&siteId=94859637&bannerId=146072&e=3&p=YJs4rgAFR94K3rqFAAav9FkYZQcYFJ5HEd1p1w&penc=&bp=38462&a=609b38ae-0005-e22b-0ae0-25ca59038aa8&n=1&geo=412122&rawURL=https%3A%2F%2Fpastebin.com%2FFMmQ5FdC&rawReferrerURL=&uid=ff60c67f-6142-4e7a-bd36-bbce98a85107&euid=&encn=N4IgXglgDiBcIgDQgMYHsCuA7ALgJwE84QARAUSRAEMc4BGZAGywHM4BOAOjoA4BmPshQQcReJQDOOGgFNiAISoATGVgC0AdQA-eHDhkBbAEYy8bJjTgAWHpwDsANgd2AvkA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJUROrjibYN6PFYX1-gb035qYD-b-o_dc7ousiF_AjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItOTAzNTA4Nzc5MjY5Mjc3NcgBCakCKsu9ywlitD7gAgCoAwGqBO4BT9ADU5AzNthOvMw2Es3jpsFQD0-wJZtsjm-Qk_Kunn48mjdnagmYB7DCC7Vcm9E79n2hk7NzlwRLyesKzpaMt6GcYZnkVgVPknUl7_EvIza6oPlPs1IrjmoSAvDWvqEfHC1oPsQEwFNGrsKUvUVHEIUnwPI7SwV5wBA7YbNm46prx-jTXVb2WL_cOlnns4jLFEVQx14uACX1tC_tNSVZmcbf7jKFjYB_zrN8HoVnrT4IvXvDWviaOdShhhHHBfaSDSG8S9V6zAiShG2C9kKspybNESyWCyCMyKV21LsOfpz4Gmi6Ce59ow_AjHR7_-AEAYAGnPah-N7y5czxAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIiOGAEBAB8ggbYWR4LXN1YnN5bi03OTA0OTAxODY5OTc3NzY1-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_021CBPoQadwF5MZZcOsjeb7Vf6jQ%26client%3Dca-pub-9035087792692775%26adurl%3D&gdpr=1&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.242 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: 00bb2f69ab06efff6555f6ccae10902e87bb6aea861e83de082a45a07e525054

Request headers

Referer: https://brain.rvty.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 02:08:46 GMT
Last-Modified: Fri, 20 Dec 2019 09:27:25 GMT
Server: nginx/1.13.4
ETag: "5dfc93fd-d40"
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3392

GET
H/1.1 200
OK w7xcjkjo73jw Show response
ad.ad-srv.net/zone/ Frame 1CE4 11 KB
4 KB 40ms
12ms Script
text/html 46.4.10.47
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.ad-srv.net/zone/w7xcjkjo73jw?subid=&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&redirectClick=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCU9iKrjibYP_OEJLsgAeVpp3AA-b-o_dcjsqU12nAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItOTAzNTA4Nzc5MjY5Mjc3NcgBCakCNPy-p7hhtD7gAgCoAwGqBO4BT9Aj_FO6rx--Wd6-wKVk_QHgWb6qNw-m3Y9iZ7EA04uVwt27R-QzLbxpB63MD2RPYTc-k04BAwIPfbNRmXqu7W1KZlUkZ_zYMDQc8DMqxfp4TaXeULl01CtI7bRjz7c5lgYUgDwgIe2GKva8zgpqu0-mTd53Ntzf7HhxtZPmiJUlwBJovEv9CJu7gCWuK6Cx7-fCVe9_luJ4SriHZaTH14pONzplNukyVklZJWA73sEQqc1iZ3AEKCKtitMUlsp48arXv7gY_7OGDGQL59qa1ucBIlft9RKeLv060gwO8xCUuLBIltU5hl0aJCVP_uAEAYAG17OK4pyg7Y0RoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YBQEAHyCBthZHgtc3Vic3luLTc5MDQ5MDE4Njk5Nzc3NjX6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3lzqnVtqCuWcGpLDYdHBKEWxCwoA%26client%3Dca-pub-9035087792692775%26adurl%3Dhttp%253A%252F%252Fbrain.rvty.net%252FRTB%252FClick%253Fx%253DEASY-X-COORDINATE%2526y%253DEASY-Y-COORDINATE%2526s%253D94859637%2526a%253D146056%2526t%253D1620785326439%2526l%253D412122%2526p%253D3%2526appid%253D%2526aa%253D609b38ae-0004-d37e-0a77-8b197d07aa5e%2526gdpr%253D1%2526gdpr_consent%253D%2526dest%253D
Requested by: Host: brain.rvty.net
URL: https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=120&adFormat=2&adslotId=&siteId=94859637&bannerId=146056&e=3&p=YJs4rgAEJ38K4DYSAAdTFcRAC8iMWRdRf38m4A&penc=&bp=38462&a=609b38ae-0004-d37e-0a77-8b197d07aa5e&n=1&geo=412122&rawURL=https%3A%2F%2Fpastebin.com%2FFMmQ5FdC&rawReferrerURL=&uid=ff60c67f-6142-4e7a-bd36-bbce98a85107&euid=&encn=N4IgXglgDiBcIgDQgMYHsCuA7ALgJwE84QARAUSRAEMc4BGZAGywHM4BOAOjoA4BmPshQQcReJQDOOGgFNiAISoATGVgC0AdQA-eHDhkBbAEYy8bJjTgAWHpwDsANgd2AvkA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCU9iKrjibYP_OEJLsgAeVpp3AA-b-o_dcjsqU12nAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItOTAzNTA4Nzc5MjY5Mjc3NcgBCakCNPy-p7hhtD7gAgCoAwGqBO4BT9Aj_FO6rx--Wd6-wKVk_QHgWb6qNw-m3Y9iZ7EA04uVwt27R-QzLbxpB63MD2RPYTc-k04BAwIPfbNRmXqu7W1KZlUkZ_zYMDQc8DMqxfp4TaXeULl01CtI7bRjz7c5lgYUgDwgIe2GKva8zgpqu0-mTd53Ntzf7HhxtZPmiJUlwBJovEv9CJu7gCWuK6Cx7-fCVe9_luJ4SriHZaTH14pONzplNukyVklZJWA73sEQqc1iZ3AEKCKtitMUlsp48arXv7gY_7OGDGQL59qa1ucBIlft9RKeLv060gwO8xCUuLBIltU5hl0aJCVP_uAEAYAG17OK4pyg7Y0RoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YBQEAHyCBthZHgtc3Vic3luLTc5MDQ5MDE4Njk5Nzc3NjX6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3lzqnVtqCuWcGpLDYdHBKEWxCwoA%26client%3Dca-pub-9035087792692775%26adurl%3D&gdpr=1&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 0c8ce257512560d957555fce841fc64437094bb244e4f5b3aab05fda78872c03

Request headers

Referer: https://brain.rvty.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 02:08:46 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3500
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK 8e93336o9ddx Show response
ad.ad-srv.net/zone/ Frame 5942 11 KB
4 KB 34ms
12ms Script
text/html 46.4.10.47
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.ad-srv.net/zone/8e93336o9ddx?subid=&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&redirectClick=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCJUROrjibYN6PFYX1-gb035qYD-b-o_dc7ousiF_AjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItOTAzNTA4Nzc5MjY5Mjc3NcgBCakCKsu9ywlitD7gAgCoAwGqBO4BT9ADU5AzNthOvMw2Es3jpsFQD0-wJZtsjm-Qk_Kunn48mjdnagmYB7DCC7Vcm9E79n2hk7NzlwRLyesKzpaMt6GcYZnkVgVPknUl7_EvIza6oPlPs1IrjmoSAvDWvqEfHC1oPsQEwFNGrsKUvUVHEIUnwPI7SwV5wBA7YbNm46prx-jTXVb2WL_cOlnns4jLFEVQx14uACX1tC_tNSVZmcbf7jKFjYB_zrN8HoVnrT4IvXvDWviaOdShhhHHBfaSDSG8S9V6zAiShG2C9kKspybNESyWCyCMyKV21LsOfpz4Gmi6Ce59ow_AjHR7_-AEAYAGnPah-N7y5czxAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIiOGAEBAB8ggbYWR4LXN1YnN5bi03OTA0OTAxODY5OTc3NzY1-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_021CBPoQadwF5MZZcOsjeb7Vf6jQ%26client%3Dca-pub-9035087792692775%26adurl%3Dhttp%253A%252F%252Fbrain.rvty.net%252FRTB%252FClick%253Fx%253DEASY-X-COORDINATE%2526y%253DEASY-Y-COORDINATE%2526s%253D94859637%2526a%253D146072%2526t%253D1620785326638%2526l%253D412122%2526p%253D3%2526appid%253D%2526aa%253D609b38ae-0005-e22b-0ae0-25ca59038aa8%2526gdpr%253D1%2526gdpr_consent%253D%2526dest%253D
Requested by: Host: brain.rvty.net
URL: https://brain.rvty.net/RTB/ShowAd?adHeight=90&adWidth=728&adFormat=4&adslotId=&siteId=94859637&bannerId=146072&e=3&p=YJs4rgAFR94K3rqFAAav9FkYZQcYFJ5HEd1p1w&penc=&bp=38462&a=609b38ae-0005-e22b-0ae0-25ca59038aa8&n=1&geo=412122&rawURL=https%3A%2F%2Fpastebin.com%2FFMmQ5FdC&rawReferrerURL=&uid=ff60c67f-6142-4e7a-bd36-bbce98a85107&euid=&encn=N4IgXglgDiBcIgDQgMYHsCuA7ALgJwE84QARAUSRAEMc4BGZAGywHM4BOAOjoA4BmPshQQcReJQDOOGgFNiAISoATGVgC0AdQA-eHDhkBbAEYy8bJjTgAWHpwDsANgd2AvkA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJUROrjibYN6PFYX1-gb035qYD-b-o_dc7ousiF_AjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItOTAzNTA4Nzc5MjY5Mjc3NcgBCakCKsu9ywlitD7gAgCoAwGqBO4BT9ADU5AzNthOvMw2Es3jpsFQD0-wJZtsjm-Qk_Kunn48mjdnagmYB7DCC7Vcm9E79n2hk7NzlwRLyesKzpaMt6GcYZnkVgVPknUl7_EvIza6oPlPs1IrjmoSAvDWvqEfHC1oPsQEwFNGrsKUvUVHEIUnwPI7SwV5wBA7YbNm46prx-jTXVb2WL_cOlnns4jLFEVQx14uACX1tC_tNSVZmcbf7jKFjYB_zrN8HoVnrT4IvXvDWviaOdShhhHHBfaSDSG8S9V6zAiShG2C9kKspybNESyWCyCMyKV21LsOfpz4Gmi6Ce59ow_AjHR7_-AEAYAGnPah-N7y5czxAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIiOGAEBAB8ggbYWR4LXN1YnN5bi03OTA0OTAxODY5OTc3NzY1-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_021CBPoQadwF5MZZcOsjeb7Vf6jQ%26client%3Dca-pub-9035087792692775%26adurl%3D&gdpr=1&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 3f78cd61d380c2d6ba5ea4ff14f0cabae4c618e01496bc9963e2e30900bd57d8

Request headers

Referer: https://brain.rvty.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 02:08:46 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3501
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame 62FB 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 96c1f038bf47b3a935ec61ce40e0d7a4be53dcc46b8d995c7710ead6336c68db

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1

200
OK

request.php Show response
ad4.ad-srv.net/ Frame 1CE4
Redirect Chain

https://ad4.ad-srv.net/request.php?zone=w7xcjkjo73jw&nw=14&renderingType=javascript&namespace=82d69d976c&subid=&uid=314b4bce2ab31181&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=120x60...
https://ad4.ad-srv.net/request.php?zone=w7xcjkjo73jw&nw=14&renderingType=javascript&namespace=82d69d976c&subid=&uid=314b4bce2ab31181&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=120x60...

0
548 B

58ms
36ms

Script
application/x-javascript

138.201.63.116
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4.ad-srv.net/request.php?zone=w7xcjkjo73jw&nw=14&renderingType=javascript&namespace=82d69d976c&subid=&uid=314b4bce2ab31181&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=120x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=ANIM_AFTER_30S%3A0&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCU9iKrjibYP_OEJLsgAeVpp3AA-b-o_dcjsqU12nAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItOTAzNTA4Nzc5MjY5Mjc3NcgBCakCNPy-p7hhtD7gAgCoAwGqBO4BT9Aj_FO6rx--Wd6-wKVk_QHgWb6qNw-m3Y9iZ7EA04uVwt27R-QzLbxpB63MD2RPYTc-k04BAwIPfbNRmXqu7W1KZlUkZ_zYMDQc8DMqxfp4TaXeULl01CtI7bRjz7c5lgYUgDwgIe2GKva8zgpqu0-mTd53Ntzf7HhxtZPmiJUlwBJovEv9CJu7gCWuK6Cx7-fCVe9_luJ4SriHZaTH14pONzplNukyVklZJWA73sEQqc1iZ3AEKCKtitMUlsp48arXv7gY_7OGDGQL59qa1ucBIlft9RKeLv060gwO8xCUuLBIltU5hl0aJCVP_uAEAYAG17OK4pyg7Y0RoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YBQEAHyCBthZHgtc3Vic3luLTc5MDQ5MDE4Njk5Nzc3NjX6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3lzqnVtqCuWcGpLDYdHBKEWxCwoA%26client%3Dca-pub-9035087792692775%26adurl%3Dhttp%253A%252F%252Fbrain.rvty.net%252FRTB%252FClick%253Fx%253DEASY-X-COORDINATE%2526y%253DEASY-Y-COORDINATE%2526s%253D94859637%2526a%253D146056%2526t%253D1620785326439%2526l%253D412122%2526p%253D3%2526appid%253D%2526aa%253D609b38ae-0004-d37e-0a77-8b197d07aa5e%2526gdpr%253D1%2526gdpr_consent%253D%2526dest%253D&documentReferer=https%3A%2F%2F18f34aadf5b5bb994b05cb8f6a4026b6.safeframe.googlesyndication.com%2F&ancestorOrigins=https%3A%2F%2F18f34aadf5b5bb994b05cb8f6a4026b6.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fpastebin.com&random=1698255187724&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: brain.rvty.net
URL: https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=120&adFormat=2&adslotId=&siteId=94859637&bannerId=146056&e=3&p=YJs4rgAEJ38K4DYSAAdTFcRAC8iMWRdRf38m4A&penc=&bp=38462&a=609b38ae-0004-d37e-0a77-8b197d07aa5e&n=1&geo=412122&rawURL=https%3A%2F%2Fpastebin.com%2FFMmQ5FdC&rawReferrerURL=&uid=ff60c67f-6142-4e7a-bd36-bbce98a85107&euid=&encn=N4IgXglgDiBcIgDQgMYHsCuA7ALgJwE84QARAUSRAEMc4BGZAGywHM4BOAOjoA4BmPshQQcReJQDOOGgFNiAISoATGVgC0AdQA-eHDhkBbAEYy8bJjTgAWHpwDsANgd2AvkA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCU9iKrjibYP_OEJLsgAeVpp3AA-b-o_dcjsqU12nAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItOTAzNTA4Nzc5MjY5Mjc3NcgBCakCNPy-p7hhtD7gAgCoAwGqBO4BT9Aj_FO6rx--Wd6-wKVk_QHgWb6qNw-m3Y9iZ7EA04uVwt27R-QzLbxpB63MD2RPYTc-k04BAwIPfbNRmXqu7W1KZlUkZ_zYMDQc8DMqxfp4TaXeULl01CtI7bRjz7c5lgYUgDwgIe2GKva8zgpqu0-mTd53Ntzf7HhxtZPmiJUlwBJovEv9CJu7gCWuK6Cx7-fCVe9_luJ4SriHZaTH14pONzplNukyVklZJWA73sEQqc1iZ3AEKCKtitMUlsp48arXv7gY_7OGDGQL59qa1ucBIlft9RKeLv060gwO8xCUuLBIltU5hl0aJCVP_uAEAYAG17OK4pyg7Y0RoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YBQEAHyCBthZHgtc3Vic3luLTc5MDQ5MDE4Njk5Nzc3NjX6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3lzqnVtqCuWcGpLDYdHBKEWxCwoA%26client%3Dca-pub-9035087792692775%26adurl%3D&gdpr=1&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.116 Lingenfeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.116.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://brain.rvty.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 02:08:46 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 90083100015256401324215011592004
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 0
Expires: Wed, 12 May 2021 03:08:46 +0200

Redirect headers

Pragma: no-cache
Date: Wed, 12 May 2021 02:08:46 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=w7xcjkjo73jw&nw=14&renderingType=javascript&namespace=82d69d976c&subid=&uid=314b4bce2ab31181&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=120x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=ANIM_AFTER_30S%3A0&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCU9iKrjibYP_OEJLsgAeVpp3AA-b-o_dcjsqU12nAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItOTAzNTA4Nzc5MjY5Mjc3NcgBCakCNPy-p7hhtD7gAgCoAwGqBO4BT9Aj_FO6rx--Wd6-wKVk_QHgWb6qNw-m3Y9iZ7EA04uVwt27R-QzLbxpB63MD2RPYTc-k04BAwIPfbNRmXqu7W1KZlUkZ_zYMDQc8DMqxfp4TaXeULl01CtI7bRjz7c5lgYUgDwgIe2GKva8zgpqu0-mTd53Ntzf7HhxtZPmiJUlwBJovEv9CJu7gCWuK6Cx7-fCVe9_luJ4SriHZaTH14pONzplNukyVklZJWA73sEQqc1iZ3AEKCKtitMUlsp48arXv7gY_7OGDGQL59qa1ucBIlft9RKeLv060gwO8xCUuLBIltU5hl0aJCVP_uAEAYAG17OK4pyg7Y0RoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YBQEAHyCBthZHgtc3Vic3luLTc5MDQ5MDE4Njk5Nzc3NjX6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3lzqnVtqCuWcGpLDYdHBKEWxCwoA%26client%3Dca-pub-9035087792692775%26adurl%3Dhttp%253A%252F%252Fbrain.rvty.net%252FRTB%252FClick%253Fx%253DEASY-X-COORDINATE%2526y%253DEASY-Y-COORDINATE%2526s%253D94859637%2526a%253D146056%2526t%253D1620785326439%2526l%253D412122%2526p%253D3%2526appid%253D%2526aa%253D609b38ae-0004-d37e-0a77-8b197d07aa5e%2526gdpr%253D1%2526gdpr_consent%253D%2526dest%253D&documentReferer=https%3A%2F%2F18f34aadf5b5bb994b05cb8f6a4026b6.safeframe.googlesyndication.com%2F&ancestorOrigins=https%3A%2F%2F18f34aadf5b5bb994b05cb8f6a4026b6.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fpastebin.com&random=1698255187724&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Wed, 12 May 2021 03:08:46 +0200

GET
H/1.1

200
OK

request.php Show response
ad23.ad-srv.net/ Frame 5942
Redirect Chain

https://ad23.ad-srv.net/request.php?zone=8e93336o9ddx&nw=14&renderingType=javascript&namespace=0678a89193&subid=&uid=e6a9c643e7b4eb9c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x9...
https://ad23.ad-srv.net/request.php?zone=8e93336o9ddx&nw=14&renderingType=javascript&namespace=0678a89193&subid=&uid=e6a9c643e7b4eb9c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x9...

0
548 B

58ms
36ms

Script
application/x-javascript

78.46.23.46
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad23.ad-srv.net/request.php?zone=8e93336o9ddx&nw=14&renderingType=javascript&namespace=0678a89193&subid=&uid=e6a9c643e7b4eb9c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=ANIM_AFTER_30S%3A0&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCJUROrjibYN6PFYX1-gb035qYD-b-o_dc7ousiF_AjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItOTAzNTA4Nzc5MjY5Mjc3NcgBCakCKsu9ywlitD7gAgCoAwGqBO4BT9ADU5AzNthOvMw2Es3jpsFQD0-wJZtsjm-Qk_Kunn48mjdnagmYB7DCC7Vcm9E79n2hk7NzlwRLyesKzpaMt6GcYZnkVgVPknUl7_EvIza6oPlPs1IrjmoSAvDWvqEfHC1oPsQEwFNGrsKUvUVHEIUnwPI7SwV5wBA7YbNm46prx-jTXVb2WL_cOlnns4jLFEVQx14uACX1tC_tNSVZmcbf7jKFjYB_zrN8HoVnrT4IvXvDWviaOdShhhHHBfaSDSG8S9V6zAiShG2C9kKspybNESyWCyCMyKV21LsOfpz4Gmi6Ce59ow_AjHR7_-AEAYAGnPah-N7y5czxAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIiOGAEBAB8ggbYWR4LXN1YnN5bi03OTA0OTAxODY5OTc3NzY1-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_021CBPoQadwF5MZZcOsjeb7Vf6jQ%26client%3Dca-pub-9035087792692775%26adurl%3Dhttp%253A%252F%252Fbrain.rvty.net%252FRTB%252FClick%253Fx%253DEASY-X-COORDINATE%2526y%253DEASY-Y-COORDINATE%2526s%253D94859637%2526a%253D146072%2526t%253D1620785326638%2526l%253D412122%2526p%253D3%2526appid%253D%2526aa%253D609b38ae-0005-e22b-0ae0-25ca59038aa8%2526gdpr%253D1%2526gdpr_consent%253D%2526dest%253D&documentReferer=https%3A%2F%2F18f34aadf5b5bb994b05cb8f6a4026b6.safeframe.googlesyndication.com%2F&ancestorOrigins=https%3A%2F%2F18f34aadf5b5bb994b05cb8f6a4026b6.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fpastebin.com&random=2213670530245&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: brain.rvty.net
URL: https://brain.rvty.net/RTB/ShowAd?adHeight=90&adWidth=728&adFormat=4&adslotId=&siteId=94859637&bannerId=146072&e=3&p=YJs4rgAFR94K3rqFAAav9FkYZQcYFJ5HEd1p1w&penc=&bp=38462&a=609b38ae-0005-e22b-0ae0-25ca59038aa8&n=1&geo=412122&rawURL=https%3A%2F%2Fpastebin.com%2FFMmQ5FdC&rawReferrerURL=&uid=ff60c67f-6142-4e7a-bd36-bbce98a85107&euid=&encn=N4IgXglgDiBcIgDQgMYHsCuA7ALgJwE84QARAUSRAEMc4BGZAGywHM4BOAOjoA4BmPshQQcReJQDOOGgFNiAISoATGVgC0AdQA-eHDhkBbAEYy8bJjTgAWHpwDsANgd2AvkA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJUROrjibYN6PFYX1-gb035qYD-b-o_dc7ousiF_AjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItOTAzNTA4Nzc5MjY5Mjc3NcgBCakCKsu9ywlitD7gAgCoAwGqBO4BT9ADU5AzNthOvMw2Es3jpsFQD0-wJZtsjm-Qk_Kunn48mjdnagmYB7DCC7Vcm9E79n2hk7NzlwRLyesKzpaMt6GcYZnkVgVPknUl7_EvIza6oPlPs1IrjmoSAvDWvqEfHC1oPsQEwFNGrsKUvUVHEIUnwPI7SwV5wBA7YbNm46prx-jTXVb2WL_cOlnns4jLFEVQx14uACX1tC_tNSVZmcbf7jKFjYB_zrN8HoVnrT4IvXvDWviaOdShhhHHBfaSDSG8S9V6zAiShG2C9kKspybNESyWCyCMyKV21LsOfpz4Gmi6Ce59ow_AjHR7_-AEAYAGnPah-N7y5czxAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIiOGAEBAB8ggbYWR4LXN1YnN5bi03OTA0OTAxODY5OTc3NzY1-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_021CBPoQadwF5MZZcOsjeb7Vf6jQ%26client%3Dca-pub-9035087792692775%26adurl%3D&gdpr=1&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.23.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.46.23.46.78.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://brain.rvty.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 02:08:46 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 38134000011841601324213011592023
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 0
Expires: Wed, 12 May 2021 03:08:46 +0200

Redirect headers

Pragma: no-cache
Date: Wed, 12 May 2021 02:08:46 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=8e93336o9ddx&nw=14&renderingType=javascript&namespace=0678a89193&subid=&uid=e6a9c643e7b4eb9c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=ANIM_AFTER_30S%3A0&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCJUROrjibYN6PFYX1-gb035qYD-b-o_dc7ousiF_AjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItOTAzNTA4Nzc5MjY5Mjc3NcgBCakCKsu9ywlitD7gAgCoAwGqBO4BT9ADU5AzNthOvMw2Es3jpsFQD0-wJZtsjm-Qk_Kunn48mjdnagmYB7DCC7Vcm9E79n2hk7NzlwRLyesKzpaMt6GcYZnkVgVPknUl7_EvIza6oPlPs1IrjmoSAvDWvqEfHC1oPsQEwFNGrsKUvUVHEIUnwPI7SwV5wBA7YbNm46prx-jTXVb2WL_cOlnns4jLFEVQx14uACX1tC_tNSVZmcbf7jKFjYB_zrN8HoVnrT4IvXvDWviaOdShhhHHBfaSDSG8S9V6zAiShG2C9kKspybNESyWCyCMyKV21LsOfpz4Gmi6Ce59ow_AjHR7_-AEAYAGnPah-N7y5czxAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIiOGAEBAB8ggbYWR4LXN1YnN5bi03OTA0OTAxODY5OTc3NzY1-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_021CBPoQadwF5MZZcOsjeb7Vf6jQ%26client%3Dca-pub-9035087792692775%26adurl%3Dhttp%253A%252F%252Fbrain.rvty.net%252FRTB%252FClick%253Fx%253DEASY-X-COORDINATE%2526y%253DEASY-Y-COORDINATE%2526s%253D94859637%2526a%253D146072%2526t%253D1620785326638%2526l%253D412122%2526p%253D3%2526appid%253D%2526aa%253D609b38ae-0005-e22b-0ae0-25ca59038aa8%2526gdpr%253D1%2526gdpr_consent%253D%2526dest%253D&documentReferer=https%3A%2F%2F18f34aadf5b5bb994b05cb8f6a4026b6.safeframe.googlesyndication.com%2F&ancestorOrigins=https%3A%2F%2F18f34aadf5b5bb994b05cb8f6a4026b6.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fpastebin.com&random=2213670530245&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Wed, 12 May 2021 03:08:46 +0200

GET
H/1.1 200
OK jquery-1.10.2.min.js Show response
cdn.rvty.net/_files/js/ Frame 5004 91 KB
91 KB 14ms
13ms Script
application/javascript 89.163.211.242
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/view/ads_view.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.242 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: 0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988

Request headers

Referer: https://brain.rvty.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 02:08:46 GMT
Last-Modified: Wed, 08 Jan 2020 08:13:37 GMT
Server: nginx/1.13.4
ETag: "5e158f31-16bb3"
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 93107

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 42ms
41ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021050601&jk=4441367774568930&bg=!FhWlFVHNAAY59bwoOfU7ACkAdvg8Wo9qnQmgDT6ayxwBSlIgmHmgcJ3NKNAQMt9RiO-OFXltA6zUlwIAAAB_UgAAABRoAQcKAVT6u0xMITZfzTUu8TBM-A3veJTUzO4QpzIPcMO2kv4RuKdrGc98ltpNjCiP0Zy8F1inBz5w-Yeb4i9y4d7Bip0OPmIhmtUFFWp4YZetk_etoi1a72Xir3qkFx_vHpmi5ijk7wJ6FqwcICLRzyTd0cCVaQsEBZOWWwbmApxk0TsrSoRIWV760OM8S712icWaHjePLx9d94Jmf_vr9GtsYUhmVqwqJqIWjN3lLEbycManaQ6Y1laJlg9UOcY5V_Y1G5zJMvY0xOYhf6q-frxzyZGMJWCO-ZtHWFVZbWji3DYeHmQMwiNjm1cTMKyeivTsGTo3wtfXlRwjqEeFjGK837QZ2bEQjOWtQiFvgkjE4iMx5XO-hadrio3Z9rcbep3cAgNXoaaXoxFR6jN_mRRsoMUXRCY5sfCUnVbimo9TNxoxmPqUmcy69mvVQAnrSOBLnCZBH7fLmQI9Y3ugJpElnxzW4mxHcxEYvFLwTkFDQ9GFkEeQdWUUaI-3I0rI1G6zNwElTLONeJ-L9AmI3oVVnAlx6vmNg8j_3zkCRt3HScfxxVGxlLdkgWFXXYnXryd1uN6ceZ-KFZtfba8OVvca6yosYo6KDa7zfxomm4CVE9xmxqgJIW3zgxVDEg5PwHGJbTZInYAbXTA5sueUiqEXy2-3mnP5ppyVmHNRaj3hOQcgEEhBsUQPPhYZCbdRjGpIkkJFfsBust3pulojlOOxAkVqlVEBd-piF9VylSiSm-_Ybt0Z8OJUp5HTTqfVCVECjKL-rWt1unAN0cJv1hgngyS2Ji_s-FDaLYiETq0JhGOthRS3Id9cBT6DDHNs5VsOsEtWJ-Qj7SRW8IEAJwMcE2YylSM0G3w02g5xj4QSidGujMkGAsLXTnEaXzKDE2aBnn0un_2q8ZDU8sxPxBsL2Am5ztBOEpwZre1zlqM9Zbj4m0eexWb47GvC5ZhHDkaod2F3SYQV_uhiG54V3Zo8rlUxJHuEYhW8qSesEf7NBsU_cufrncUnx_G8iYPh1qa9lzLpPV-R-YSYKphiR23-x4MWcZ4l5xdVZoQBtlcXQa4UgbqLkE4AMq3ED2IFG73tzyt4hsLfuNsvkHR72s_K6Qmohw5Fyj0pFCt1dxPoLyomCfABskU1-8AfjevkoH29iOyzFlY31zHsK0ylRUxfIYuEYZdWftJs36n9w-lJry2E2r8Pz9-62Szjpyo18H-hCojjX7Bc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK jquery-1.10.2.min.js Show response
cdn.rvty.net/_files/js/ Frame EB36 91 KB
91 KB 10ms
10ms Script
application/javascript 89.163.211.242
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/view/ads_view.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.242 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: 0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988

Request headers

Referer: https://brain.rvty.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 02:08:46 GMT
Last-Modified: Wed, 08 Jan 2020 08:13:37 GMT
Server: nginx/1.13.4
ETag: "5e158f31-16bb3"
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 93107

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame 5004 0
119 B 12ms
11ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=120&adFormat=2&adslotId=&siteId=94859637&bannerId=146056&e=3&p=YJs4rgAEJ38K4DYSAAdTFcRAC8iMWRdRf38m4A&penc=&bp=38462&a=609b38ae-0004-d37e-0a77-8b197d07aa5e&n=1&geo=412122&rawURL=https%3A%2F%2Fpastebin.com%2FFMmQ5FdC&rawReferrerURL=&uid=ff60c67f-6142-4e7a-bd36-bbce98a85107&euid=&encn=N4IgXglgDiBcIgDQgMYHsCuA7ALgJwE84QARAUSRAEMc4BGZAGywHM4BOAOjoA4BmPshQQcReJQDOOGgFNiAISoATGVgC0AdQA-eHDhkBbAEYy8bJjTgAWHpwDsANgd2AvkA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCU9iKrjibYP_OEJLsgAeVpp3AA-b-o_dcjsqU12nAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItOTAzNTA4Nzc5MjY5Mjc3NcgBCakCNPy-p7hhtD7gAgCoAwGqBO4BT9Aj_FO6rx--Wd6-wKVk_QHgWb6qNw-m3Y9iZ7EA04uVwt27R-QzLbxpB63MD2RPYTc-k04BAwIPfbNRmXqu7W1KZlUkZ_zYMDQc8DMqxfp4TaXeULl01CtI7bRjz7c5lgYUgDwgIe2GKva8zgpqu0-mTd53Ntzf7HhxtZPmiJUlwBJovEv9CJu7gCWuK6Cx7-fCVe9_luJ4SriHZaTH14pONzplNukyVklZJWA73sEQqc1iZ3AEKCKtitMUlsp48arXv7gY_7OGDGQL59qa1ucBIlft9RKeLv060gwO8xCUuLBIltU5hl0aJCVP_uAEAYAG17OK4pyg7Y0RoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YBQEAHyCBthZHgtc3Vic3luLTc5MDQ5MDE4Njk5Nzc3NjX6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3lzqnVtqCuWcGpLDYdHBKEWxCwoA%26client%3Dca-pub-9035087792692775%26adurl%3D&gdpr=1&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Wed, 12 May 2021 02:08:46 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame EB36 0
119 B 12ms
12ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=90&adWidth=728&adFormat=4&adslotId=&siteId=94859637&bannerId=146072&e=3&p=YJs4rgAFR94K3rqFAAav9FkYZQcYFJ5HEd1p1w&penc=&bp=38462&a=609b38ae-0005-e22b-0ae0-25ca59038aa8&n=1&geo=412122&rawURL=https%3A%2F%2Fpastebin.com%2FFMmQ5FdC&rawReferrerURL=&uid=ff60c67f-6142-4e7a-bd36-bbce98a85107&euid=&encn=N4IgXglgDiBcIgDQgMYHsCuA7ALgJwE84QARAUSRAEMc4BGZAGywHM4BOAOjoA4BmPshQQcReJQDOOGgFNiAISoATGVgC0AdQA-eHDhkBbAEYy8bJjTgAWHpwDsANgd2AvkA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJUROrjibYN6PFYX1-gb035qYD-b-o_dc7ousiF_AjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItOTAzNTA4Nzc5MjY5Mjc3NcgBCakCKsu9ywlitD7gAgCoAwGqBO4BT9ADU5AzNthOvMw2Es3jpsFQD0-wJZtsjm-Qk_Kunn48mjdnagmYB7DCC7Vcm9E79n2hk7NzlwRLyesKzpaMt6GcYZnkVgVPknUl7_EvIza6oPlPs1IrjmoSAvDWvqEfHC1oPsQEwFNGrsKUvUVHEIUnwPI7SwV5wBA7YbNm46prx-jTXVb2WL_cOlnns4jLFEVQx14uACX1tC_tNSVZmcbf7jKFjYB_zrN8HoVnrT4IvXvDWviaOdShhhHHBfaSDSG8S9V6zAiShG2C9kKspybNESyWCyCMyKV21LsOfpz4Gmi6Ce59ow_AjHR7_-AEAYAGnPah-N7y5czxAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIiOGAEBAB8ggbYWR4LXN1YnN5bi03OTA0OTAxODY5OTc3NzY1-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_021CBPoQadwF5MZZcOsjeb7Vf6jQ%26client%3Dca-pub-9035087792692775%26adurl%3D&gdpr=1&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Wed, 12 May 2021 02:08:46 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame 5004 0
119 B 10ms
10ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=120&adFormat=2&adslotId=&siteId=94859637&bannerId=146056&e=3&p=YJs4rgAEJ38K4DYSAAdTFcRAC8iMWRdRf38m4A&penc=&bp=38462&a=609b38ae-0004-d37e-0a77-8b197d07aa5e&n=1&geo=412122&rawURL=https%3A%2F%2Fpastebin.com%2FFMmQ5FdC&rawReferrerURL=&uid=ff60c67f-6142-4e7a-bd36-bbce98a85107&euid=&encn=N4IgXglgDiBcIgDQgMYHsCuA7ALgJwE84QARAUSRAEMc4BGZAGywHM4BOAOjoA4BmPshQQcReJQDOOGgFNiAISoATGVgC0AdQA-eHDhkBbAEYy8bJjTgAWHpwDsANgd2AvkA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCU9iKrjibYP_OEJLsgAeVpp3AA-b-o_dcjsqU12nAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItOTAzNTA4Nzc5MjY5Mjc3NcgBCakCNPy-p7hhtD7gAgCoAwGqBO4BT9Aj_FO6rx--Wd6-wKVk_QHgWb6qNw-m3Y9iZ7EA04uVwt27R-QzLbxpB63MD2RPYTc-k04BAwIPfbNRmXqu7W1KZlUkZ_zYMDQc8DMqxfp4TaXeULl01CtI7bRjz7c5lgYUgDwgIe2GKva8zgpqu0-mTd53Ntzf7HhxtZPmiJUlwBJovEv9CJu7gCWuK6Cx7-fCVe9_luJ4SriHZaTH14pONzplNukyVklZJWA73sEQqc1iZ3AEKCKtitMUlsp48arXv7gY_7OGDGQL59qa1ucBIlft9RKeLv060gwO8xCUuLBIltU5hl0aJCVP_uAEAYAG17OK4pyg7Y0RoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YBQEAHyCBthZHgtc3Vic3luLTc5MDQ5MDE4Njk5Nzc3NjX6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3lzqnVtqCuWcGpLDYdHBKEWxCwoA%26client%3Dca-pub-9035087792692775%26adurl%3D&gdpr=1&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Wed, 12 May 2021 02:08:47 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame EB36 0
119 B 10ms
9ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=90&adWidth=728&adFormat=4&adslotId=&siteId=94859637&bannerId=146072&e=3&p=YJs4rgAFR94K3rqFAAav9FkYZQcYFJ5HEd1p1w&penc=&bp=38462&a=609b38ae-0005-e22b-0ae0-25ca59038aa8&n=1&geo=412122&rawURL=https%3A%2F%2Fpastebin.com%2FFMmQ5FdC&rawReferrerURL=&uid=ff60c67f-6142-4e7a-bd36-bbce98a85107&euid=&encn=N4IgXglgDiBcIgDQgMYHsCuA7ALgJwE84QARAUSRAEMc4BGZAGywHM4BOAOjoA4BmPshQQcReJQDOOGgFNiAISoATGVgC0AdQA-eHDhkBbAEYy8bJjTgAWHpwDsANgd2AvkA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJUROrjibYN6PFYX1-gb035qYD-b-o_dc7ousiF_AjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItOTAzNTA4Nzc5MjY5Mjc3NcgBCakCKsu9ywlitD7gAgCoAwGqBO4BT9ADU5AzNthOvMw2Es3jpsFQD0-wJZtsjm-Qk_Kunn48mjdnagmYB7DCC7Vcm9E79n2hk7NzlwRLyesKzpaMt6GcYZnkVgVPknUl7_EvIza6oPlPs1IrjmoSAvDWvqEfHC1oPsQEwFNGrsKUvUVHEIUnwPI7SwV5wBA7YbNm46prx-jTXVb2WL_cOlnns4jLFEVQx14uACX1tC_tNSVZmcbf7jKFjYB_zrN8HoVnrT4IvXvDWviaOdShhhHHBfaSDSG8S9V6zAiShG2C9kKspybNESyWCyCMyKV21LsOfpz4Gmi6Ce59ow_AjHR7_-AEAYAGnPah-N7y5czxAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIiOGAEBAB8ggbYWR4LXN1YnN5bi03OTA0OTAxODY5OTc3NzY1-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_021CBPoQadwF5MZZcOsjeb7Vf6jQ%26client%3Dca-pub-9035087792692775%26adurl%3D&gdpr=1&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Wed, 12 May 2021 02:08:47 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 94 B
754 B 40ms
38ms XHR
application/json 72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.36.0
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: 789a10c8af65f41361fed4bd112571fd608d7db4c29383c0e50e09d3344325fc

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 12 May 2021 02:08:47 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://pastebin.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 98

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 138 B
832 B 11ms
11ms XHR
application/json 37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

e298b9a1686be46040b317fc736462ee6d0c1b648c3c6a4cc72ba8b16def2dc0

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 02:08:47 GMT
X-Proxy-Origin: 159.48.53.198; 159.48.53.198; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.28:80
AN-X-Request-Uuid: eaf1e5cf-9356-407b-b410-2a213a27335a
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://pastebin.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 adreq Show response
ads.servenobid.com/ 301 B
550 B 73ms
71ms XHR
application/json 52.48.100.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servenobid.com/adreq?cb=3483
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.100.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-100-152.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 3bf2cdef54772b1204773e9534ce2ba2cfd29a55f65e10587a590bed98b5ca17

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 12 May 2021 02:08:47 GMT
content-encoding: gzip
amp-access-control-allow-source-origin: *
vary: accept-encoding
content-type: application/json
access-control-allow-origin: https://pastebin.com
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
access-control-allow-credentials: true

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
139 B 100ms
98ms XHR
text/plain 136.144.59.88
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://pastebin.com
date: Wed, 12 May 2021 02:08:46 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 9
vary: origin

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ 95 B
643 B 41ms
39ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2261c3d7393fca80a%22%3A%22d398e3afd25fd75bf33c%7C160x600%2C120x600%7Cf%3D0.01%22%7D&ref=https%3A%2F%2Fpastebin.com%2FFMmQ5FdC&s=6dd7ae1c-8568-4b3b-9cfa-91f5b202407e&pv=f252d050-b2f2-41ec-8c2f-5996028d051e&vp=desktop&lib_name=prebid&lib_v=4.36.0&us=0&ius=1&gdpr=true&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22interdogmedia.com%22%2C%22sid%22%3A%224734%22%2C%22hp%22%3A1%7D%5D%7D

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

Software

sonobi-go /

Resource Hash

c9e1bd4fc3d00108a814613203917491ce5b02d8e9bbac69f9b218d69689bdec

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 02:08:47 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-132
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://pastebin.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 120
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
174 B 19ms
18ms XHR
text/plain 185.184.8.30
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.30 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://pastebin.com
date: Wed, 12 May 2021 02:08:47 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
744 B 14ms
12ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96957d01727298b51a9a3aed860067&pos=8a96957d01727298b51a9a3ee5990072&cmd=bid&secure=1&gdpr=1
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.128 /
Resource Hash: 4bd68cc6deabbd4a0250bb64af6179bc63335a3de9656f470edcb5c3ec1da9b7

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 12 May 2021 02:08:47 GMT
Server: ATS/7.1.2.128
Age: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://pastebin.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 145 B
839 B 16ms
16ms XHR
application/json 37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

735dce697d3957ddff56c04a75303349d4ac7e4a21409f02cb3832e1c782b8e8

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 02:08:47 GMT
X-Proxy-Origin: 159.48.53.198; 159.48.53.198; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.81:80
AN-X-Request-Uuid: aabb7be9-4672-44d0-bd2e-fcc898239f75
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://pastebin.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 204 prebid Show response
prebid.ad.smaato.net/oapi/ 0
339 B 30ms
30ms XHR
text/plain 54.216.200.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.ad.smaato.net/oapi/prebid
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.216.200.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-216-200-99.eu-west-1.compute.amazonaws.com
Software: SOMA /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://pastebin.com
Access-Control-Expose-Headers: X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
Access-Control-Allow-Credentials: true
Server: SOMA
Connection: keep-alive
Date: Wed, 12 May 2021 02:08:47 GMT
X-SMT-SessionId: a4620564-e6cd-4705-a959-63dca5f80cad

POST
H2 204 quantumdex Show response
useast.quantumdex.io/auction/ 0
389 B 198ms
198ms XHR
text/plain 2606:4700:20::ac43:47f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://useast.quantumdex.io/auction/quantumdex
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 12 May 2021 02:08:47 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST, GET
access-control-allow-origin: https://pastebin.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Ali2GbW6w%2BmsKikuc3ZLUB2aBIJ3GA5L8VBE9S1HRcLGi9GRZej3KwMV9vptYFYckGX5xJM8jg8myLfCwNITUzPIosquV9DjpruQVZQ4VlZpMq59iX2ADBwIIo524EXytg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 64e019e87e20178a-FRA
cf-request-id: 09ffee85480000178a37bd0000000001

GET
H2 200 ROS Show response
ads.us.e-planning.net/hb/1/2c995/1/pastebin.com/ 552 B
871 B 23ms
22ms XHR
application/json 5.178.65.246
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.us.e-planning.net/hb/1/2c995/1/pastebin.com/ROS?rnd=0.36434071773842525&e=160x600_0%3A160x600%2C120x600&ur=https%3A%2F%2Fpastebin.com%2FFMmQ5FdC&r=pbjs&pbv=4.36.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fpastebin.com%2FFMmQ5FdC&gdpr=1&gdprcs=
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.178.65.246 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: 12824eb73f206223d2b2b6650c23198a60b5d1e1e21497cf479e5bd2e3ad8aad

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 12 May 2021 02:08:47 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://pastebin.com
expires: Wed, 12 May 2021 02:08:47 GMT
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 552
x-sid: AMS-602

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
367 B 65ms
62ms XHR
text/javascript 65.9.95.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fpastebin.com%2FFMmQ5FdC&pr=https%3A%2F%2Ft.co%2F&pid=jVLFtIbQ28tvR&cb=2&ws=1600x1200&v=7.64.00&t=2000&slots=%5B%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22Amazon%22%7D%5D&cfgv=0&schain=1.0%2C1!interdogmedia.com%2C4734%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:47 GMT
via: 1.1 79ba346413d83ce62db11c8d0b05c22d.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: PRG50-C1
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://pastebin.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: 0Y_awNc1iUooYo73K17aebz3KEcr3gBluNDmw9Z_VSvJVgQ6xU72vw==

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6506 42 B
64 B 54ms
39ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuD1LSmjjMtjzxc9P7FGWv7uUJeeaMpfYm2IEuombzxKG71VcsDhso1l8w4oNyo85P35M5nP6ijfEtcHhJ8Jzo4xpJF09Ex&sig=Cg0ArKJSzLTDk-DBMw4EEAE&cid=CAASF-RomTdmVJZFSVqRNxcY7scAkpByDGHF&id=lidar2&mcvt=1000&p=439,1229,1039,1349&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210510&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3116884977&rs=4&met=ie&la=0&cr=0&osd=1&vs=4&rst=1620785326386&dlt=19&rpt=219&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://18f34aadf5b5bb994b05cb8f6a4026b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 62FB 42 B
64 B 40ms
39ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssHrNGIdqx2MPLEdcW-5zcOGD40BNPQWuvbQuPbGSdLOdzsB4eP3_v8tizmgeN5aJXUZxdN9InAcMPUTQz4dI64iLoSG37L&sig=Cg0ArKJSzLG4PFZH_OccEAE&id=lidar2&mcvt=1002&p=58,225,148,953&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20210510&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2121424616&rs=4&met=ie&la=0&cr=0&osd=1&vs=4&rst=1620785326501&dlt=83&rpt=4&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://18f34aadf5b5bb994b05cb8f6a4026b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame 5004 0
119 B 10ms
9ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=120&adFormat=2&adslotId=&siteId=94859637&bannerId=146056&e=3&p=YJs4rgAEJ38K4DYSAAdTFcRAC8iMWRdRf38m4A&penc=&bp=38462&a=609b38ae-0004-d37e-0a77-8b197d07aa5e&n=1&geo=412122&rawURL=https%3A%2F%2Fpastebin.com%2FFMmQ5FdC&rawReferrerURL=&uid=ff60c67f-6142-4e7a-bd36-bbce98a85107&euid=&encn=N4IgXglgDiBcIgDQgMYHsCuA7ALgJwE84QARAUSRAEMc4BGZAGywHM4BOAOjoA4BmPshQQcReJQDOOGgFNiAISoATGVgC0AdQA-eHDhkBbAEYy8bJjTgAWHpwDsANgd2AvkA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCU9iKrjibYP_OEJLsgAeVpp3AA-b-o_dcjsqU12nAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItOTAzNTA4Nzc5MjY5Mjc3NcgBCakCNPy-p7hhtD7gAgCoAwGqBO4BT9Aj_FO6rx--Wd6-wKVk_QHgWb6qNw-m3Y9iZ7EA04uVwt27R-QzLbxpB63MD2RPYTc-k04BAwIPfbNRmXqu7W1KZlUkZ_zYMDQc8DMqxfp4TaXeULl01CtI7bRjz7c5lgYUgDwgIe2GKva8zgpqu0-mTd53Ntzf7HhxtZPmiJUlwBJovEv9CJu7gCWuK6Cx7-fCVe9_luJ4SriHZaTH14pONzplNukyVklZJWA73sEQqc1iZ3AEKCKtitMUlsp48arXv7gY_7OGDGQL59qa1ucBIlft9RKeLv060gwO8xCUuLBIltU5hl0aJCVP_uAEAYAG17OK4pyg7Y0RoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YBQEAHyCBthZHgtc3Vic3luLTc5MDQ5MDE4Njk5Nzc3NjX6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3lzqnVtqCuWcGpLDYdHBKEWxCwoA%26client%3Dca-pub-9035087792692775%26adurl%3D&gdpr=1&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Wed, 12 May 2021 02:08:47 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame EB36 0
119 B 10ms
9ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=90&adWidth=728&adFormat=4&adslotId=&siteId=94859637&bannerId=146072&e=3&p=YJs4rgAFR94K3rqFAAav9FkYZQcYFJ5HEd1p1w&penc=&bp=38462&a=609b38ae-0005-e22b-0ae0-25ca59038aa8&n=1&geo=412122&rawURL=https%3A%2F%2Fpastebin.com%2FFMmQ5FdC&rawReferrerURL=&uid=ff60c67f-6142-4e7a-bd36-bbce98a85107&euid=&encn=N4IgXglgDiBcIgDQgMYHsCuA7ALgJwE84QARAUSRAEMc4BGZAGywHM4BOAOjoA4BmPshQQcReJQDOOGgFNiAISoATGVgC0AdQA-eHDhkBbAEYy8bJjTgAWHpwDsANgd2AvkA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJUROrjibYN6PFYX1-gb035qYD-b-o_dc7ousiF_AjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItOTAzNTA4Nzc5MjY5Mjc3NcgBCakCKsu9ywlitD7gAgCoAwGqBO4BT9ADU5AzNthOvMw2Es3jpsFQD0-wJZtsjm-Qk_Kunn48mjdnagmYB7DCC7Vcm9E79n2hk7NzlwRLyesKzpaMt6GcYZnkVgVPknUl7_EvIza6oPlPs1IrjmoSAvDWvqEfHC1oPsQEwFNGrsKUvUVHEIUnwPI7SwV5wBA7YbNm46prx-jTXVb2WL_cOlnns4jLFEVQx14uACX1tC_tNSVZmcbf7jKFjYB_zrN8HoVnrT4IvXvDWviaOdShhhHHBfaSDSG8S9V6zAiShG2C9kKspybNESyWCyCMyKV21LsOfpz4Gmi6Ce59ow_AjHR7_-AEAYAGnPah-N7y5czxAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIiOGAEBAB8ggbYWR4LXN1YnN5bi03OTA0OTAxODY5OTc3NzY1-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_021CBPoQadwF5MZZcOsjeb7Vf6jQ%26client%3Dca-pub-9035087792692775%26adurl%3D&gdpr=1&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Wed, 12 May 2021 02:08:47 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame 5004 0
119 B 10ms
9ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=120&adFormat=2&adslotId=&siteId=94859637&bannerId=146056&e=3&p=YJs4rgAEJ38K4DYSAAdTFcRAC8iMWRdRf38m4A&penc=&bp=38462&a=609b38ae-0004-d37e-0a77-8b197d07aa5e&n=1&geo=412122&rawURL=https%3A%2F%2Fpastebin.com%2FFMmQ5FdC&rawReferrerURL=&uid=ff60c67f-6142-4e7a-bd36-bbce98a85107&euid=&encn=N4IgXglgDiBcIgDQgMYHsCuA7ALgJwE84QARAUSRAEMc4BGZAGywHM4BOAOjoA4BmPshQQcReJQDOOGgFNiAISoATGVgC0AdQA-eHDhkBbAEYy8bJjTgAWHpwDsANgd2AvkA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCU9iKrjibYP_OEJLsgAeVpp3AA-b-o_dcjsqU12nAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItOTAzNTA4Nzc5MjY5Mjc3NcgBCakCNPy-p7hhtD7gAgCoAwGqBO4BT9Aj_FO6rx--Wd6-wKVk_QHgWb6qNw-m3Y9iZ7EA04uVwt27R-QzLbxpB63MD2RPYTc-k04BAwIPfbNRmXqu7W1KZlUkZ_zYMDQc8DMqxfp4TaXeULl01CtI7bRjz7c5lgYUgDwgIe2GKva8zgpqu0-mTd53Ntzf7HhxtZPmiJUlwBJovEv9CJu7gCWuK6Cx7-fCVe9_luJ4SriHZaTH14pONzplNukyVklZJWA73sEQqc1iZ3AEKCKtitMUlsp48arXv7gY_7OGDGQL59qa1ucBIlft9RKeLv060gwO8xCUuLBIltU5hl0aJCVP_uAEAYAG17OK4pyg7Y0RoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YBQEAHyCBthZHgtc3Vic3luLTc5MDQ5MDE4Njk5Nzc3NjX6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3lzqnVtqCuWcGpLDYdHBKEWxCwoA%26client%3Dca-pub-9035087792692775%26adurl%3D&gdpr=1&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Wed, 12 May 2021 02:08:48 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
174 B 17ms
17ms XHR
text/plain 185.184.8.30
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.30 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://pastebin.com
date: Wed, 12 May 2021 02:08:48 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 613 B
997 B 41ms
40ms XHR
application/json 37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

b5bb5228fb21d75ce7f65efb06997026aaaaf439dd3b170dc07ef41beebefc06

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 12 May 2021 02:08:48 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 159.48.53.198; 159.48.53.198; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.70:80
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 6913e54c-74b9-4322-9136-414070f56269
Server: nginx/1.17.9
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://pastebin.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 606 B
1006 B 18ms
18ms XHR
application/json 37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

40c3099d12e31caf52e11b88ac9ff0f4771b67f0ad0886397ce6581012fbc9d3

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 12 May 2021 02:08:48 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 159.48.53.198; 159.48.53.198; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.248:80
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: c86136d1-4050-4e4e-b90f-d6cd0dc2b395
Server: nginx/1.17.9
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://pastebin.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
141 B 147ms
147ms XHR
text/plain 136.144.59.88
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://pastebin.com
date: Wed, 12 May 2021 02:08:47 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 58
vary: origin

POST
H2 200 adreq Show response
ads.servenobid.com/ 301 B
541 B 61ms
61ms XHR
application/json 52.48.100.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servenobid.com/adreq?cb=9437
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.100.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-100-152.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 3bf2cdef54772b1204773e9534ce2ba2cfd29a55f65e10587a590bed98b5ca17

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 12 May 2021 02:08:48 GMT
content-encoding: gzip
amp-access-control-allow-source-origin: *
vary: accept-encoding
content-type: application/json
access-control-allow-origin: https://pastebin.com
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
access-control-allow-credentials: true

GET
H2 200 ROS Show response
ads.us.e-planning.net/hb/1/2c995/1/pastebin.com/ 622 B
940 B 23ms
22ms XHR
application/json 5.178.65.246
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.us.e-planning.net/hb/1/2c995/1/pastebin.com/ROS?rnd=0.36434071773842525&e=300x600_0%3A300x600%2B160x600_0%3A160x600%2B300x250_0%3A300x250%2B970x90_0%3A970x90%2B728x90_0%3A728x90&ur=https%3A%2F%2Fpastebin.com%2FFMmQ5FdC&r=pbjs&pbv=4.36.0&ncb=1&vs=FFFFF&crs=UTF-8&fr=https%3A%2F%2Fpastebin.com%2FFMmQ5FdC&gdpr=1&gdprcs=
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.178.65.246 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: 2df513efbfc7f80991faf27d57f10de8ab0a1b65115a348d36b436b3ba6f3f84

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 12 May 2021 02:08:48 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://pastebin.com
expires: Wed, 12 May 2021 02:08:48 GMT
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 622
x-sid: AMS-602

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 95 B
757 B 55ms
54ms XHR
application/json 72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.36.0
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: e37042897245fee4b463299185e8f48878ba4f6ab4f5275d3b7d8a1fa1f57291

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 12 May 2021 02:08:48 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://pastebin.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 100

POST
H2 204 quantumdex Show response
useast.quantumdex.io/auction/ 0
396 B 295ms
295ms XHR
text/plain 2606:4700:20::ac43:47f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://useast.quantumdex.io/auction/quantumdex
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 12 May 2021 02:08:48 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST, GET
access-control-allow-origin: https://pastebin.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=f464hd5CkmOPAm1xgE0XJKYWt%2BQNaj1U5%2FwXIxwSUj9pAd0Lq7WzW8xnLgjzfHQZ%2F0Q0I1ZQ7c6D8mjs1z6%2BGclVqxt0z5tl%2FyLNPcxW%2FmNZjeQLCeF6HUm736YK6sslFg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 64e019eedd3b178a-FRA
cf-request-id: 09ffee894c0000178a4a879000000001

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ 183 B
674 B 61ms
61ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2212318a8bd21d6367%22%3A%22d398e3afd25fd75bf33c%7C300x600%7Cf%3D0.01%22%2C%2212482361f30ba4b%22%3A%22d398e3afd25fd75bf33c%7C160x600%7Cf%3D0.01%22%2C%221255b030d833bc5f%22%3A%22d398e3afd25fd75bf33c%7C300x250%7Cf%3D0.01%22%2C%221265e27170e24d26%22%3A%22d398e3afd25fd75bf33c%7C970x90%7Cf%3D0.01%22%2C%2212784ea73039cd61%22%3A%22d398e3afd25fd75bf33c%7C728x90%7Cf%3D0.01%22%7D&ref=https%3A%2F%2Fpastebin.com%2FFMmQ5FdC&s=ffdc9ef3-7316-4971-97ba-2cab7c4b1289&pv=f252d050-b2f2-41ec-8c2f-5996028d051e&vp=desktop&lib_name=prebid&lib_v=4.36.0&us=0&ius=1&gdpr=true&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22interdogmedia.com%22%2C%22sid%22%3A%224734%22%2C%22hp%22%3A1%7D%5D%7D

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

Software

sonobi-go /

Resource Hash

805725730b8db95e7673f53dd5a7d5d89cee7a84829424dbcaa03c00f56ae523

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 02:08:48 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-132
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://pastebin.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 151
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
744 B 14ms
13ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96957d01727298b51a9a3aed860067&pos=8a96957d01727298b51a9a40b18f0075&cmd=bid&secure=1&gdpr=1
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.128 /
Resource Hash: 3794f1022369992e03064327ddb260e42bc75e1378546bf5b53b9af2754a2b1d

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 12 May 2021 02:08:48 GMT
Server: ATS/7.1.2.128
Age: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://pastebin.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
744 B 31ms
15ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96957d01727298b51a9a3aed860067&pos=8a96957d01727298b51a9a3ee5990072&cmd=bid&secure=1&gdpr=1
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.128 /
Resource Hash: 8a6000c451ee4c5fbd9ca50c256a95b285d4a0b7b83dd4a51ee92594686512f8

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 12 May 2021 02:08:48 GMT
Server: ATS/7.1.2.128
Age: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://pastebin.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
744 B 30ms
14ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96957d01727298b51a9a3aed860067&pos=8a96957d01727298b51a9a3c46f80069&cmd=bid&secure=1&gdpr=1
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.128 /
Resource Hash: c96088debed5974460654aae2cb20f18ef11aa870a9cd9dcbd36939487f6f97f

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 12 May 2021 02:08:48 GMT
Server: ATS/7.1.2.128
Age: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://pastebin.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
744 B 31ms
15ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96957d01727298b51a9a3aed860067&pos=8a96957d01727298b51a9a3db518006f&cmd=bid&secure=1&gdpr=1
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.128 /
Resource Hash: 1c5468d5c4f09ce6021eaea93026f2954397cb3ace4c76a053d6bfb8e2c3954b

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 12 May 2021 02:08:48 GMT
Server: ATS/7.1.2.128
Age: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://pastebin.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

POST
H/1.1 204 prebid Show response
prebid.ad.smaato.net/oapi/ 0
339 B 30ms
29ms XHR
text/plain 54.216.200.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.ad.smaato.net/oapi/prebid
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.216.200.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-216-200-99.eu-west-1.compute.amazonaws.com
Software: SOMA /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://pastebin.com
Access-Control-Expose-Headers: X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
Access-Control-Allow-Credentials: true
Server: SOMA
Connection: keep-alive
Date: Wed, 12 May 2021 02:08:47 GMT
X-SMT-SessionId: 03527d90-4f4f-4811-8df6-353b972f961f

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
368 B 69ms
66ms XHR
text/javascript 65.9.95.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fpastebin.com%2FFMmQ5FdC&pr=https%3A%2F%2Ft.co%2F&pid=jVLFtIbQ28tvR&cb=3&ws=1600x1200&v=7.64.00&t=2000&slots=%5B%7B%22sd%22%3A%222%22%2C%22s%22%3A%5B%22300x600%22%5D%2C%22sn%22%3A%22%2F307492156%2F12825_Pastebin.com%2F12825_Pastebin.com_SmartBanner_1%22%7D%2C%7B%22sd%22%3A%223%22%2C%22s%22%3A%5B%22160x600%22%5D%2C%22sn%22%3A%22%2F307492156%2F12825_Pastebin.com%2F12825_Pastebin.com_SmartBanner_1%22%7D%2C%7B%22sd%22%3A%224%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F307492156%2F12825_Pastebin.com%2F12825_Pastebin.com_SmartBanner_1%22%7D%2C%7B%22sd%22%3A%225%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F307492156%2F12825_Pastebin.com%2F12825_Pastebin.com_SmartBanner_1%22%7D%5D&cfgv=0&schain=1.0%2C1!interdogmedia.com%2C4734%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:48 GMT
via: 1.1 79ba346413d83ce62db11c8d0b05c22d.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: PRG50-C1
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://pastebin.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: Mm-ei1HxqpGsNx5mWwwXxH1dreLTR4ATlHee-FoFJCX_d5Qqv9de-Q==

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame EB36 0
119 B 10ms
9ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=90&adWidth=728&adFormat=4&adslotId=&siteId=94859637&bannerId=146072&e=3&p=YJs4rgAFR94K3rqFAAav9FkYZQcYFJ5HEd1p1w&penc=&bp=38462&a=609b38ae-0005-e22b-0ae0-25ca59038aa8&n=1&geo=412122&rawURL=https%3A%2F%2Fpastebin.com%2FFMmQ5FdC&rawReferrerURL=&uid=ff60c67f-6142-4e7a-bd36-bbce98a85107&euid=&encn=N4IgXglgDiBcIgDQgMYHsCuA7ALgJwE84QARAUSRAEMc4BGZAGywHM4BOAOjoA4BmPshQQcReJQDOOGgFNiAISoATGVgC0AdQA-eHDhkBbAEYy8bJjTgAWHpwDsANgd2AvkA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJUROrjibYN6PFYX1-gb035qYD-b-o_dc7ousiF_AjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItOTAzNTA4Nzc5MjY5Mjc3NcgBCakCKsu9ywlitD7gAgCoAwGqBO4BT9ADU5AzNthOvMw2Es3jpsFQD0-wJZtsjm-Qk_Kunn48mjdnagmYB7DCC7Vcm9E79n2hk7NzlwRLyesKzpaMt6GcYZnkVgVPknUl7_EvIza6oPlPs1IrjmoSAvDWvqEfHC1oPsQEwFNGrsKUvUVHEIUnwPI7SwV5wBA7YbNm46prx-jTXVb2WL_cOlnns4jLFEVQx14uACX1tC_tNSVZmcbf7jKFjYB_zrN8HoVnrT4IvXvDWviaOdShhhHHBfaSDSG8S9V6zAiShG2C9kKspybNESyWCyCMyKV21LsOfpz4Gmi6Ce59ow_AjHR7_-AEAYAGnPah-N7y5czxAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIiOGAEBAB8ggbYWR4LXN1YnN5bi03OTA0OTAxODY5OTc3NzY1-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_021CBPoQadwF5MZZcOsjeb7Vf6jQ%26client%3Dca-pub-9035087792692775%26adurl%3D&gdpr=1&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Wed, 12 May 2021 02:08:48 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK Cookie set beacon Show response
ap.lijit.com/ Frame EBB8 5 KB
2 KB 17ms
16ms Document
text/html 72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/beacon?gdpr_consent=&informer=13427529
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: c2c059fcaa6f0a64235657ea78c894a2d994cfff3d0cf148e88be82a459fd45f

Request headers

Host: ap.lijit.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://pastebin.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ljtrtb=eJyrrgUAAXUA%2BQ%3D%3D; ljt_reader=dfcd2b4a1a4d93e58baf189a
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://pastebin.com/

Response headers

Server: nginx
Date: Wed, 12 May 2021 02:08:48 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Vary: Accept-Encoding
Expires: Fri, 20 Mar 2009 00:00:00 GMT
Set-Cookie: ljtrtbexp=eJxlkDsSgDAIRO%2BS2iIQfuvVHO%2FumLFhLR%2BEx5JryDgldFZKah1DNwpgeDGi8%2BqY0lkm9b%2FxhSm7T3oA%2BasUOSlC0Y6iTGXETsw%2BSqDk0%2Fh%2BSMs3Z79pkc9o3tDZ6b23e%2B8HkdBPpw%3D%3D;Path=/;Domain=.lijit.com;Expires=Thu, 12-May-2022 02:08:48 GMT;Max-Age=31536000;Secure;SameSite=None ljtrtb=eJyrrgUAAXUA%2BQ%3D%3D;Path=/;Domain=.lijit.com;Expires=Thu, 12-May-2022 02:08:48 GMT;Max-Age=31536000;Secure;SameSite=None ljt_reader=dfcd2b4a1a4d93e58baf189a;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
X-Powered-By: raptor
Content-Encoding: gzip
X-Sovrn-Pod: ad_ap1ams1

GET
H2 200 quantumdex Show response
sync.quantumdex.io/usersync/ Frame E804 4 KB
1 KB 146ms
135ms Document
text/html 2606:4700:20::ac43:47f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.quantumdex.io/usersync/quantumdex
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24c690316256340da4dca67f32aedcd23790b5aad29abb0139b16be0d2012569

Request headers

:method: GET
:authority: sync.quantumdex.io
:scheme: https
:path: /usersync/quantumdex
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://pastebin.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: uid=e3038676-1b4a-4763-8ff7-3e3cb9d61d7d
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://pastebin.com/

Response headers

date: Wed, 12 May 2021 02:08:48 GMT
content-type: text/html
set-cookie: uid=e3038676-1b4a-4763-8ff7-3e3cb9d61d7d; expires=Tue, 01 Jun 2021 02:08:48 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status: DYNAMIC
cf-request-id: 09ffee8a1d0000178a359b4000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zBCo5pf3nZQuR85okT2cRDOhsxuXDM8Ot%2FWT%2FnhtUmx8kMALHT6Ndbp3kAF%2FJ7FlsdPu0d5gpFdHaiaqNWVEKmlwkFif9WOtod5uxDqMoAf1YwudxWVc5mhjOtYoCHs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 64e019f02ed4178a-FRA
content-encoding: br

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame AE17 52 KB
17 KB 54ms
6ms Document
text/html 151.101.13.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://pastebin.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://pastebin.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Mon, 03 May 2021 04:58:05 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Wed, 12 May 2021 02:08:48 GMT
Age: 76227
X-Served-By: cache-lga21963-LGA, cache-fra19141-FRA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 509637
X-Timer: S1620785329.709015,VS0,VE0
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 3B9A 52 KB
17 KB 59ms
12ms Document
text/html 151.101.13.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://pastebin.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://pastebin.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Mon, 03 May 2021 04:58:05 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Wed, 12 May 2021 02:08:48 GMT
Age: 76227
X-Served-By: cache-lga21963-LGA, cache-fra19142-FRA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 504942
X-Timer: S1620785329.709542,VS0,VE0
Vary: Accept-Encoding

GET
H2 200 sync.html Show response
public.servenobid.com/ Frame 1BCF 5 KB
2 KB 40ms
12ms Document
text/html 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://public.servenobid.com/sync.html?gdpr=1&gdpr_consent=
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6727659e91c28aa3b1cf831d90512144017d648b83bf100b9768a4596a970b31

Request headers

:method: GET
:authority: public.servenobid.com
:scheme: https
:path: /sync.html?gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://pastebin.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://pastebin.com/

Response headers

cache-control: max-age=86400
content-type: text/html
content-encoding: br
last-modified: Sat, 08 May 2021 00:21:18 GMT
accept-ranges: bytes
etag: "35ccbcf29835ff250ea489f183e659fe"
server: AmazonS3
x-cache: TCP_HIT
x-amz-id-2: jq77v2r9D6D3t+ZgfU9y0VTL9CwixdS4JXz+IapF55wgY8sudNsFbIioe2gibqpmP95+Yg/4AhQ=
x-amz-request-id: 9NT1760M4JN4AYSP
x-azure-ref-originshield: 0wjGbYAAAAAAxy9rgXVPTRb1hqfwx/x40TE9OMjFFREdFMTUwNgA4NGU3ZGZhMi0xNDQyLTQzMzQtYjM0Zi1lNDJkM2Y3ZGRhZDk=
x-azure-ref: 0sDibYAAAAABvTdE/KHGlQIxt3Q6ae/GIRlJBRURHRTEwMjAAODRlN2RmYTItMTQ0Mi00MzM0LWIzNGYtZTQyZDNmN2RkYWQ5
date: Wed, 12 May 2021 02:08:48 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 7248 52 KB
17 KB 53ms
8ms Document
text/html 151.101.13.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://pastebin.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://pastebin.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Mon, 03 May 2021 04:58:05 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Wed, 12 May 2021 02:08:48 GMT
Age: 76227
X-Served-By: cache-lga21963-LGA, cache-fra19132-FRA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 515488
X-Timer: S1620785329.709509,VS0,VE0
Vary: Accept-Encoding

GET
H/1.1 200
OK Cookie set beacon Show response
ap.lijit.com/ Frame 693B 5 KB
2 KB 22ms
21ms Document
text/html 72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/beacon?gdpr_consent=&informer=13427529
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: 0157781b2f506dc183a2201d4ed21cd8caf707445623c08f0f7dfccc86ff9bfa

Request headers

Host: ap.lijit.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://pastebin.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ljtrtb=eJyrrgUAAXUA%2BQ%3D%3D; ljt_reader=dfcd2b4a1a4d93e58baf189a
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://pastebin.com/

Response headers

Server: nginx
Date: Wed, 12 May 2021 02:08:48 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Vary: Accept-Encoding
Expires: Fri, 20 Mar 2009 00:00:00 GMT
Set-Cookie: ljtrtbexp=eJxd0DsSwCAIBNC7WKcQlM%2FmapncPdGxYcvnwAo8Tdotrj1DQvNq7tsCTCxr5agMqZZOpvY46QNdlgFErfhfkjJooqQ%2FkmbKSTYy59EESnnq50Kath11h0F5k%2Fonqo3qrez7fpLHT6c%3D;Path=/;Domain=.lijit.com;Expires=Thu, 12-May-2022 02:08:48 GMT;Max-Age=31536000;Secure;SameSite=None ljt_reader=dfcd2b4a1a4d93e58baf189a;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None ljtrtb=eJyrrgUAAXUA%2BQ%3D%3D;Path=/;Domain=.lijit.com;Expires=Thu, 12-May-2022 02:08:48 GMT;Max-Age=31536000;Secure;SameSite=None
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
X-Powered-By: raptor
Content-Encoding: gzip
X-Sovrn-Pod: ad_ap1ams1

GET
H2 200 quantumdex Show response
sync.quantumdex.io/usersync/ Frame D557 4 KB
1 KB 134ms
132ms Document
text/html 2606:4700:20::ac43:47f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.quantumdex.io/usersync/quantumdex
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0488f295b5fe0bbb1a1d04c386260aecda6de5c10e0666d8fc2fa695dada7bbe

Request headers

:method: GET
:authority: sync.quantumdex.io
:scheme: https
:path: /usersync/quantumdex
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://pastebin.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: uid=e3038676-1b4a-4763-8ff7-3e3cb9d61d7d
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://pastebin.com/

Response headers

date: Wed, 12 May 2021 02:08:48 GMT
content-type: text/html
set-cookie: uid=e3038676-1b4a-4763-8ff7-3e3cb9d61d7d; expires=Tue, 01 Jun 2021 02:08:48 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status: DYNAMIC
cf-request-id: 09ffee8a1d0000178a4a882000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=VAPsZfQsTx6RrE4EJ%2FYZZYERuYXiHa4nGC6SH%2Fngjwgy6HUg6c0V8%2FWqtaby1g3hzW7ZxcZ3CNmeDAhkmSeP9VR7YO09eF8UrvHpRqJ2sXQYrm2LSGgL9dRw63MFoQ4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 64e019f02ed6178a-FRA
content-encoding: br

GET
H2 200 / Show response
spl.zeotap.com/ Frame BF32 8 KB
2 KB 143ms
35ms Document
text/html 2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fcab4e852308dd6e2c8243a9490ee1612bf23b571f08dcf6d902c04b7c9c09e

Request headers

:method: GET
:authority: spl.zeotap.com
:scheme: https
:path: /?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://pastebin.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://pastebin.com/

Response headers

date: Wed, 12 May 2021 02:08:48 GMT
content-type: text/html
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://pastebin.com
set-cookie: zc=fef7a499-cbf2-488c-52d6-2fb9bab45c86; Path=/; Domain=.zeotap.com; Max-Age=31536000; SameSite=None; Secure zsc=8%A1%9D%91%83%E4xO%3C%DDF%B2H%E9%24%A15DE%1B%F6%A7F%FF%1D%95%F5d4r%14%D8%0DG%B2%17E%FE%7B%F7%BC%CC%AB%1F%A4%1FoM%E9N%F5%A3%7D%19E0%E2%CFG%E1%D4.%F2%9F%136%2B%23Pa%25%E6%CF%9A%98QQ%89%FA%1Cxak%B5%E4%0B%A6%91%C5%A5%11%3F%9Bzd-%00%BF%27%07%84M%11M_%DB5%3C%BD%B06%3Bi%27%99%DE%03%8C3%84%ED%E0%8E%10%98%03%18z%FDZ%3B%23%11%3D%D8%C4z%D7%E5%B8%B4l%04%90%823C%17%C6l%5Bz%FEW+%89%1D%ED%D2%E6%C6%88%A6%FB%0C%26%D2%10; Path=/; Domain=.zeotap.com; Max-Age=86400; SameSite=None; Secure
vary: Origin
via: 1.1 google
cf-cache-status: DYNAMIC
cf-request-id: 09ffee8a8700004e614517f000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 64e019f0da894e61-FRA
content-encoding: br

GET
H2 200 sync.html Show response
public.servenobid.com/ Frame 1E9A 5 KB
2 KB 31ms
13ms Document
text/html 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://public.servenobid.com/sync.html?gdpr=1&gdpr_consent=
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6727659e91c28aa3b1cf831d90512144017d648b83bf100b9768a4596a970b31

Request headers

:method: GET
:authority: public.servenobid.com
:scheme: https
:path: /sync.html?gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://pastebin.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://pastebin.com/

Response headers

cache-control: max-age=86400
content-type: text/html
content-encoding: br
last-modified: Sat, 08 May 2021 00:21:18 GMT
accept-ranges: bytes
etag: "35ccbcf29835ff250ea489f183e659fe"
server: AmazonS3
x-cache: TCP_HIT
x-amz-id-2: jq77v2r9D6D3t+ZgfU9y0VTL9CwixdS4JXz+IapF55wgY8sudNsFbIioe2gibqpmP95+Yg/4AhQ=
x-amz-request-id: 9NT1760M4JN4AYSP
x-azure-ref-originshield: 0wjGbYAAAAAAxy9rgXVPTRb1hqfwx/x40TE9OMjFFREdFMTUwNgA4NGU3ZGZhMi0xNDQyLTQzMzQtYjM0Zi1lNDJkM2Y3ZGRhZDk=
x-azure-ref: 0sDibYAAAAAAnAhxe8OlfTq3m9tJDwahCRlJBRURHRTEwMjAAODRlN2RmYTItMTQ0Mi00MzM0LWIzNGYtZTQyZDNmN2RkYWQ5
date: Wed, 12 May 2021 02:08:48 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 4301 52 KB
17 KB 79ms
43ms Document
text/html 151.101.13.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://pastebin.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://pastebin.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Mon, 03 May 2021 04:58:05 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Wed, 12 May 2021 02:08:48 GMT
Age: 76227
X-Served-By: cache-lga21963-LGA, cache-fra19140-FRA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 515711
X-Timer: S1620785329.709204,VS0,VE0
Vary: Accept-Encoding

GET
H2 200 / Show response
spl.zeotap.com/ Frame 880B 8 KB
2 KB 139ms
35ms Document
text/html 2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6478c0866507dd50c9ba14e01c4a35a480f42cdef670156398c1dcd932282d74

Request headers

:method: GET
:authority: spl.zeotap.com
:scheme: https
:path: /?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://pastebin.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://pastebin.com/

Response headers

date: Wed, 12 May 2021 02:08:48 GMT
content-type: text/html
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://pastebin.com
set-cookie: zc=0c56a2c1-d060-4acd-549c-17129dc7b69b; Path=/; Domain=.zeotap.com; Max-Age=31536000; SameSite=None; Secure zsc=%3A4%E5%B9+%B6%1D%C3%A7%27%FD%3Cc%FEE%DFK-GgN%8DE%A4%D2%04%AA%BF%F0%F1%5B%A7%BCW%FF%0Au%CE%C6%5C%E67%05%BF%CDx%9EC%B4%11Q7Z%F1%CE%E3%A1%1A%A6%01%28%E6S%DD%BE%91%09%A7%D1%0D%07%8A%8E%5E%10l%7C%A4%D4%28%F3z%60%D4%F3W%23q%D8%02%A3%93%FD%85%1E%0D%A7%2C%94R%1B%AA%DD%1AY%FC%3A%2A%FDN%A1%D9%29%B3%0B%10%ACdA%93%DE8%95%C6%9B%A2b%E2%A1%8C%E8%92%26%C0%EF%A1%7F%AA%F2%FC4%9Bo%97%F7u%D8%DE%C8%3E%B2b%99%E1%FC%D5%F3%3D%1B%F9%262%3A%D7%96%8D%92%9D; Path=/; Domain=.zeotap.com; Max-Age=86400; SameSite=None; Secure
vary: Origin
via: 1.1 google
cf-cache-status: DYNAMIC
cf-request-id: 09ffee8a8800004e6127b1f000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 64e019f0da8c4e61-FRA
content-encoding: br

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 685E 52 KB
17 KB 78ms
44ms Document
text/html 151.101.13.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://pastebin.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://pastebin.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Mon, 03 May 2021 04:58:05 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Wed, 12 May 2021 02:08:48 GMT
Age: 76227
X-Served-By: cache-lga21963-LGA, cache-fra19149-FRA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 503775
X-Timer: S1620785329.710482,VS0,VE0
Vary: Accept-Encoding

GET
H2 200 sync.html Show response
public.servenobid.com/ Frame ABDE 5 KB
2 KB 27ms
12ms Document
text/html 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://public.servenobid.com/sync.html?gdpr=1&gdpr_consent=
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6727659e91c28aa3b1cf831d90512144017d648b83bf100b9768a4596a970b31

Request headers

:method: GET
:authority: public.servenobid.com
:scheme: https
:path: /sync.html?gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://pastebin.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://pastebin.com/

Response headers

cache-control: max-age=86400
content-type: text/html
content-encoding: br
last-modified: Sat, 08 May 2021 00:21:18 GMT
accept-ranges: bytes
etag: "35ccbcf29835ff250ea489f183e659fe"
server: AmazonS3
x-cache: TCP_HIT
x-amz-id-2: jq77v2r9D6D3t+ZgfU9y0VTL9CwixdS4JXz+IapF55wgY8sudNsFbIioe2gibqpmP95+Yg/4AhQ=
x-amz-request-id: 9NT1760M4JN4AYSP
x-azure-ref-originshield: 0wjGbYAAAAAAxy9rgXVPTRb1hqfwx/x40TE9OMjFFREdFMTUwNgA4NGU3ZGZhMi0xNDQyLTQzMzQtYjM0Zi1lNDJkM2Y3ZGRhZDk=
x-azure-ref: 0sDibYAAAAAB4Kf4XT6wbRYJZmWjh/G3ORlJBRURHRTEwMjAAODRlN2RmYTItMTQ0Mi00MzM0LWIzNGYtZTQyZDNmN2RkYWQ5
date: Wed, 12 May 2021 02:08:48 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 647F 52 KB
17 KB 76ms
45ms Document
text/html 151.101.13.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://pastebin.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://pastebin.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Mon, 03 May 2021 04:58:05 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Wed, 12 May 2021 02:08:48 GMT
Age: 76227
X-Served-By: cache-lga21963-LGA, cache-fra19158-FRA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 497671
X-Timer: S1620785329.710198,VS0,VE0
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame D012 52 KB
17 KB 107ms
11ms Document
text/html 151.101.13.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://pastebin.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://pastebin.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Mon, 03 May 2021 04:58:05 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Wed, 12 May 2021 02:08:48 GMT
Age: 76227
X-Served-By: cache-lga21963-LGA, cache-fra19142-FRA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 504943
X-Timer: S1620785329.777615,VS0,VE0
Vary: Accept-Encoding

GET
H2 200 quantumdex Show response
sync.quantumdex.io/usersync/ Frame 9878 4 KB
1003 B 136ms
130ms Document
text/html 2606:4700:20::ac43:47f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.quantumdex.io/usersync/quantumdex
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ce0b0885121e67a4166bc1d1822dcfff84f89eb12e27f66244c0b3406d6cc73

Request headers

:method: GET
:authority: sync.quantumdex.io
:scheme: https
:path: /usersync/quantumdex
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://pastebin.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: uid=e3038676-1b4a-4763-8ff7-3e3cb9d61d7d
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://pastebin.com/

Response headers

date: Wed, 12 May 2021 02:08:48 GMT
content-type: text/html
set-cookie: uid=e3038676-1b4a-4763-8ff7-3e3cb9d61d7d; expires=Tue, 01 Jun 2021 02:08:48 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status: DYNAMIC
cf-request-id: 09ffee8a310000178a43bcf000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=E3XYryb9HsHoXpSo3glOdhdXWBQRDTbIlKlMGPP4VLvO0y3PS9%2BOVz9XTcSNf25uNe%2Bx7DlrLFwXyjiSRHME7jA6rl7g4Dc1Qysa9yO9bFvxtNoEpNVzA8ChfubVYiQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 64e019f04efa178a-FRA
content-encoding: br

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame C290 52 KB
17 KB 101ms
12ms Document
text/html 151.101.13.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://pastebin.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://pastebin.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Mon, 03 May 2021 04:58:05 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Wed, 12 May 2021 02:08:48 GMT
Age: 76227
X-Served-By: cache-lga21963-LGA, cache-fra19141-FRA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 509638
X-Timer: S1620785329.777421,VS0,VE0
Vary: Accept-Encoding

GET
H2 200 / Show response
spl.zeotap.com/ Frame 35F7 8 KB
2 KB 123ms
36ms Document
text/html 2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d5ec4d3cdd482b81846d4939a8f789a00d3042a74ac9efd538e81912458811d

Request headers

:method: GET
:authority: spl.zeotap.com
:scheme: https
:path: /?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://pastebin.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://pastebin.com/

Response headers

date: Wed, 12 May 2021 02:08:48 GMT
content-type: text/html
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://pastebin.com
set-cookie: zc=1ac10b06-7fd8-4ed7-42f7-ae520d1436a4; Path=/; Domain=.zeotap.com; Max-Age=31536000; SameSite=None; Secure zsc=%AF%F8bJ%85%F7%FAo%BF%8BH%CA%5D%FEz%FA%8D%F5Dv%9BUm%C2%0F%FBX%18%C22%8E%83%22%19g5%E8Vr%21%26%2B%83%CE.%97p%B9%F9%DB9%1FI5k%D4A%FE%FEM%A0%F9P%0E9%5D%DD%FD%92le%B0%8Cr%8D%CB%01_%A5%C0%DB%D7%C75H%AEl%FE%B5%09%E2k%AE%0C%5DL%C7az%E2%C6%F4C%C3%FBYC%9B%EC%F3%CE%D9%24%2B%1Dw%9A%81F%D0%BD%F0%00Uw+%18%2B6%40%B6%86%015%AB-%28%3EAj%E6%F6%60%14%93q%F4%80%B2%BFl%94%A7%C7B%9A%A6%BD%91%C9%B2%CD%AA%C3%C0%A9%3D%A7; Path=/; Domain=.zeotap.com; Max-Age=86400; SameSite=None; Secure
vary: Origin
via: 1.1 google
cf-cache-status: DYNAMIC
cf-request-id: 09ffee8a8800004e614e8f4000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 64e019f0da904e61-FRA
content-encoding: br

GET
H/1.1 200
OK Cookie set beacon Show response
ap.lijit.com/ Frame C63A 5 KB
2 KB 54ms
44ms Document
text/html 72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/beacon?gdpr_consent=&informer=13427529
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: 45d671e88facb8a7d1b4060a4d34ee1c488860605f8127c1c3d3c4e2210482d5

Request headers

Host: ap.lijit.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://pastebin.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ljtrtb=eJyrrgUAAXUA%2BQ%3D%3D; ljt_reader=dfcd2b4a1a4d93e58baf189a; ljtrtbexp=eJxd0DsSwCAIBNC7WKcQlM%2FmapncPdGxYcvnwAo8Tdotrj1DQvNq7tsCTCxr5agMqZZOpvY46QNdlgFErfhfkjJooqQ%2FkmbKSTYy59EESnnq50Kath11h0F5k%2Fonqo3qrez7fpLHT6c%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://pastebin.com/

Response headers

Server: nginx
Date: Wed, 12 May 2021 02:08:48 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Vary: Accept-Encoding
Expires: Fri, 20 Mar 2009 00:00:00 GMT
Set-Cookie: ljtrtbexp=eJxd0LsRwCAMA9BdqFNggz%2FKarnsnsDRWOXjjJB5mrRbXHuGhObVdFOAiUX36lEZUi2dTHFx4ga6LAOIOvGfJGVQhaQ3kjrlJBuZ86iBUp76%2BSFN2466w6C8Sfcnqo3mrez7fpJQT6c%3D;Path=/;Domain=.lijit.com;Expires=Thu, 12-May-2022 02:08:48 GMT;Max-Age=31536000;Secure;SameSite=None ljtrtb=eJyrrgUAAXUA%2BQ%3D%3D;Path=/;Domain=.lijit.com;Expires=Thu, 12-May-2022 02:08:48 GMT;Max-Age=31536000;Secure;SameSite=None ljt_reader=dfcd2b4a1a4d93e58baf189a;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
X-Powered-By: raptor
Content-Encoding: gzip
X-Sovrn-Pod: ad_ap1ams1

GET
H/1.1 200
OK Cookie set beacon Show response
ap.lijit.com/ Frame D70D 5 KB
2 KB 51ms
45ms Document
text/html 72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/beacon?gdpr_consent=&informer=13427529
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: 486bc077db1ffd782f8b1cd1d296e65f08d66e753ffaa465f6e626c3d9a50cb3

Request headers

Host: ap.lijit.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://pastebin.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ljtrtb=eJyrrgUAAXUA%2BQ%3D%3D; ljt_reader=dfcd2b4a1a4d93e58baf189a; ljtrtbexp=eJxd0DsSwCAIBNC7WKcQlM%2FmapncPdGxYcvnwAo8Tdotrj1DQvNq7tsCTCxr5agMqZZOpvY46QNdlgFErfhfkjJooqQ%2FkmbKSTYy59EESnnq50Kath11h0F5k%2Fonqo3qrez7fpLHT6c%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://pastebin.com/

Response headers

Server: nginx
Date: Wed, 12 May 2021 02:08:48 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Vary: Accept-Encoding
Expires: Fri, 20 Mar 2009 00:00:00 GMT
Set-Cookie: ljtrtbexp=eJxlkDsSgDAIRO%2BS2iIQfuvVHO%2FumLFhLR%2BEx5JryDgldFZKah1DNwpgeDGi8%2BqY0lkm9b%2FxhSm7T3oA%2BasUOSlC0Y6iTGXETkw%2B5XlKpPH9kJZvzn7TIp%2BRz9DZ6b23e%2B8HkTBPpw%3D%3D;Path=/;Domain=.lijit.com;Expires=Thu, 12-May-2022 02:08:48 GMT;Max-Age=31536000;Secure;SameSite=None ljt_reader=dfcd2b4a1a4d93e58baf189a;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None ljtrtb=eJyrrgUAAXUA%2BQ%3D%3D;Path=/;Domain=.lijit.com;Expires=Thu, 12-May-2022 02:08:48 GMT;Max-Age=31536000;Secure;SameSite=None
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
X-Powered-By: raptor
Content-Encoding: gzip
X-Sovrn-Pod: ad_ap1ams1

GET
H2 200 sync.html Show response
public.servenobid.com/ Frame 59FC 5 KB
2 KB 43ms
41ms Document
text/html 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://public.servenobid.com/sync.html?gdpr=1&gdpr_consent=
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6727659e91c28aa3b1cf831d90512144017d648b83bf100b9768a4596a970b31

Request headers

:method: GET
:authority: public.servenobid.com
:scheme: https
:path: /sync.html?gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://pastebin.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://pastebin.com/

Response headers

cache-control: max-age=86400
content-type: text/html
content-encoding: br
last-modified: Sat, 08 May 2021 00:21:18 GMT
accept-ranges: bytes
etag: "35ccbcf29835ff250ea489f183e659fe"
server: AmazonS3
x-cache: TCP_HIT
x-amz-id-2: jq77v2r9D6D3t+ZgfU9y0VTL9CwixdS4JXz+IapF55wgY8sudNsFbIioe2gibqpmP95+Yg/4AhQ=
x-amz-request-id: 9NT1760M4JN4AYSP
x-azure-ref-originshield: 0wjGbYAAAAAAxy9rgXVPTRb1hqfwx/x40TE9OMjFFREdFMTUwNgA4NGU3ZGZhMi0xNDQyLTQzMzQtYjM0Zi1lNDJkM2Y3ZGRhZDk=
x-azure-ref: 0sDibYAAAAACYKjgKVzaITKjLpNM9JbV6RlJBRURHRTEwMjAAODRlN2RmYTItMTQ0Mi00MzM0LWIzNGYtZTQyZDNmN2RkYWQ5
date: Wed, 12 May 2021 02:08:48 GMT

GET
H2 200 / Show response
spl.zeotap.com/ Frame F919 8 KB
2 KB 93ms
28ms Document
text/html 2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1937562c26990421576392465d79e22dc9b0ec19d189e38df84d6629b038da43

Request headers

:method: GET
:authority: spl.zeotap.com
:scheme: https
:path: /?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://pastebin.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://pastebin.com/

Response headers

date: Wed, 12 May 2021 02:08:48 GMT
content-type: text/html
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://pastebin.com
set-cookie: zc=ca71abdf-04b4-4e8c-56aa-cfdd44879a8e; Path=/; Domain=.zeotap.com; Max-Age=31536000; SameSite=None; Secure zsc=%C4%5B%D1%0Eu%83%84%CC%0F%3C%E2%FF%08%3EW%2Fu.%BDap%8DJ%A1l%D8A%DF%D0G~%1BR%BCcO%FCA%88%2BU%8E%D2%D4%E3%BF%9B%2C%F6%2F%C1%BFl%16%9Ai%FE%0D2%F5_%13rY%EC%B7B%89I%F2%FAj%0F%27%B68%02%17%FF%13%60~1%913%EF%ECR%C4%AB%5E%2C%A1%08T%00%90%AEE%8B%B3d%1D%D3%22%ACd%D5%05%7D%C9%D3%14%E5%01%FEa%B7%B7%D9dR%868%B5%DCyj%5DU%DF%C3%A27%40%97%AE%E3%BF%AF%0D1%CDH%87%DB%CA%13%CAe%07z%2B%E2%7Co%28%26%84%9F1%DC%86n%FC%C6%C9%AC; Path=/; Domain=.zeotap.com; Max-Age=86400; SameSite=None; Secure
vary: Origin
via: 1.1 google
cf-cache-status: DYNAMIC
cf-request-id: 09ffee8a8800004e611fb9b000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 64e019f0da924e61-FRA
content-encoding: br

GET
H2

200

um
u-ams02.e-planning.net/
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3c01f1a5a54da346%26fi%3Dc8b7770695c379e0%26uid%3D%24UID
https://u-ams02.e-planning.net/um?dc=3c01f1a5a54da346&fi=c8b7770695c379e0&uid=dfcd2b4a1a4d93e58baf189a

42 B
104 B

7201ms
25ms

Image
image/gif

5.178.65.246
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-ams02.e-planning.net/um?dc=3c01f1a5a54da346&fi=c8b7770695c379e0&uid=dfcd2b4a1a4d93e58baf189a
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.178.65.246 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:56 GMT
server: openresty
content-type: image/gif

Redirect headers

Date: Wed, 12 May 2021 02:08:48 GMT
Server: nginx
Location: https://u-ams02.e-planning.net/um?dc=3c01f1a5a54da346&fi=c8b7770695c379e0&uid=dfcd2b4a1a4d93e58baf189a
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2

200

um
u-ams02.e-planning.net/
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3c01f1a5a54da346%26fi%3D5c7964b1f9d199ce%26uid%3D%24UID
https://u-ams02.e-planning.net/um?dc=3c01f1a5a54da346&fi=5c7964b1f9d199ce&uid=dfcd2b4a1a4d93e58baf189a

42 B
103 B

7135ms
25ms

Image
image/gif

5.178.65.246
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-ams02.e-planning.net/um?dc=3c01f1a5a54da346&fi=5c7964b1f9d199ce&uid=dfcd2b4a1a4d93e58baf189a
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.178.65.246 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:56 GMT
server: openresty
content-type: image/gif

Redirect headers

Date: Wed, 12 May 2021 02:08:48 GMT
Server: nginx
Location: https://u-ams02.e-planning.net/um?dc=3c01f1a5a54da346&fi=5c7964b1f9d199ce&uid=dfcd2b4a1a4d93e58baf189a
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2

200

um
u-ams02.e-planning.net/
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3c01f1a5a54da346%26fi%3Ded7cf83d6b43b889%26uid%3D%24UID
https://u-ams02.e-planning.net/um?dc=3c01f1a5a54da346&fi=ed7cf83d6b43b889&uid=dfcd2b4a1a4d93e58baf189a

42 B
103 B

7137ms
26ms

Image
image/gif

5.178.65.246
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-ams02.e-planning.net/um?dc=3c01f1a5a54da346&fi=ed7cf83d6b43b889&uid=dfcd2b4a1a4d93e58baf189a
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.178.65.246 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:56 GMT
server: openresty
content-type: image/gif

Redirect headers

Date: Wed, 12 May 2021 02:08:48 GMT
Server: nginx
Location: https://u-ams02.e-planning.net/um?dc=3c01f1a5a54da346&fi=ed7cf83d6b43b889&uid=dfcd2b4a1a4d93e58baf189a
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2

200

sync
ads.servenobid.com/
Redirect Chain

https://sync.1rx.io/usersync2/eplanning
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5374663014
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5374663014
https://sync.1rx.io/usersync/tradedesk/20cb7bc9-a44b-4632-bad6-7f9939c54c11
https://sync.targeting.unrulymedia.com/csync/RX-0f1f7a4a-cfb6-4fe4-bba8-0fd07882d060-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26cbimg%3D8955%26uid%3DRX-0f1f7a4a-cfb6-4fe4-bba8-...
https://ads.servenobid.com/sync?pid=321&cbimg=8955&uid=RX-0f1f7a4a-cfb6-4fe4-bba8-0fd07882d060-003

0
303 B

86ms
29ms

Image
image/avif

52.48.100.152
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=321&cbimg=8955&uid=RX-0f1f7a4a-cfb6-4fe4-bba8-0fd07882d060-003
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.100.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-100-152.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 12 May 2021 02:09:02 GMT
access-control-allow-credentials: true
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
content-length: 0
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin

Redirect headers

location: https://ads.servenobid.com/sync?pid=321&cbimg=8955&uid=RX-0f1f7a4a-cfb6-4fe4-bba8-0fd07882d060-003
date: Wed, 12 May 2021 02:09:01 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX0f1f7a4acfb64fe4bba80fd07882d060003
content-type: text/html

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame EBB8
Redirect Chain

https://p.rfihub.com/cm?in=1&pub=1827&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=10&3pid=1871878969969599729

43 B
1 KB

1123ms
16ms

Image
image/gif

216.52.2.30
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=10&3pid=1871878969969599729
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?gdpr_consent=&informer=13427529
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 02:08:50 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap6ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location: https://ce.lijit.com/merge?pid=10&3pid=1871878969969599729
Date: Wed, 12 May 2021 02:08:48 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 204
No Content sync.php
pixel-eu.rubiconproject.com/exchange/ Frame EBB8 0
239 B 158ms
14ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?gdpr_consent=&informer=13427529
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Content-Type: image/gif

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame EBB8
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=16&3pid=no-consent&gdpr=1&gdpr_consent=

43 B
1 KB

1152ms
15ms

Image
image/gif

216.52.2.30
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=16&3pid=no-consent&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?gdpr_consent=&informer=13427529
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 02:08:50 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap6ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:48 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://ce.lijit.com/merge?pid=16&3pid=no-consent&gdpr=1&gdpr_consent=
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H/1.1 204
No Content sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame EBB8 0
239 B 415ms
99ms Image
image/gif 8.43.72.97
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?gdpr_consent=&informer=13427529
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: ab995a74221271a8dc253760ec78ee1d
Content-Type: image/gif

GET
H2 200 generic
data.adsrvr.org/track/cmf/ Frame EBB8 70 B
265 B 209ms
27ms Image
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?gdpr_consent=&informer=13427529
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:48 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 sync
x.bidswitch.net/ Frame EBB8 43 B
145 B 156ms
7ms Image
image/gif 52.57.47.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=fmx&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?gdpr_consent=&informer=13427529
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.47.211 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-47-211.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:48 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame EBB8
Redirect Chain

https://pixel.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=43&gdpr=1&gdpr_consent=&us_privacy=&3pid=f0Dl23pIvolkFLncfkPx3yhH5I9kRuqNLBZ9H2P9

43 B
1 KB

1107ms
14ms

Image
image/gif

216.52.2.30
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=43&gdpr=1&gdpr_consent=&us_privacy=&3pid=f0Dl23pIvolkFLncfkPx3yhH5I9kRuqNLBZ9H2P9
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?gdpr_consent=&informer=13427529
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 02:08:50 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap6ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:48 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://ce.lijit.com/merge?pid=43&gdpr=1&gdpr_consent=&us_privacy=&3pid=f0Dl23pIvolkFLncfkPx3yhH5I9kRuqNLBZ9H2P9
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame EBB8
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=1&gdpr_consent=
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sovrn&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=87&3pid=a45e64a1-6c06-4f84-946e-49fdc5a36121

43 B
1 KB

1173ms
16ms

Image
image/gif

216.52.2.30
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=87&3pid=a45e64a1-6c06-4f84-946e-49fdc5a36121
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?gdpr_consent=&informer=13427529
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 02:08:50 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap6ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location: //ce.lijit.com/merge?pid=87&3pid=a45e64a1-6c06-4f84-946e-49fdc5a36121
Date: Wed, 12 May 2021 02:08:49 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2

204

no_match_opted_out
um.simpli.fi/ Frame EBB8
Redirect Chain

https://um.simpli.fi/lj_match?r=1620785328666&gdpr=1&gdpr_consent=
https://um.simpli.fi/no_match_opted_out

0
272 B

12ms
12ms

Image
text/plain

159.253.128.183
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/no_match_opted_out

Requested by

Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?gdpr_consent=&informer=13427529

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 12 May 2021 02:08:48 GMT
x-content-type-options: nosniff
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS

Redirect headers

date: Wed, 12 May 2021 02:08:48 GMT
x-content-type-options: nosniff
server: nginx
location: /no_match_opted_out
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Tue, 11 May 2021 02:08:48 GMT

GET
H/1.1 400
Request failed due to privacy signals getuid
secure.adnxs.com/ Frame EBB8 0
0 144ms
15ms Image
text/html 185.33.223.178
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D12%263pid%3D%24UID&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?gdpr_consent=&informer=13427529
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.33.223.178 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame EBB8
Redirect Chain

https://creativecdn.com/cm-notify?pi=sovrn&gdpr=1&gdpr_consent=
https://creativecdn.com/cm-notify?pi=sovrn&gdpr=1&gdpr_consent=&tc=1
https://ce.lijit.com/merge?pid=86&3pid=dNJNV81d9pAn6RTC9QDk&pi=sovrn&gdpr_consent=&gdpr=1&tc=1

43 B
1 KB

1172ms
16ms

Image
image/gif

216.52.2.30
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=86&3pid=dNJNV81d9pAn6RTC9QDk&pi=sovrn&gdpr_consent=&gdpr=1&tc=1
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?gdpr_consent=&informer=13427529
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 02:08:50 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap6ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location: https://ce.lijit.com/merge?pid=86&3pid=dNJNV81d9pAn6RTC9QDk&pi=sovrn&gdpr_consent=&gdpr=1&tc=1
pragma: no-cache
date: Wed, 12 May 2021 02:08:49 GMT, Wed, 12 May 2021 02:08:49 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET rtset
bh.contextweb.com/bh/ Frame EBB8 0
0

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame EBB8
Redirect Chain

https://aorta.clickagy.com/pixel.gif?ch=185&cm=dfcd2b4a1a4d93e58baf189a&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=84&3pid=c:2924306c0d996554e309867824bbf26b

43 B
1 KB

978ms
15ms

Image
image/gif

216.52.2.30
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=84&3pid=c:2924306c0d996554e309867824bbf26b
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?gdpr_consent=&informer=13427529
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 02:08:50 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap6ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Wed, 12 May 2021 02:08:49 GMT
server: Aorta/2.4.14-20210304.4cf0ca0
access-control-allow-origin
access-control-max-age: 31536000
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/plain
Location: https://ce.lijit.com/merge?pid=84&3pid=c:2924306c0d996554e309867824bbf26b
access-control-expose-headers: Set-Cookie
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
X-Aorta-Region: us-east-1
Connection: keep-alive
X-Aorta-Host: ip-10-42-16-145.ec2.internal
access-control-allow-headers: Origin,cache-control,content-type,man,messagetype,soapaction
Content-Length: 0

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame EBB8
Redirect Chain

https://ums.acuityplatform.com/tum?umid=27&uid=dfcd2b4a1a4d93e58baf189a&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=66&3pid=578067915925

43 B
1 KB

108ms
14ms

Image
image/gif

216.52.2.30
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=66&3pid=578067915925
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?gdpr_consent=&informer=13427529
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 02:08:55 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap6ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Access-Control-Allow-Origin: *
Content-Length: 0
Location: https://ce.lijit.com/merge?pid=66&3pid=578067915925

GET

pixel
cm.g.doubleclick.net/ Frame EBB8
Redirect Chain

https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=1&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=ZGZjZDJiNGExYTRkOTNlNThiYWYxODlh

0
0

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame EBB8
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=17&mt_exuid=dfcd2b4a1a4d93e58baf189a&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D3%263pid%3D%5BUUID%5D&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=3&3pid=93ce609b-38b1-4500-97af-85b0a122fbe3&gdpr=1&gdpr_consent=

43 B
1 KB

968ms
16ms

Image
image/gif

216.52.2.30
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=3&3pid=93ce609b-38b1-4500-97af-85b0a122fbe3&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?gdpr_consent=&informer=13427529
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 02:08:50 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap6ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Date: Wed, 12 May 2021 02:08:52 GMT
Server: MT3 3709 11aaa92 master zrh-pixel-x12
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ce.lijit.com/merge?pid=3&3pid=93ce609b-38b1-4500-97af-85b0a122fbe3&gdpr=1&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 12 May 2021 02:08:51 GMT

GET

pixel
cm.g.doubleclick.net/ Frame EBB8
Redirect Chain

https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=1&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=ZGZjZDJiNGExYTRkOTNlNThiYWYxODlh

0
0

GET
H/1.1

200
OK

iu3
aax-eu.amazon-adsystem.com/s/ Frame EBB8
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/x/ae12848777b41970a5f2?gdpr=1&gdpr_consent=
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=1&gdpr_consent=&dcc=t

0
0

4250ms
32ms

Image
text/html

52.95.116.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=1&gdpr_consent=&dcc=t
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?gdpr_consent=&informer=13427529
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.116.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Pragma: no-cache
Date: Wed, 12 May 2021 02:08:52 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=1&gdpr_consent=&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET svr
match.prod.bidr.io/cookie-sync/ Frame EBB8 0
0

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame EBB8
Redirect Chain

https://sync.1rx.io/usersync2/sovrn?gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=56&3pid=OPTOUT

43 B
3 KB

1380ms
15ms

Image
image/gif

216.52.2.30
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=56&3pid=OPTOUT
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?gdpr_consent=&informer=13427529
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 02:08:52 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap6ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:50 GMT
server: Tengine
etag: OPTOUT
content-type: text/html
location: https://ce.lijit.com/merge?pid=56&3pid=OPTOUT
cache-control: no-store, no-cache, must-revalidate
expires: 0

GET
H/1.1 200
OK user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 324E 8 KB
3 KB 144ms
10ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?gdpr_consent=&informer=13427529
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ap.lijit.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ap.lijit.com/

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:29 GMT
ETag: "1300708-1f78-5b232eb4914bb"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 2654
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=86955
Expires: Thu, 13 May 2021 02:18:03 GMT
Date: Wed, 12 May 2021 02:08:48 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 0608867b Show response
rtb.gumgum.com/usync/ Frame 959F 4 KB
2 KB 232ms
35ms Document
text/html 52.212.126.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?gdpr_consent=&informer=13427529
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.126.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-126-234.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 20bb8621aa920deeba706db4da039d76799cad695183caa28e3276e7c772de84

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ap.lijit.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ap.lijit.com/

Response headers

date: Wed, 12 May 2021 02:08:49 GMT
content-type: text/html;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
set-cookie: vst=e_984e4dc3-7ca4-4447-ad35-2874e729ffb8; Domain=.gumgum.com; Expires=Thu, 12-May-2022 02:08:49 GMT; Path=/; Secure; SameSite=None
etag: W/"0f4b8c5a5f2e6fe6bc35861c3692edc92"
timing-allow-origin: *
content-encoding: gzip

GET
H2

200

cm Show response
us-u.openx.net/w/1.0/ Frame 13EE
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_c...
https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&g...

776 B
778 B

26ms
14ms

Document
text/html

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?gdpr_consent=&informer=13427529
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.207.0 /
Resource Hash: fbb8121e416a7d046385b89926ea346aba498de4c479d000b6938dff806e1836

Request headers

:method: GET
:authority: us-u.openx.net
:scheme: https
:path: /w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ap.lijit.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=3c7fb0ce-77f1-050e-0804-f50aad0f12b6|1620785329
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ap.lijit.com/

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=3c7fb0ce-77f1-050e-0804-f50aad0f12b6|1620785329; Version=1; Expires=Thu, 12-May-2022 02:08:49 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1620785329|gekin0vNiygu; Version=1; Expires=Thu, 27-May-2021 02:08:49 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.207.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Wed, 12 May 2021 02:08:49 GMT
content-type: text/html
content-length: 478
content-encoding: gzip
via: 1.1 google
alt-svc: clear

Redirect headers

set-cookie: i=eed5b76e-38da-0605-34f9-1c96b27eb1f9|1620785329; Version=1; Expires=Thu, 12-May-2022 02:08:49 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.207.0
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
date: Wed, 12 May 2021 02:08:49 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

GET
H/1.1 200
OK user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame DA9F 8 KB
3 KB 82ms
12ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?gdpr_consent=&informer=13427529
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ap.lijit.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ap.lijit.com/

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:29 GMT
ETag: "1300708-1f78-5b232eb4914bb"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 2654
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=86955
Expires: Thu, 13 May 2021 02:18:03 GMT
Date: Wed, 12 May 2021 02:08:48 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1

200
OK

Cookie set merge Show response
ce.lijit.com/ Frame F039
Redirect Chain

https://d.turn.com/r/dd/id/L21rdC8xMjcvY2lkLzI4NTUyOTczL3QvMg/url/https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D1%263pid%3D%24!%7BTURN_UUID%7D&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=1&3pid=7821555926461107471&gdpr=1&gdpr_consent=

43 B
1 KB

1085ms
19ms

Document
image/gif

216.52.2.30
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ce.lijit.com/merge?pid=1&3pid=7821555926461107471&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?gdpr_consent=&informer=13427529
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Host: ce.lijit.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ap.lijit.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ljtrtb=eJyrrgUAAXUA%2BQ%3D%3D; ljt_reader=dfcd2b4a1a4d93e58baf189a; ljtrtbexp=eJxlkDsSgDAIRO%2BS2iIQfuvVHO%2FumLFhLR%2BEx5JryDgldFZKah1DNwpgeDGi8%2BqY0lkm9b%2FxhSm7T3oA%2BasUOSlC0Y6iTGXETkw%2B5XlKpPH9kJZvzn7TIp%2BRz9DZ6b23e%2B8HkTBPpw%3D%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ap.lijit.com/

Response headers

Server: nginx
Date: Wed, 12 May 2021 02:08:50 GMT
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT
Set-Cookie: _ljtrtb_1=7821555926461107471;Path=/;Domain=.lijit.com;Expires=Thu, 12-May-2022 02:08:50 GMT;Max-Age=31536000;Secure;SameSite=None ljtrtbexp=eJxlkDsSgDAIRO%2BS2iIQfuvVHO%2FumLFhLR%2BEx5JryDgldFZKah1DNwpgeDGi8%2BqY0lkm9b%2FxhSm7T3oA%2BasUOSlC0Y6iTGXETkw%2B5XlKpPH9kJZvzn7TIp%2BRz9DZ6b23e%2B8HkTBPpw%3D%3D;Path=/;Domain=.lijit.com;Expires=Thu, 12-May-2022 02:08:50 GMT;Max-Age=31536000;Secure;SameSite=None ljt_reader=dfcd2b4a1a4d93e58baf189a;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None ljtrtb=eJyrrgUAAXUA%2BQ%3D%3D;Path=/;Domain=.lijit.com;Expires=Thu, 12-May-2022 02:08:50 GMT;Max-Age=31536000;Secure;SameSite=None
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
X-Powered-By: raptor
X-Sovrn-Pod: ad_ap6ams1

Redirect headers

p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
pragma: no-cache
set-cookie: uid=7821555926461107471; Domain=.turn.com; Expires=Mon, 08-Nov-2021 02:08:48 GMT; Path=/; Secure; SameSite=None
location: https://ce.lijit.com/merge?pid=1&3pid=7821555926461107471&gdpr=1&gdpr_consent=
content-length: 0
date: Wed, 12 May 2021 02:08:48 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 693B
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=1&gdpr_consent=
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sovrn&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=87&3pid=a45e64a1-6c06-4f84-946e-49fdc5a36121

43 B
1 KB

1114ms
15ms

Image
image/gif

216.52.2.30
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=87&3pid=a45e64a1-6c06-4f84-946e-49fdc5a36121
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?gdpr_consent=&informer=13427529
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 02:08:50 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap6ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location: //ce.lijit.com/merge?pid=87&3pid=a45e64a1-6c06-4f84-946e-49fdc5a36121
Date: Wed, 12 May 2021 02:08:49 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H/1.1 400
Request failed due to privacy signals getuid
secure.adnxs.com/ Frame 693B 0
0 145ms
31ms Image
text/html 185.33.223.178
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D12%263pid%3D%24UID&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?gdpr_consent=&informer=13427529
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.33.223.178 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 693B
Redirect Chain

https://aorta.clickagy.com/pixel.gif?ch=185&cm=dfcd2b4a1a4d93e58baf189a&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=84&3pid=c:2924306c0d996554e309867824bbf26b

43 B
1 KB

1090ms
15ms

Image
image/gif

216.52.2.30
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=84&3pid=c:2924306c0d996554e309867824bbf26b
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?gdpr_consent=&informer=13427529
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 02:08:50 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap6ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Wed, 12 May 2021 02:08:49 GMT
server: Aorta/2.4.14-20210429.952e270
access-control-allow-origin
access-control-max-age: 31536000
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/plain
Location: https://ce.lijit.com/merge?pid=84&3pid=c:2924306c0d996554e309867824bbf26b
access-control-expose-headers: Set-Cookie
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
X-Aorta-Region: us-east-1
Connection: keep-alive
X-Aorta-Host: ip-10-42-20-119.ec2.internal
access-control-allow-headers: Origin,cache-control,content-type,man,messagetype,soapaction
Content-Length: 0

GET

pixel
cm.g.doubleclick.net/ Frame 693B
Redirect Chain

https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=1&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=ZGZjZDJiNGExYTRkOTNlNThiYWYxODlh

0
0

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 693B
Redirect Chain

https://match.prod.bidr.io/cookie-sync/svr?gdpr=1&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/svr?gdpr=1&gdpr_consent=&_bee_ppp=1
https://ce.lijit.com/merge?pid=85&3pid=AAHc0U7BNnEAACtmSG3f2A&gdpr=1

43 B
1 KB

1203ms
14ms

Image
image/gif

216.52.2.30
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=85&3pid=AAHc0U7BNnEAACtmSG3f2A&gdpr=1
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?gdpr_consent=&informer=13427529
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 02:08:50 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap6ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location: https://ce.lijit.com/merge?pid=85&3pid=AAHc0U7BNnEAACtmSG3f2A&gdpr=1
Date: Wed, 12 May 2021 02:08:49 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

GET
H2 200 generic
data.adsrvr.org/track/cmf/ Frame 693B 70 B
264 B 192ms
27ms Image
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?gdpr_consent=&informer=13427529
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:48 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 sync
x.bidswitch.net/ Frame 693B 43 B
146 B 139ms
6ms Image
image/gif 52.57.47.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=fmx&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?gdpr_consent=&informer=13427529
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.47.211 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-47-211.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:48 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 693B
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=16&3pid=no-consent&gdpr=1&gdpr_consent=

43 B
1 KB

1136ms
14ms

Image
image/gif

216.52.2.30
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=16&3pid=no-consent&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?gdpr_consent=&informer=13427529
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 02:08:50 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap6ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:48 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://ce.lijit.com/merge?pid=16&3pid=no-consent&gdpr=1&gdpr_consent=
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 693B
Redirect Chain

https://ums.acuityplatform.com/tum?umid=27&uid=dfcd2b4a1a4d93e58baf189a&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=66&3pid=578067915925

43 B
1 KB

113ms
17ms

Image
image/gif

216.52.2.30
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=66&3pid=578067915925
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?gdpr_consent=&informer=13427529
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 02:08:55 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap6ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Access-Control-Allow-Origin: *
Content-Length: 0
Location: https://ce.lijit.com/merge?pid=66&3pid=578067915925

GET
H2

204

no_match_opted_out
um.simpli.fi/ Frame 693B
Redirect Chain

https://um.simpli.fi/lj_match?r=1620785328652&gdpr=1&gdpr_consent=
https://um.simpli.fi/no_match_opted_out

0
272 B

12ms
12ms

Image
text/plain

159.253.128.183
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/no_match_opted_out

Requested by

Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?gdpr_consent=&informer=13427529

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 12 May 2021 02:08:48 GMT
x-content-type-options: nosniff
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS

Redirect headers

date: Wed, 12 May 2021 02:08:48 GMT
x-content-type-options: nosniff
server: nginx
location: /no_match_opted_out
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Tue, 11 May 2021 02:08:48 GMT

GET

pixel
cm.g.doubleclick.net/ Frame 693B
Redirect Chain

https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=1&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=ZGZjZDJiNGExYTRkOTNlNThiYWYxODlh

0
0

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 693B
Redirect Chain

https://creativecdn.com/cm-notify?pi=sovrn&gdpr=1&gdpr_consent=
https://creativecdn.com/cm-notify?pi=sovrn&gdpr=1&gdpr_consent=&tc=1
https://ce.lijit.com/merge?pid=86&3pid=dNJNV81d9pAn6RTC9QDk&pi=sovrn&gdpr_consent=&gdpr=1&tc=1

43 B
1 KB

1175ms
15ms

Image
image/gif

216.52.2.30
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=86&3pid=dNJNV81d9pAn6RTC9QDk&pi=sovrn&gdpr_consent=&gdpr=1&tc=1
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?gdpr_consent=&informer=13427529
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 02:08:50 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap6ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location: https://ce.lijit.com/merge?pid=86&3pid=dNJNV81d9pAn6RTC9QDk&pi=sovrn&gdpr_consent=&gdpr=1&tc=1
pragma: no-cache
date: Wed, 12 May 2021 02:08:49 GMT, Wed, 12 May 2021 02:08:49 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 693B
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=17&mt_exuid=dfcd2b4a1a4d93e58baf189a&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D3%263pid%3D%5BUUID%5D&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=3&3pid=2b09609b-38b0-4700-bdc3-fd731a8862b1&gdpr=1&gdpr_consent=

43 B
1 KB

983ms
15ms

Image
image/gif

216.52.2.30
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=3&3pid=2b09609b-38b0-4700-bdc3-fd731a8862b1&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?gdpr_consent=&informer=13427529
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 02:08:50 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap6ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Date: Wed, 12 May 2021 02:08:52 GMT
Server: MT3 3709 11aaa92 master zrh-pixel-x30
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ce.lijit.com/merge?pid=3&3pid=2b09609b-38b0-4700-bdc3-fd731a8862b1&gdpr=1&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 12 May 2021 02:08:51 GMT

GET
H/1.1

200
OK

iu3
aax-eu.amazon-adsystem.com/s/ Frame 693B
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/x/ae12848777b41970a5f2?gdpr=1&gdpr_consent=
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=1&gdpr_consent=&dcc=t

0
0

3273ms
29ms

Image
text/html

52.95.116.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=1&gdpr_consent=&dcc=t
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?gdpr_consent=&informer=13427529
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.116.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Pragma: no-cache
Date: Wed, 12 May 2021 02:08:52 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=1&gdpr_consent=&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 p-CXt61zNBpKUt1.gif
pixel.quantserve.com/pixel/ Frame 693B 35 B
210 B 19ms
8ms Image
image/gif 2620:116:800d:21:36a9:ecb:e518:b308
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=1&gdpr_consent=

Requested by

Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?gdpr_consent=&informer=13427529

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:49 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET rtset
bh.contextweb.com/bh/ Frame 693B 0
0

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 693B
Redirect Chain

https://sync.1rx.io/usersync2/sovrn?gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=56&3pid=OPTOUT

43 B
3 KB

1365ms
17ms

Image
image/gif

216.52.2.30
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=56&3pid=OPTOUT
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?gdpr_consent=&informer=13427529
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 02:08:52 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap6ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:50 GMT
server: Tengine
etag: OPTOUT
content-type: text/html
location: https://ce.lijit.com/merge?pid=56&3pid=OPTOUT
cache-control: no-store, no-cache, must-revalidate
expires: 0

GET cm
p.rfihub.com/ Frame 693B 0
0

GET
H/1.1 204
No Content sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 693B 0
239 B 7844ms
100ms Image
image/gif 8.43.72.97
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?gdpr_consent=&informer=13427529
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: ab995a74221271a8dc253760ec78ee1d
Content-Type: image/gif

GET
H/1.1 204
No Content sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 693B 0
239 B 202ms
7ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?gdpr_consent=&informer=13427529
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Content-Type: image/gif

GET
H2

200

cm Show response
us-u.openx.net/w/1.0/ Frame 8B8F
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_c...
https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&g...

776 B
778 B

39ms
18ms

Document
text/html

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?gdpr_consent=&informer=13427529
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.207.0 /
Resource Hash: fbb8121e416a7d046385b89926ea346aba498de4c479d000b6938dff806e1836

Request headers

:method: GET
:authority: us-u.openx.net
:scheme: https
:path: /w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ap.lijit.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=3c7fb0ce-77f1-050e-0804-f50aad0f12b6|1620785329
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ap.lijit.com/

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=3c7fb0ce-77f1-050e-0804-f50aad0f12b6|1620785329; Version=1; Expires=Thu, 12-May-2022 02:08:49 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1620785329|gekin0vNiygu; Version=1; Expires=Thu, 27-May-2021 02:08:49 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.207.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Wed, 12 May 2021 02:08:49 GMT
content-type: text/html
content-length: 478
content-encoding: gzip
via: 1.1 google
alt-svc: clear

Redirect headers

set-cookie: i=3c7fb0ce-77f1-050e-0804-f50aad0f12b6|1620785329; Version=1; Expires=Thu, 12-May-2022 02:08:49 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.207.0
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
date: Wed, 12 May 2021 02:08:49 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

GET
H2 200 0608867b Show response
rtb.gumgum.com/usync/ Frame 491B 4 KB
2 KB 226ms
35ms Document
text/html 52.212.126.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?gdpr_consent=&informer=13427529
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.126.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-126-234.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: c73e0bbf11047aba41298c8ada882fb800cc71d9ebe70b91be4f30c0cd03c4fc

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ap.lijit.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ap.lijit.com/

Response headers

date: Wed, 12 May 2021 02:08:49 GMT
content-type: text/html;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
set-cookie: vst=e_a99fda19-65e2-4122-9ec4-16d94cc68bb9; Domain=.gumgum.com; Expires=Thu, 12-May-2022 02:08:49 GMT; Path=/; Secure; SameSite=None
etag: W/"0ff2206d6cdae830058696f5946869ba7"
timing-allow-origin: *
content-encoding: gzip

GET
H/1.1 200
OK user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 0001 8 KB
3 KB 112ms
9ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?gdpr_consent=&informer=13427529
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ap.lijit.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ap.lijit.com/

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:29 GMT
ETag: "1300708-1f78-5b232eb4914bb"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 2654
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=86955
Expires: Thu, 13 May 2021 02:18:03 GMT
Date: Wed, 12 May 2021 02:08:48 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1

200
OK

Cookie set merge Show response
ce.lijit.com/ Frame 6ABD
Redirect Chain

https://d.turn.com/r/dd/id/L21rdC8xMjcvY2lkLzI4NTUyOTczL3QvMg/url/https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D1%263pid%3D%24!%7BTURN_UUID%7D&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=1&3pid=3786330660337143055&gdpr=1&gdpr_consent=

43 B
1 KB

1072ms
16ms

Document
image/gif

216.52.2.30
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ce.lijit.com/merge?pid=1&3pid=3786330660337143055&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?gdpr_consent=&informer=13427529
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Host: ce.lijit.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ap.lijit.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ljtrtb=eJyrrgUAAXUA%2BQ%3D%3D; ljt_reader=dfcd2b4a1a4d93e58baf189a; ljtrtbexp=eJxlkDsSgDAIRO%2BS2iIQfuvVHO%2FumLFhLR%2BEx5JryDgldFZKah1DNwpgeDGi8%2BqY0lkm9b%2FxhSm7T3oA%2BasUOSlC0Y6iTGXETkw%2B5XlKpPH9kJZvzn7TIp%2BRz9DZ6b23e%2B8HkTBPpw%3D%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ap.lijit.com/

Response headers

Server: nginx
Date: Wed, 12 May 2021 02:08:50 GMT
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT
Set-Cookie: _ljtrtb_1=3786330660337143055;Path=/;Domain=.lijit.com;Expires=Thu, 12-May-2022 02:08:50 GMT;Max-Age=31536000;Secure;SameSite=None ljtrtb=eJyrrgUAAXUA%2BQ%3D%3D;Path=/;Domain=.lijit.com;Expires=Thu, 12-May-2022 02:08:50 GMT;Max-Age=31536000;Secure;SameSite=None ljt_reader=dfcd2b4a1a4d93e58baf189a;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None ljtrtbexp=eJxlkDsSgDAIRO%2BS2iIQfuvVHO%2FumLFhLR%2BEx5JryDgldFZKah1DNwpgeDGi8%2BqY0lkm9b%2FxhSm7T3oA%2BasUOSlC0Y6iTGXETkw%2B5XlKpPH9kJZvzn7TIp%2BRz9DZ6b23e%2B8HkTBPpw%3D%3D;Path=/;Domain=.lijit.com;Expires=Thu, 12-May-2022 02:08:50 GMT;Max-Age=31536000;Secure;SameSite=None
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
X-Powered-By: raptor
X-Sovrn-Pod: ad_ap6ams1

Redirect headers

p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
pragma: no-cache
set-cookie: uid=3786330660337143055; Domain=.turn.com; Expires=Mon, 08-Nov-2021 02:08:48 GMT; Path=/; Secure; SameSite=None
location: https://ce.lijit.com/merge?pid=1&3pid=3786330660337143055&gdpr=1&gdpr_consent=
content-length: 0
date: Wed, 12 May 2021 02:08:48 GMT

GET
H/1.1 200
OK user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 17A7 8 KB
3 KB 118ms
11ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?gdpr_consent=&informer=13427529
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ap.lijit.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ap.lijit.com/

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:29 GMT
ETag: "1300708-1f78-5b232eb4914bb"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 2654
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=86955
Expires: Thu, 13 May 2021 02:18:03 GMT
Date: Wed, 12 May 2021 02:08:48 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H3-29 200 vi-logo.svg
assets.vlitag.com/media/icon/ 11 KB
3 KB 114ms
26ms Image
image/svg+xml 2606:4700:20::681a:fee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.vlitag.com/media/icon/vi-logo.svg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24a104ef6529cb9bbceaeca4e037ecf14d40db5207009ac23e8224703fa11bb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2488004
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09ffee8b1000004d8409a17000000001
x-robots-tag: noindex, nofollow
last-modified: Fri, 01 Nov 2019 05:04:49 GMT
server: cloudflare
etag: W/"5dbbbcf1-2c34"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ik1qbgZ80mu4RjXnAgzgoENT4ySeygR4f4mpSDsuXPA9YEThMtZA8zfM%2F5AWVI3WDH2VIuAaXW4tf%2F1YAAixNqGonjwEHP9zs7Fm%2Br3JVttJKoDU5vT3gxFQ4gIutQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
x-xss-protection: 1; mode=block
cache-control: max-age=16070400
cf-ray: 64e019f1bc314d84-FRA

GET
H2 200 13926 Show response
g2.gumgum.com/usync/ Frame 2B34 4 KB
2 KB 129ms
32ms Document
text/html 52.212.126.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/usync/13926?gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D9520%26uid%3D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.126.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-126-234.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: f6baaca5d1451e3008fc67db6798e2adfd6ef84bab2beccb4a11373d9d6392cc

Request headers

:method: GET
:authority: g2.gumgum.com
:scheme: https
:path: /usync/13926?gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D9520%26uid%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://public.servenobid.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://public.servenobid.com/

Response headers

date: Wed, 12 May 2021 02:08:48 GMT
content-type: text/html;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
set-cookie: vst=e_5172e14e-ae18-4ef2-8457-362412b70432; Domain=.gumgum.com; Expires=Thu, 12-May-2022 02:08:48 GMT; Path=/; Secure; SameSite=None
etag: W/"018e1facb3d009394b4e2697b79ab05f9"
timing-allow-origin: *
content-encoding: gzip

GET ps
pixel.33across.com/ Frame 7699 0
0

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 1E38 2 KB
818 B 1304ms
10ms Document
text/html 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=1&gdpr_consent=&us_privacy=1---&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26cd%3D3919%26uid%3D

Requested by

Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?gdpr=1&gdpr_consent=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?pubId=694e68b73971b58&gdpr=1&gdpr_consent=&us_privacy=1---&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26cd%3D3919%26uid%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://public.servenobid.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://public.servenobid.com/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
strict-transport-security: max-age=15552000

GET sync
ssbsync.smartadserver.com/api/ Frame D8B9 0
0

GET getuid
ib.adnxs.com/ Frame 1BCF 0
0

GET
H2

200

sync
ads.servenobid.com/ Frame 1BCF
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26cbimg%3D5534%26uid%3D%24UID
https://ads.servenobid.com/sync?pid=310&cbimg=5534&uid=dfcd2b4a1a4d93e58baf189a

0
290 B

1617ms
30ms

Image
image/avif

52.48.100.152
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=310&cbimg=5534&uid=dfcd2b4a1a4d93e58baf189a
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.100.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-100-152.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 12 May 2021 02:08:50 GMT
access-control-allow-credentials: true
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
content-length: 0
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin

Redirect headers

Date: Wed, 12 May 2021 02:08:48 GMT
Server: nginx
Location: https://ads.servenobid.com/sync?pid=310&cbimg=5534&uid=dfcd2b4a1a4d93e58baf189a
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2

200

sync
ads.servenobid.com/ Frame 1BCF
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26cbimg%3D10758%26uid%3D%5BRX_UUID%5D
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7930618929
https://sync.1rx.io/usersync/tradedesk/20cb7bc9-a44b-4632-bad6-7f9939c54c11
https://sync.targeting.unrulymedia.com/csync/RX-0f1f7a4a-cfb6-4fe4-bba8-0fd07882d060-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26cbimg%3D8955%26uid%3DRX-0f1f7a4a-cfb6-4fe4-bba8-...
https://ads.servenobid.com/sync?pid=321&cbimg=8955&uid=RX-0f1f7a4a-cfb6-4fe4-bba8-0fd07882d060-003

0
303 B

85ms
29ms

Image
image/avif

52.48.100.152
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=321&cbimg=8955&uid=RX-0f1f7a4a-cfb6-4fe4-bba8-0fd07882d060-003
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.100.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-100-152.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 12 May 2021 02:09:02 GMT
access-control-allow-credentials: true
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
content-length: 0
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin

Redirect headers

location: https://ads.servenobid.com/sync?pid=321&cbimg=8955&uid=RX-0f1f7a4a-cfb6-4fe4-bba8-0fd07882d060-003
date: Wed, 12 May 2021 02:09:01 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX0f1f7a4acfb64fe4bba80fd07882d060003
content-type: text/html

GET
H2

200

sync
ads.servenobid.com/ Frame 1BCF
Redirect Chain

https://jadserve.postrelease.com/suid/101954?ntv_r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D322%26cbimg%3D10484%26uid%3DNTV_USER_ID
https://ads.servenobid.com/sync?pid=322&cbimg=10484&uid=e1c6f786-d2aa-4800-aafe-1ac66c9cf3d8

0
297 B

1207ms
30ms

Image
image/avif

52.48.100.152
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=322&cbimg=10484&uid=e1c6f786-d2aa-4800-aafe-1ac66c9cf3d8
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.100.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-100-152.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 12 May 2021 02:08:50 GMT
access-control-allow-credentials: true
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
content-length: 0
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin

Redirect headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:49 GMT
server: nginx/1.12.1
location: https://ads.servenobid.com/sync?pid=322&cbimg=10484&uid=e1c6f786-d2aa-4800-aafe-1ac66c9cf3d8
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2

200

sync
ads.servenobid.com/ Frame 1BCF
Redirect Chain

https://cs.admanmedia.com/sync/durationmedia?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D328%26cbimg%3D10318%26uid%3D%7B%24UID%7D
https://ads.servenobid.com/sync?pid=328&cbimg=10318&uid=c816c8a806fd607822340223744edcdd546f47bf

0
301 B

101ms
30ms

Image
image/avif

52.48.100.152
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=328&cbimg=10318&uid=c816c8a806fd607822340223744edcdd546f47bf
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.100.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-100-152.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 12 May 2021 02:08:50 GMT
access-control-allow-credentials: true
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
content-length: 0
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin

Redirect headers

Location: https://ads.servenobid.com/sync?pid=328&cbimg=10318&uid=c816c8a806fd607822340223744edcdd546f47bf
Date: Wed, 12 May 2021 02:08:50 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked

GET
H2 200 13926 Show response
g2.gumgum.com/usync/ Frame E6AD 4 KB
2 KB 106ms
32ms Document
text/html 52.212.126.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/usync/13926?gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D2221%26uid%3D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.126.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-126-234.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: a99feb392c3a4053e2dc3401641f123b2fef404b9fddc31a0f1d14085868d0ec

Request headers

:method: GET
:authority: g2.gumgum.com
:scheme: https
:path: /usync/13926?gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D2221%26uid%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://public.servenobid.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://public.servenobid.com/

Response headers

date: Wed, 12 May 2021 02:08:48 GMT
content-type: text/html;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
set-cookie: vst=e_5271eafe-9da0-481e-acb8-a3591dc9efb2; Domain=.gumgum.com; Expires=Thu, 12-May-2022 02:08:48 GMT; Path=/; Secure; SameSite=None
etag: W/"0f585f2b244560a354b766f11797e9139"
timing-allow-origin: *
content-encoding: gzip

GET ps
pixel.33across.com/ Frame 784F 0
0

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 720A 2 KB
818 B 1290ms
9ms Document
text/html 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=1&gdpr_consent=&us_privacy=1---&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26cd%3D8539%26uid%3D

Requested by

Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?gdpr=1&gdpr_consent=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?pubId=694e68b73971b58&gdpr=1&gdpr_consent=&us_privacy=1---&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26cd%3D8539%26uid%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://public.servenobid.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://public.servenobid.com/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
strict-transport-security: max-age=15552000

GET sync
ssbsync.smartadserver.com/api/ Frame 0139 0
0

GET getuid
ib.adnxs.com/ Frame ABDE 0
0

GET
H2

200

sync
ads.servenobid.com/ Frame ABDE
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26cbimg%3D1960%26uid%3D%24UID
https://ads.servenobid.com/sync?pid=310&cbimg=1960&uid=dfcd2b4a1a4d93e58baf189a

0
289 B

1618ms
31ms

Image
image/avif

52.48.100.152
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=310&cbimg=1960&uid=dfcd2b4a1a4d93e58baf189a
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.100.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-100-152.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 12 May 2021 02:08:50 GMT
access-control-allow-credentials: true
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
content-length: 0
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin

Redirect headers

Date: Wed, 12 May 2021 02:08:48 GMT
Server: nginx
Location: https://ads.servenobid.com/sync?pid=310&cbimg=1960&uid=dfcd2b4a1a4d93e58baf189a
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2

200

sync
ads.servenobid.com/ Frame ABDE
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26cbimg%3D10142%26uid%3D%5BRX_UUID%5D
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1133181339
https://sync.1rx.io/usersync/tradedesk/20cb7bc9-a44b-4632-bad6-7f9939c54c11
https://sync.targeting.unrulymedia.com/csync/RX-0f1f7a4a-cfb6-4fe4-bba8-0fd07882d060-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26cbimg%3D8955%26uid%3DRX-0f1f7a4a-cfb6-4fe4-bba8-...
https://ads.servenobid.com/sync?pid=321&cbimg=8955&uid=RX-0f1f7a4a-cfb6-4fe4-bba8-0fd07882d060-003

0
303 B

85ms
29ms

Image
image/avif

52.48.100.152
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=321&cbimg=8955&uid=RX-0f1f7a4a-cfb6-4fe4-bba8-0fd07882d060-003
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.100.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-100-152.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 12 May 2021 02:09:02 GMT
access-control-allow-credentials: true
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
content-length: 0
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin

Redirect headers

location: https://ads.servenobid.com/sync?pid=321&cbimg=8955&uid=RX-0f1f7a4a-cfb6-4fe4-bba8-0fd07882d060-003
date: Wed, 12 May 2021 02:09:01 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX0f1f7a4acfb64fe4bba80fd07882d060003
content-type: text/html

GET
H2

200

sync
ads.servenobid.com/ Frame ABDE
Redirect Chain

https://jadserve.postrelease.com/suid/101954?ntv_r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D322%26cbimg%3D5396%26uid%3DNTV_USER_ID
https://ads.servenobid.com/sync?pid=322&cbimg=5396&uid=b288d85b-3536-4833-8759-fb57aa8334c8

0
299 B

1232ms
54ms

Image
image/avif

52.48.100.152
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=322&cbimg=5396&uid=b288d85b-3536-4833-8759-fb57aa8334c8
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.100.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-100-152.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 12 May 2021 02:08:50 GMT
access-control-allow-credentials: true
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
content-length: 0
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin

Redirect headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:49 GMT
server: nginx/1.12.1
location: https://ads.servenobid.com/sync?pid=322&cbimg=5396&uid=b288d85b-3536-4833-8759-fb57aa8334c8
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2

200

sync
ads.servenobid.com/ Frame ABDE
Redirect Chain

https://cs.admanmedia.com/sync/durationmedia?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D328%26cbimg%3D648%26uid%3D%7B%24UID%7D
https://ads.servenobid.com/sync?pid=328&cbimg=648&uid=c816c8a806fd607822340223744edcdd546f47bf

0
301 B

32ms
31ms

Image
image/avif

52.48.100.152
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=328&cbimg=648&uid=c816c8a806fd607822340223744edcdd546f47bf
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.100.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-100-152.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 12 May 2021 02:08:50 GMT
access-control-allow-credentials: true
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
content-length: 0
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin

Redirect headers

Location: https://ads.servenobid.com/sync?pid=328&cbimg=648&uid=c816c8a806fd607822340223744edcdd546f47bf
Date: Wed, 12 May 2021 02:08:50 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked

GET
H2 200 13926 Show response
g2.gumgum.com/usync/ Frame C4A6 4 KB
2 KB 83ms
33ms Document
text/html 52.212.126.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/usync/13926?gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D479%26uid%3D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.126.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-126-234.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 57d91d47ae42219cd5fd8c74fae35dd90da4a670ea4242a89a5bbaf8c99b04d4

Request headers

:method: GET
:authority: g2.gumgum.com
:scheme: https
:path: /usync/13926?gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D479%26uid%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://public.servenobid.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://public.servenobid.com/

Response headers

date: Wed, 12 May 2021 02:08:48 GMT
content-type: text/html;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
set-cookie: vst=e_227d0bdb-5a1e-45f9-8ecd-e3c2f1bef11a; Domain=.gumgum.com; Expires=Thu, 12-May-2022 02:08:48 GMT; Path=/; Secure; SameSite=None
etag: W/"0fa4678371b5f3ccbbd10c79c5e317e23"
timing-allow-origin: *
content-encoding: gzip

GET ps
pixel.33across.com/ Frame B01F 0
0

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame C90E 2 KB
818 B 1254ms
8ms Document
text/html 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=1&gdpr_consent=&us_privacy=1---&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26cd%3D2129%26uid%3D

Requested by

Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?gdpr=1&gdpr_consent=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?pubId=694e68b73971b58&gdpr=1&gdpr_consent=&us_privacy=1---&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26cd%3D2129%26uid%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://public.servenobid.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://public.servenobid.com/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
strict-transport-security: max-age=15552000

GET sync
ssbsync.smartadserver.com/api/ Frame D705 0
0

GET getuid
ib.adnxs.com/ Frame 1E9A 0
0

GET
H2

200

sync
ads.servenobid.com/ Frame 1E9A
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26cbimg%3D9664%26uid%3D%24UID
https://ads.servenobid.com/sync?pid=310&cbimg=9664&uid=dfcd2b4a1a4d93e58baf189a

0
289 B

1619ms
52ms

Image
image/avif

52.48.100.152
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=310&cbimg=9664&uid=dfcd2b4a1a4d93e58baf189a
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.100.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-100-152.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 12 May 2021 02:08:50 GMT
access-control-allow-credentials: true
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
content-length: 0
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin

Redirect headers

Date: Wed, 12 May 2021 02:08:48 GMT
Server: nginx
Location: https://ads.servenobid.com/sync?pid=310&cbimg=9664&uid=dfcd2b4a1a4d93e58baf189a
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2

200

sync
ads.servenobid.com/ Frame 1E9A
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26cbimg%3D8955%26uid%3D%5BRX_UUID%5D
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8955899004
https://sync.1rx.io/usersync/tradedesk/20cb7bc9-a44b-4632-bad6-7f9939c54c11
https://sync.targeting.unrulymedia.com/csync/RX-0f1f7a4a-cfb6-4fe4-bba8-0fd07882d060-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26cbimg%3D8955%26uid%3DRX-0f1f7a4a-cfb6-4fe4-bba8-...
https://ads.servenobid.com/sync?pid=321&cbimg=8955&uid=RX-0f1f7a4a-cfb6-4fe4-bba8-0fd07882d060-003

0
304 B

84ms
28ms

Image
image/avif

52.48.100.152
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=321&cbimg=8955&uid=RX-0f1f7a4a-cfb6-4fe4-bba8-0fd07882d060-003
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.100.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-100-152.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 12 May 2021 02:09:02 GMT
access-control-allow-credentials: true
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
content-length: 0
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin

Redirect headers

location: https://ads.servenobid.com/sync?pid=321&cbimg=8955&uid=RX-0f1f7a4a-cfb6-4fe4-bba8-0fd07882d060-003
date: Wed, 12 May 2021 02:09:01 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX0f1f7a4acfb64fe4bba80fd07882d060003
content-type: text/html

GET
H2

200

sync
ads.servenobid.com/ Frame 1E9A
Redirect Chain

https://jadserve.postrelease.com/suid/101954?ntv_r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D322%26cbimg%3D8338%26uid%3DNTV_USER_ID
https://ads.servenobid.com/sync?pid=322&cbimg=8338&uid=378a69d7-27e0-4100-8538-c006684b6684

0
298 B

1207ms
30ms

Image
image/avif

52.48.100.152
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=322&cbimg=8338&uid=378a69d7-27e0-4100-8538-c006684b6684
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.100.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-100-152.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 12 May 2021 02:08:50 GMT
access-control-allow-credentials: true
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
content-length: 0
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin

Redirect headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:49 GMT
server: nginx/1.12.1
location: https://ads.servenobid.com/sync?pid=322&cbimg=8338&uid=378a69d7-27e0-4100-8538-c006684b6684
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2

200

sync
ads.servenobid.com/ Frame 1E9A
Redirect Chain

https://cs.admanmedia.com/sync/durationmedia?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D328%26cbimg%3D593%26uid%3D%7B%24UID%7D
https://ads.servenobid.com/sync?pid=328&cbimg=593&uid=c816c8a806fd607822340223744edcdd546f47bf

0
302 B

955ms
30ms

Image
image/avif

52.48.100.152
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=328&cbimg=593&uid=c816c8a806fd607822340223744edcdd546f47bf
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.100.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-100-152.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 12 May 2021 02:08:51 GMT
access-control-allow-credentials: true
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
content-length: 0
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin

Redirect headers

Location: https://ads.servenobid.com/sync?pid=328&cbimg=593&uid=c816c8a806fd607822340223744edcdd546f47bf
Date: Wed, 12 May 2021 02:08:50 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame C63A
Redirect Chain

https://match.prod.bidr.io/cookie-sync/svr?gdpr=1&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/svr?gdpr=1&gdpr_consent=&_bee_ppp=1
https://ce.lijit.com/merge?pid=85&3pid=AAHc0U7BNnEAACtmSG3f2A&gdpr=1

43 B
1 KB

1144ms
16ms

Image
image/gif

216.52.2.30
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=85&3pid=AAHc0U7BNnEAACtmSG3f2A&gdpr=1
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?gdpr_consent=&informer=13427529
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 02:08:50 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap6ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location: https://ce.lijit.com/merge?pid=85&3pid=AAHc0U7BNnEAACtmSG3f2A&gdpr=1
Date: Wed, 12 May 2021 02:08:49 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

GET
H/1.1 204
No Content sync.php
pixel-eu.rubiconproject.com/exchange/ Frame C63A 0
239 B 7ms
6ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?gdpr_consent=&informer=13427529
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Content-Type: image/gif

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame C63A
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=87&3pid=a45e64a1-6c06-4f84-946e-49fdc5a36121

43 B
1 KB

1102ms
14ms

Image
image/gif

216.52.2.30
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=87&3pid=a45e64a1-6c06-4f84-946e-49fdc5a36121
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?gdpr_consent=&informer=13427529
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 02:08:50 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap6ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location: //ce.lijit.com/merge?pid=87&3pid=a45e64a1-6c06-4f84-946e-49fdc5a36121
Date: Wed, 12 May 2021 02:08:49 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame C63A
Redirect Chain

https://aorta.clickagy.com/pixel.gif?ch=185&cm=dfcd2b4a1a4d93e58baf189a&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=84&3pid=c:2924306c0d996554e309867824bbf26b

43 B
1 KB

982ms
14ms

Image
image/gif

216.52.2.30
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=84&3pid=c:2924306c0d996554e309867824bbf26b
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?gdpr_consent=&informer=13427529
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 02:08:50 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap6ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Wed, 12 May 2021 02:08:49 GMT
server: Aorta/2.4.14-20210304.4cf0ca0
access-control-allow-origin
access-control-max-age: 31536000
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/plain
Location: https://ce.lijit.com/merge?pid=84&3pid=c:2924306c0d996554e309867824bbf26b
access-control-expose-headers: Set-Cookie
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
X-Aorta-Region: us-east-1
Connection: keep-alive
X-Aorta-Host: ip-10-42-22-20.ec2.internal
access-control-allow-headers: Origin,cache-control,content-type,man,messagetype,soapaction
Content-Length: 0

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame C63A
Redirect Chain

https://sync.1rx.io/usersync2/sovrn?gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=56&3pid=OPTOUT

43 B
1 KB

1085ms
14ms

Image
image/gif

216.52.2.30
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=56&3pid=OPTOUT
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?gdpr_consent=&informer=13427529
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 02:08:50 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap6ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:49 GMT
server: Tengine
etag: OPTOUT
content-type: text/html
location: https://ce.lijit.com/merge?pid=56&3pid=OPTOUT
cache-control: no-store, no-cache, must-revalidate
expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame C63A
Redirect Chain

https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=1&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=ZGZjZDJiNGExYTRkOTNlNThiYWYxODlh

0
0

GET
H2

204

no_match_opted_out
um.simpli.fi/ Frame C63A
Redirect Chain

https://um.simpli.fi/lj_match?r=1620785328080&gdpr=1&gdpr_consent=
https://um.simpli.fi/no_match_opted_out

0
272 B

23ms
18ms

Image
text/plain

159.253.128.183
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/no_match_opted_out

Requested by

Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?gdpr_consent=&informer=13427529

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 12 May 2021 02:08:49 GMT
x-content-type-options: nosniff
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS

Redirect headers

date: Wed, 12 May 2021 02:08:49 GMT
x-content-type-options: nosniff
server: nginx
location: /no_match_opted_out
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Tue, 11 May 2021 02:08:49 GMT

GET
H/1.1

200
OK

iu3
aax-eu.amazon-adsystem.com/s/ Frame C63A
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/x/ae12848777b41970a5f2?gdpr=1&gdpr_consent=
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=1&gdpr_consent=&dcc=t

0
0

130ms
31ms

Image
text/html

52.95.116.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=1&gdpr_consent=&dcc=t
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?gdpr_consent=&informer=13427529
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.116.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Pragma: no-cache
Date: Wed, 12 May 2021 02:08:52 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=1&gdpr_consent=&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET rtset
bh.contextweb.com/bh/ Frame C63A 0
0

GET
H2 200 p-CXt61zNBpKUt1.gif
pixel.quantserve.com/pixel/ Frame C63A 35 B
210 B 19ms
7ms Image
image/gif 2620:116:800d:21:36a9:ecb:e518:b308
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=1&gdpr_consent=

Requested by

Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?gdpr_consent=&informer=13427529

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:49 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame C63A
Redirect Chain

https://ums.acuityplatform.com/tum?umid=27&uid=dfcd2b4a1a4d93e58baf189a&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=66&3pid=578067915925

43 B
1 KB

99ms
15ms

Image
image/gif

216.52.2.30
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=66&3pid=578067915925
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?gdpr_consent=&informer=13427529
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 02:08:55 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap6ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Access-Control-Allow-Origin: *
Content-Length: 0
Location: https://ce.lijit.com/merge?pid=66&3pid=578067915925

GET
H2 200 generic
data.adsrvr.org/track/cmf/ Frame C63A 70 B
264 B 46ms
34ms Image
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?gdpr_consent=&informer=13427529
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:49 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame C63A
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=17&mt_exuid=dfcd2b4a1a4d93e58baf189a&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D3%263pid%3D%5BUUID%5D&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=3&3pid=0b4e609b-38b1-4600-9931-68881dae1de6&gdpr=1&gdpr_consent=

43 B
1 KB

970ms
18ms

Image
image/gif

216.52.2.30
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=3&3pid=0b4e609b-38b1-4600-9931-68881dae1de6&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?gdpr_consent=&informer=13427529
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 02:08:50 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap6ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Date: Wed, 12 May 2021 02:08:52 GMT
Server: MT3 3709 11aaa92 master zrh-pixel-x14
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ce.lijit.com/merge?pid=3&3pid=0b4e609b-38b1-4600-9931-68881dae1de6&gdpr=1&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 12 May 2021 02:08:51 GMT

GET

pixel
cm.g.doubleclick.net/ Frame C63A
Redirect Chain

https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=1&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=ZGZjZDJiNGExYTRkOTNlNThiYWYxODlh

0
0

GET
H2 200 sync
x.bidswitch.net/ Frame C63A 43 B
145 B 20ms
10ms Image
image/gif 52.57.47.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=fmx&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?gdpr_consent=&informer=13427529
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.47.211 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-47-211.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:49 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame C63A
Redirect Chain

https://creativecdn.com/cm-notify?pi=sovrn&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=86&3pid=dNJNV81d9pAn6RTC9QDk&pi=sovrn&gdpr_consent=&gdpr=1

43 B
1 KB

1101ms
14ms

Image
image/gif

216.52.2.30
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=86&3pid=dNJNV81d9pAn6RTC9QDk&pi=sovrn&gdpr_consent=&gdpr=1
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?gdpr_consent=&informer=13427529
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 02:08:50 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap6ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location: https://ce.lijit.com/merge?pid=86&3pid=dNJNV81d9pAn6RTC9QDk&pi=sovrn&gdpr_consent=&gdpr=1
pragma: no-cache
date: Wed, 12 May 2021 02:08:49 GMT, Wed, 12 May 2021 02:08:49 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame C63A
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=16&3pid=no-consent&gdpr=1&gdpr_consent=

43 B
1 KB

1068ms
14ms

Image
image/gif

216.52.2.30
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=16&3pid=no-consent&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?gdpr_consent=&informer=13427529
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 02:08:50 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap6ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:48 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://ce.lijit.com/merge?pid=16&3pid=no-consent&gdpr=1&gdpr_consent=
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H/1.1 400
Request failed due to privacy signals getuid
secure.adnxs.com/ Frame C63A 0
0 285ms
13ms Image
text/html 185.33.223.178
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D12%263pid%3D%24UID&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?gdpr_consent=&informer=13427529
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.33.223.178 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 204
No Content sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame C63A 0
239 B 7891ms
104ms Image
image/gif 8.43.72.97
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?gdpr_consent=&informer=13427529
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: ab995a74221271a8dc253760ec78ee1d
Content-Type: image/gif

GET cm
p.rfihub.com/ Frame C63A 0
0

GET
H/1.1

200
OK

Cookie set merge Show response
ce.lijit.com/ Frame 6F4E
Redirect Chain

https://d.turn.com/r/dd/id/L21rdC8xMjcvY2lkLzI4NTUyOTczL3QvMg/url/https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D1%263pid%3D%24!%7BTURN_UUID%7D&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=1&3pid=7821555926461107471&gdpr=1&gdpr_consent=

43 B
1 KB

1037ms
16ms

Document
image/gif

216.52.2.30
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ce.lijit.com/merge?pid=1&3pid=7821555926461107471&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?gdpr_consent=&informer=13427529
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Host: ce.lijit.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ap.lijit.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ljtrtb=eJyrrgUAAXUA%2BQ%3D%3D; ljt_reader=dfcd2b4a1a4d93e58baf189a; ljtrtbexp=eJxlkDsSgDAIRO%2BS2iIQfuvVHO%2FumLFhLR%2BEx5JryDgldFZKah1DNwpgeDGi8%2BqY0lkm9b%2FxhSm7T3oA%2BasUOSlC0Y6iTGXETkw%2B5XlKpPH9kJZvzn7TIp%2BRz9DZ6b23e%2B8HkTBPpw%3D%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ap.lijit.com/

Response headers

Server: nginx
Date: Wed, 12 May 2021 02:08:50 GMT
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT
Set-Cookie: _ljtrtb_1=7821555926461107471;Path=/;Domain=.lijit.com;Expires=Thu, 12-May-2022 02:08:50 GMT;Max-Age=31536000;Secure;SameSite=None ljtrtbexp=eJxlkDsSgDAIRO%2BS2iIQfuvVHO%2FumLFhLR%2BEx5JryDgldFZKah1DNwpgeDGi8%2BqY0lkm9b%2FxhSm7T3oA%2BasUOSlC0Y6iTGXETkw%2B5XlKpPH9kJZvzn7TIp%2BRz9DZ6b23e%2B8HkTBPpw%3D%3D;Path=/;Domain=.lijit.com;Expires=Thu, 12-May-2022 02:08:50 GMT;Max-Age=31536000;Secure;SameSite=None ljtrtb=eJyrrgUAAXUA%2BQ%3D%3D;Path=/;Domain=.lijit.com;Expires=Thu, 12-May-2022 02:08:50 GMT;Max-Age=31536000;Secure;SameSite=None ljt_reader=dfcd2b4a1a4d93e58baf189a;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
X-Powered-By: raptor
X-Sovrn-Pod: ad_ap6ams1

Redirect headers

p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
pragma: no-cache
set-cookie: uid=7821555926461107471; Domain=.turn.com; Expires=Mon, 08-Nov-2021 02:08:49 GMT; Path=/; Secure; SameSite=None
location: https://ce.lijit.com/merge?pid=1&3pid=7821555926461107471&gdpr=1&gdpr_consent=
content-length: 0
date: Wed, 12 May 2021 02:08:48 GMT

GET
H/1.1 200
OK user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame FF08 8 KB
3 KB 14ms
9ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?gdpr_consent=&informer=13427529
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ap.lijit.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ap.lijit.com/

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:29 GMT
ETag: "1300708-1f78-5b232eb4914bb"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 2654
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=86954
Expires: Thu, 13 May 2021 02:18:03 GMT
Date: Wed, 12 May 2021 02:08:49 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame F5D0 8 KB
3 KB 15ms
9ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?gdpr_consent=&informer=13427529
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ap.lijit.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ap.lijit.com/

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:29 GMT
ETag: "1300708-1f78-5b232eb4914bb"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 2654
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=86954
Expires: Thu, 13 May 2021 02:18:03 GMT
Date: Wed, 12 May 2021 02:08:49 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 0608867b Show response
rtb.gumgum.com/usync/ Frame 792F 4 KB
1 KB 43ms
37ms Document
text/html 52.212.126.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?gdpr_consent=&informer=13427529
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.126.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-126-234.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 9f36ab5756867fc7fbf6d3bc34f061da21d8f48d26b36d622c371272a437dd9a

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ap.lijit.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_227d0bdb-5a1e-45f9-8ecd-e3c2f1bef11a
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ap.lijit.com/

Response headers

date: Wed, 12 May 2021 02:08:49 GMT
content-type: text/html;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
etag: W/"081a289db67ad426d7c9c38d21f54ed72"
timing-allow-origin: *
content-encoding: gzip

GET
H2

200

cm Show response
us-u.openx.net/w/1.0/ Frame A4F1
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_c...
https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&g...

776 B
778 B

30ms
13ms

Document
text/html

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?gdpr_consent=&informer=13427529
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.207.0 /
Resource Hash: fbb8121e416a7d046385b89926ea346aba498de4c479d000b6938dff806e1836

Request headers

:method: GET
:authority: us-u.openx.net
:scheme: https
:path: /w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ap.lijit.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=3c7fb0ce-77f1-050e-0804-f50aad0f12b6|1620785329
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ap.lijit.com/

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=3c7fb0ce-77f1-050e-0804-f50aad0f12b6|1620785329; Version=1; Expires=Thu, 12-May-2022 02:08:49 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1620785329|gekin0vNiygu; Version=1; Expires=Thu, 27-May-2021 02:08:49 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.207.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Wed, 12 May 2021 02:08:49 GMT
content-type: text/html
content-length: 478
content-encoding: gzip
via: 1.1 google
alt-svc: clear

Redirect headers

set-cookie: i=d3e74267-780a-025b-0002-ba366bd65559|1620785329; Version=1; Expires=Thu, 12-May-2022 02:08:49 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.207.0
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
date: Wed, 12 May 2021 02:08:49 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame 5004 0
119 B 10ms
9ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=120&adFormat=2&adslotId=&siteId=94859637&bannerId=146056&e=3&p=YJs4rgAEJ38K4DYSAAdTFcRAC8iMWRdRf38m4A&penc=&bp=38462&a=609b38ae-0004-d37e-0a77-8b197d07aa5e&n=1&geo=412122&rawURL=https%3A%2F%2Fpastebin.com%2FFMmQ5FdC&rawReferrerURL=&uid=ff60c67f-6142-4e7a-bd36-bbce98a85107&euid=&encn=N4IgXglgDiBcIgDQgMYHsCuA7ALgJwE84QARAUSRAEMc4BGZAGywHM4BOAOjoA4BmPshQQcReJQDOOGgFNiAISoATGVgC0AdQA-eHDhkBbAEYy8bJjTgAWHpwDsANgd2AvkA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCU9iKrjibYP_OEJLsgAeVpp3AA-b-o_dcjsqU12nAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItOTAzNTA4Nzc5MjY5Mjc3NcgBCakCNPy-p7hhtD7gAgCoAwGqBO4BT9Aj_FO6rx--Wd6-wKVk_QHgWb6qNw-m3Y9iZ7EA04uVwt27R-QzLbxpB63MD2RPYTc-k04BAwIPfbNRmXqu7W1KZlUkZ_zYMDQc8DMqxfp4TaXeULl01CtI7bRjz7c5lgYUgDwgIe2GKva8zgpqu0-mTd53Ntzf7HhxtZPmiJUlwBJovEv9CJu7gCWuK6Cx7-fCVe9_luJ4SriHZaTH14pONzplNukyVklZJWA73sEQqc1iZ3AEKCKtitMUlsp48arXv7gY_7OGDGQL59qa1ucBIlft9RKeLv060gwO8xCUuLBIltU5hl0aJCVP_uAEAYAG17OK4pyg7Y0RoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YBQEAHyCBthZHgtc3Vic3luLTc5MDQ5MDE4Njk5Nzc3NjX6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3lzqnVtqCuWcGpLDYdHBKEWxCwoA%26client%3Dca-pub-9035087792692775%26adurl%3D&gdpr=1&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Wed, 12 May 2021 02:08:49 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

GET
H2

204

no_match_opted_out
um.simpli.fi/ Frame D70D
Redirect Chain

https://um.simpli.fi/lj_match?r=1620785328694&gdpr=1&gdpr_consent=
https://um.simpli.fi/no_match_opted_out

0
272 B

18ms
18ms

Image
text/plain

159.253.128.183
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/no_match_opted_out

Requested by

Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?gdpr_consent=&informer=13427529

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 12 May 2021 02:08:49 GMT
x-content-type-options: nosniff
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS

Redirect headers

date: Wed, 12 May 2021 02:08:49 GMT
x-content-type-options: nosniff
server: nginx
location: /no_match_opted_out
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Tue, 11 May 2021 02:08:49 GMT

GET

pixel
cm.g.doubleclick.net/ Frame D70D
Redirect Chain

https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=1&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=ZGZjZDJiNGExYTRkOTNlNThiYWYxODlh

0
0

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame D70D
Redirect Chain

https://p.rfihub.com/cm?in=1&pub=1827&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=10&3pid=1871878969969599729

43 B
1 KB

1112ms
14ms

Image
image/gif

216.52.2.30
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=10&3pid=1871878969969599729
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?gdpr_consent=&informer=13427529
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 02:08:50 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap6ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location: https://ce.lijit.com/merge?pid=10&3pid=1871878969969599729
Date: Wed, 12 May 2021 02:08:49 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame D70D
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=87&3pid=a45e64a1-6c06-4f84-946e-49fdc5a36121

43 B
1 KB

1188ms
14ms

Image
image/gif

216.52.2.30
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=87&3pid=a45e64a1-6c06-4f84-946e-49fdc5a36121
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?gdpr_consent=&informer=13427529
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 02:08:50 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap6ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location: //ce.lijit.com/merge?pid=87&3pid=a45e64a1-6c06-4f84-946e-49fdc5a36121
Date: Wed, 12 May 2021 02:08:49 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame D70D
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=16&3pid=no-consent&gdpr=1&gdpr_consent=

43 B
1 KB

1144ms
16ms

Image
image/gif

216.52.2.30
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=16&3pid=no-consent&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?gdpr_consent=&informer=13427529
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 02:08:50 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap6ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:48 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://ce.lijit.com/merge?pid=16&3pid=no-consent&gdpr=1&gdpr_consent=
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2 200 generic
data.adsrvr.org/track/cmf/ Frame D70D 70 B
264 B 36ms
27ms Image
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?gdpr_consent=&informer=13427529
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:49 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame D70D
Redirect Chain

https://aorta.clickagy.com/pixel.gif?ch=185&cm=dfcd2b4a1a4d93e58baf189a&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=84&3pid=c:2924306c0d996554e309867824bbf26b

43 B
1 KB

876ms
14ms

Image
image/gif

216.52.2.30
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=84&3pid=c:2924306c0d996554e309867824bbf26b
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?gdpr_consent=&informer=13427529
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 02:08:50 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap6ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Wed, 12 May 2021 02:08:49 GMT
server: Aorta/2.4.14-20210304.4cf0ca0
access-control-allow-origin
access-control-max-age: 31536000
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/plain
Location: https://ce.lijit.com/merge?pid=84&3pid=c:2924306c0d996554e309867824bbf26b
access-control-expose-headers: Set-Cookie
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
X-Aorta-Region: us-east-1
Connection: keep-alive
X-Aorta-Host: ip-10-42-17-246.ec2.internal
access-control-allow-headers: Origin,cache-control,content-type,man,messagetype,soapaction
Content-Length: 0

GET
H2 200 sync
x.bidswitch.net/ Frame D70D 43 B
145 B 25ms
6ms Image
image/gif 52.57.47.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=fmx&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?gdpr_consent=&informer=13427529
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.47.211 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-47-211.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:49 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame D70D
Redirect Chain

https://match.prod.bidr.io/cookie-sync/svr?gdpr=1&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/svr?gdpr=1&gdpr_consent=&_bee_ppp=1
https://ce.lijit.com/merge?pid=85&3pid=AAHc0U7BNnEAACtmSG3f2A&gdpr=1

43 B
1 KB

1048ms
14ms

Image
image/gif

216.52.2.30
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=85&3pid=AAHc0U7BNnEAACtmSG3f2A&gdpr=1
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?gdpr_consent=&informer=13427529
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 02:08:50 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap6ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location: https://ce.lijit.com/merge?pid=85&3pid=AAHc0U7BNnEAACtmSG3f2A&gdpr=1
Date: Wed, 12 May 2021 02:08:49 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame D70D
Redirect Chain

https://sync.1rx.io/usersync2/sovrn?gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=56&3pid=OPTOUT

43 B
1 KB

1127ms
14ms

Image
image/gif

216.52.2.30
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=56&3pid=OPTOUT
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?gdpr_consent=&informer=13427529
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 02:08:50 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap6ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:49 GMT
server: Tengine
etag: OPTOUT
content-type: text/html
location: https://ce.lijit.com/merge?pid=56&3pid=OPTOUT
cache-control: no-store, no-cache, must-revalidate
expires: 0

GET
H/1.1

200
OK

iu3
aax-eu.amazon-adsystem.com/s/ Frame D70D
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/x/ae12848777b41970a5f2?gdpr=1&gdpr_consent=
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=1&gdpr_consent=&dcc=t

0
0

4214ms
30ms

Image
text/html

52.95.116.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=1&gdpr_consent=&dcc=t
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?gdpr_consent=&informer=13427529
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.116.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Pragma: no-cache
Date: Wed, 12 May 2021 02:08:52 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=1&gdpr_consent=&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame D70D
Redirect Chain

https://creativecdn.com/cm-notify?pi=sovrn&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=86&3pid=dNJNV81d9pAn6RTC9QDk&pi=sovrn&gdpr_consent=&gdpr=1

43 B
1 KB

1160ms
15ms

Image
image/gif

216.52.2.30
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=86&3pid=dNJNV81d9pAn6RTC9QDk&pi=sovrn&gdpr_consent=&gdpr=1
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?gdpr_consent=&informer=13427529
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 02:08:50 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap6ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location: https://ce.lijit.com/merge?pid=86&3pid=dNJNV81d9pAn6RTC9QDk&pi=sovrn&gdpr_consent=&gdpr=1
pragma: no-cache
date: Wed, 12 May 2021 02:08:49 GMT, Wed, 12 May 2021 02:08:49 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 p-CXt61zNBpKUt1.gif
pixel.quantserve.com/pixel/ Frame D70D 35 B
210 B 25ms
7ms Image
image/gif 2620:116:800d:21:36a9:ecb:e518:b308
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=1&gdpr_consent=

Requested by

Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?gdpr_consent=&informer=13427529

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:49 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1 204
No Content sync.php
pixel-eu.rubiconproject.com/exchange/ Frame D70D 0
239 B 22ms
7ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?gdpr_consent=&informer=13427529
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Content-Type: image/gif

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame D70D
Redirect Chain

https://ums.acuityplatform.com/tum?umid=27&uid=dfcd2b4a1a4d93e58baf189a&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=66&3pid=578067915925

43 B
1 KB

91ms
14ms

Image
image/gif

216.52.2.30
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=66&3pid=578067915925
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?gdpr_consent=&informer=13427529
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 02:08:55 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap6ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Access-Control-Allow-Origin: *
Content-Length: 0
Location: https://ce.lijit.com/merge?pid=66&3pid=578067915925

GET
H/1.1 204
No Content sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame D70D 0
239 B 257ms
103ms Image
image/gif 8.43.72.97
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?gdpr_consent=&informer=13427529
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: ab995a74221271a8dc253760ec78ee1d
Content-Type: image/gif

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame D70D
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=17&mt_exuid=dfcd2b4a1a4d93e58baf189a&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D3%263pid%3D%5BUUID%5D&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=3&3pid=c020609b-38b0-4000-b7ca-ccfb1ca56717&gdpr=1&gdpr_consent=

43 B
1 KB

981ms
16ms

Image
image/gif

216.52.2.30
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=3&3pid=c020609b-38b0-4000-b7ca-ccfb1ca56717&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?gdpr_consent=&informer=13427529
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 02:08:50 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap6ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Date: Wed, 12 May 2021 02:08:52 GMT
Server: MT3 3709 11aaa92 master zrh-pixel-x15
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ce.lijit.com/merge?pid=3&3pid=c020609b-38b0-4000-b7ca-ccfb1ca56717&gdpr=1&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 12 May 2021 02:08:51 GMT

GET

pixel
cm.g.doubleclick.net/ Frame D70D
Redirect Chain

https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=1&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=ZGZjZDJiNGExYTRkOTNlNThiYWYxODlh

0
0

GET rtset
bh.contextweb.com/bh/ Frame D70D 0
0

GET
H/1.1 400
Request failed due to privacy signals getuid
secure.adnxs.com/ Frame D70D 0
0 3408ms
13ms Image
text/html 185.33.223.178
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D12%263pid%3D%24UID&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?gdpr_consent=&informer=13427529
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.33.223.178 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 200
OK user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 5753 8 KB
3 KB 18ms
7ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?gdpr_consent=&informer=13427529
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ap.lijit.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ap.lijit.com/

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:29 GMT
ETag: "1300708-1f78-5b232eb4914bb"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 2654
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=86954
Expires: Thu, 13 May 2021 02:18:03 GMT
Date: Wed, 12 May 2021 02:08:49 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1

200
OK

Cookie set merge Show response
ce.lijit.com/ Frame 22F0
Redirect Chain

https://d.turn.com/r/dd/id/L21rdC8xMjcvY2lkLzI4NTUyOTczL3QvMg/url/https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D1%263pid%3D%24!%7BTURN_UUID%7D&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=1&3pid=7821555926461107471&gdpr=1&gdpr_consent=

43 B
1 KB

1019ms
14ms

Document
image/gif

216.52.2.30
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ce.lijit.com/merge?pid=1&3pid=7821555926461107471&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?gdpr_consent=&informer=13427529
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Host: ce.lijit.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ap.lijit.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ljtrtb=eJyrrgUAAXUA%2BQ%3D%3D; ljt_reader=dfcd2b4a1a4d93e58baf189a; ljtrtbexp=eJxlkDsSgDAIRO%2BS2iIQfuvVHO%2FumLFhLR%2BEx5JryDgldFZKah1DNwpgeDGi8%2BqY0lkm9b%2FxhSm7T3oA%2BasUOSlC0Y6iTGXETkw%2B5XlKpPH9kJZvzn7TIp%2BRz9DZ6b23e%2B8HkTBPpw%3D%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ap.lijit.com/

Response headers

Server: nginx
Date: Wed, 12 May 2021 02:08:50 GMT
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT
Set-Cookie: _ljtrtb_1=7821555926461107471;Path=/;Domain=.lijit.com;Expires=Thu, 12-May-2022 02:08:50 GMT;Max-Age=31536000;Secure;SameSite=None ljtrtb=eJyrrgUAAXUA%2BQ%3D%3D;Path=/;Domain=.lijit.com;Expires=Thu, 12-May-2022 02:08:50 GMT;Max-Age=31536000;Secure;SameSite=None ljt_reader=dfcd2b4a1a4d93e58baf189a;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None ljtrtbexp=eJxlkDsSgDAIRO%2BS2iIQfuvVHO%2FumLFhLR%2BEx5JryDgldFZKah1DNwpgeDGi8%2BqY0lkm9b%2FxhSm7T3oA%2BasUOSlC0Y6iTGXETkw%2B5XlKpPH9kJZvzn7TIp%2BRz9DZ6b23e%2B8HkTBPpw%3D%3D;Path=/;Domain=.lijit.com;Expires=Thu, 12-May-2022 02:08:50 GMT;Max-Age=31536000;Secure;SameSite=None
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
X-Powered-By: raptor
X-Sovrn-Pod: ad_ap6ams1

Redirect headers

p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
pragma: no-cache
set-cookie: uid=7821555926461107471; Domain=.turn.com; Expires=Mon, 08-Nov-2021 02:08:49 GMT; Path=/; Secure; SameSite=None
location: https://ce.lijit.com/merge?pid=1&3pid=7821555926461107471&gdpr=1&gdpr_consent=
content-length: 0
date: Wed, 12 May 2021 02:08:48 GMT

GET
H2 200 0608867b Show response
rtb.gumgum.com/usync/ Frame D8A1 4 KB
1 KB 44ms
32ms Document
text/html 52.212.126.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?gdpr_consent=&informer=13427529
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.126.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-126-234.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 9f36ab5756867fc7fbf6d3bc34f061da21d8f48d26b36d622c371272a437dd9a

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ap.lijit.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_227d0bdb-5a1e-45f9-8ecd-e3c2f1bef11a
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ap.lijit.com/

Response headers

date: Wed, 12 May 2021 02:08:49 GMT
content-type: text/html;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
etag: W/"081a289db67ad426d7c9c38d21f54ed72"
timing-allow-origin: *
content-encoding: gzip

GET
H/1.1 200
OK user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 2B59 8 KB
3 KB 21ms
10ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?gdpr_consent=&informer=13427529
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ap.lijit.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ap.lijit.com/

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:29 GMT
ETag: "1300708-1f78-5b232eb4914bb"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 2654
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=86954
Expires: Thu, 13 May 2021 02:18:03 GMT
Date: Wed, 12 May 2021 02:08:49 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2

200

cm Show response
us-u.openx.net/w/1.0/ Frame B967
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_c...
https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&g...

776 B
812 B

25ms
13ms

Document
text/html

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?gdpr_consent=&informer=13427529
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.207.0 /
Resource Hash: fbb8121e416a7d046385b89926ea346aba498de4c479d000b6938dff806e1836

Request headers

:method: GET
:authority: us-u.openx.net
:scheme: https
:path: /w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ap.lijit.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=3c7fb0ce-77f1-050e-0804-f50aad0f12b6|1620785329
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ap.lijit.com/

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=3c7fb0ce-77f1-050e-0804-f50aad0f12b6|1620785329; Version=1; Expires=Thu, 12-May-2022 02:08:49 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1620785329|gekin0vNiygu; Version=1; Expires=Thu, 27-May-2021 02:08:49 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.207.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Wed, 12 May 2021 02:08:49 GMT
content-type: text/html
content-length: 478
content-encoding: gzip
via: 1.1 google
alt-svc: clear

Redirect headers

set-cookie: i=1430fa2c-c419-0f85-20b5-ade99a499bf3|1620785329; Version=1; Expires=Thu, 12-May-2022 02:08:49 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.207.0
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
date: Wed, 12 May 2021 02:08:49 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame EB36 0
119 B 11ms
10ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=90&adWidth=728&adFormat=4&adslotId=&siteId=94859637&bannerId=146072&e=3&p=YJs4rgAFR94K3rqFAAav9FkYZQcYFJ5HEd1p1w&penc=&bp=38462&a=609b38ae-0005-e22b-0ae0-25ca59038aa8&n=1&geo=412122&rawURL=https%3A%2F%2Fpastebin.com%2FFMmQ5FdC&rawReferrerURL=&uid=ff60c67f-6142-4e7a-bd36-bbce98a85107&euid=&encn=N4IgXglgDiBcIgDQgMYHsCuA7ALgJwE84QARAUSRAEMc4BGZAGywHM4BOAOjoA4BmPshQQcReJQDOOGgFNiAISoATGVgC0AdQA-eHDhkBbAEYy8bJjTgAWHpwDsANgd2AvkA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJUROrjibYN6PFYX1-gb035qYD-b-o_dc7ousiF_AjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItOTAzNTA4Nzc5MjY5Mjc3NcgBCakCKsu9ywlitD7gAgCoAwGqBO4BT9ADU5AzNthOvMw2Es3jpsFQD0-wJZtsjm-Qk_Kunn48mjdnagmYB7DCC7Vcm9E79n2hk7NzlwRLyesKzpaMt6GcYZnkVgVPknUl7_EvIza6oPlPs1IrjmoSAvDWvqEfHC1oPsQEwFNGrsKUvUVHEIUnwPI7SwV5wBA7YbNm46prx-jTXVb2WL_cOlnns4jLFEVQx14uACX1tC_tNSVZmcbf7jKFjYB_zrN8HoVnrT4IvXvDWviaOdShhhHHBfaSDSG8S9V6zAiShG2C9kKspybNESyWCyCMyKV21LsOfpz4Gmi6Ce59ow_AjHR7_-AEAYAGnPah-N7y5czxAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIiOGAEBAB8ggbYWR4LXN1YnN5bi03OTA0OTAxODY5OTc3NzY1-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_021CBPoQadwF5MZZcOsjeb7Vf6jQ%26client%3Dca-pub-9035087792692775%26adurl%3D&gdpr=1&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Wed, 12 May 2021 02:08:49 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame D557
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=dfcd2b4a1a4d93e58baf189a

43 B
334 B

140ms
127ms

Image
image/gif

2606:4700:20::ac43:47f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=dfcd2b4a1a4d93e58baf189a
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:49 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0tjHJuwQXKfn3oyssVvlnFdUFEvCcLgY1DEyafNyr972pWy0%2FC%2FJbDTPQTn0yTW5BbinfEqdHngeGOFVa2qCgaYqL4rCOkGe7ycbo0C4kgFbYYuaA4juWZSjPLikwNg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 64e019f38a7b178a-FRA
content-length: 43
cf-request-id: 09ffee8c360000178a1a09e000000001

Redirect headers

Date: Wed, 12 May 2021 02:08:49 GMT
Server: nginx
Location: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=dfcd2b4a1a4d93e58baf189a
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET us
sync.go.sonobi.com/ Frame D557 0
0

GET getuid
ib.adnxs.com/ Frame D557 0
0

GET
H2

200

setuid
sync.quantumdex.io/ Frame D557
Redirect Chain

https://ms.quantumdex.io/user/sync/quantumdex
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=a4f82170-2628-4946-90c4-6957eeb810e0

43 B
327 B

129ms
128ms

Image
image/gif

2606:4700:20::ac43:47f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=a4f82170-2628-4946-90c4-6957eeb810e0
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:49 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=C7gi6DJGgDGQYqfIyYIqfjv5CqGZYis5MmQzwLd8Ju9NXa1Eu6FIjPDoWiBu3q%2B17Lx5oAV4lRAPXgUyJbCYYygJ6t9EfzyM%2FlbVEzvL2%2ByL5krm3crRXCGFcTqIKPY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 64e019f5acaa178a-FRA
content-length: 43
cf-request-id: 09ffee8d860000178a3695b000000001

Redirect headers

date: Wed, 12 May 2021 02:08:49 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=85sZLX8jYqZioUqQN6tTI%2B%2F5d6Qkto6fk4H1kFeQJ1XutoI%2FQ3MvulUVTF1iFjEQh3Gsy%2FXkG7BALh4zK2lFOpBfGRQxbAgvAjo3sQ1zVPk4fhojVfJpjAfCTpkj"}],"group":"cf-nel","max_age":604800}
location: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=a4f82170-2628-4946-90c4-6957eeb810e0
cf-ray: 64e019f2e9df178a-FRA
content-length: 0
cf-request-id: 09ffee8bce0000178a70062000000001

GET

getuid
ib.adnxs.com/ Frame D557
Redirect Chain

https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Damx-rtb%26uid%3D
https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%3FA%3Dba85a92a-c331-47ba-8ea5-86d7fed803b1%26bidder%3Dappnexus%26cbx%3DaHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1...

0
0

GET
H2

200

setuid
sync.quantumdex.io/ Frame D557
Redirect Chain

https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-5003bd1e-fbbe-4b29-b2f6-253599a3b6d8

43 B
517 B

141ms
126ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-5003bd1e-fbbe-4b29-b2f6-253599a3b6d8
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:53 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=liiS0ViLnwiM1%2BuqYij1JbjV6z6%2BOaIv6fsZn16VQ3Owugk0bP9Ind37QqhLVLEsCP8F3Qi4M6j864iEzvtZwEow74hH3XfWPVM4DvA5dfBccoUKUHyVm48ir9hyQHg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 64e01a0aee5d4e14-FRA
content-length: 43
cf-request-id: 09ffee9ad000004e1439a14000000001

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-5003bd1e-fbbe-4b29-b2f6-253599a3b6d8
date: Wed, 12 May 2021 02:08:52 GMT
server: Apache-Coyote/1.1
content-length: 0

GET match
ads.betweendigital.com/ Frame D557 0
0

GET sync
pixel.advertising.com/ups/58425/ Frame D557 0
0

GET
H2

200

setuid
sync.quantumdex.io/ Frame D557
Redirect Chain

https://ups.analytics.yahoo.com/ups/58424/occ
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-0_su05tE2uGZjoWqMXujletPaxJSkxe7UFMZ_dk-~A

43 B
331 B

148ms
133ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-0_su05tE2uGZjoWqMXujletPaxJSkxe7UFMZ_dk-~A
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:52 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2BDafhF2iv9NUzm8P23PpLUMPGBoH3xc%2B3v2oEXPSNYpUfp09%2FuGeBDocUllbaFrdZhW7NS%2F9j%2BTA%2FY%2B7QFpaBvUTqEriDHNggD7rRUL71ioW%2F2JpX5J2xoGsUioHKBY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 64e01a063df04eaa-FRA
content-length: 43
cf-request-id: 09ffee97df00004eaa2731d000000001

Redirect headers

Date: Wed, 12 May 2021 02:08:52 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-0_su05tE2uGZjoWqMXujletPaxJSkxe7UFMZ_dk-~A
Connection: keep-alive
Content-Length: 0

GET uc.html
sync.go.sonobi.com/ Frame E4D0 0
0

GET
H/1.1 200
OK user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 4861 8 KB
3 KB 13ms
12ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sync.quantumdex.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:29 GMT
ETag: "1300708-1f78-5b232eb4914bb"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 2654
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=86954
Expires: Thu, 13 May 2021 02:18:03 GMT
Date: Wed, 12 May 2021 02:08:49 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET usermatch
ssum-sec.casalemedia.com/ Frame 6F47 0
0

GET d
ic.tynt.com/r/ Frame C649 0
0

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 5C2F 2 KB
818 B 1087ms
9ms Document
text/html 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2bb78272a859ca6

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?pubId=2bb78272a859ca6
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
strict-transport-security: max-age=15552000

GET getuid
ib.adnxs.com/ Frame E804 0
0

GET
H2

200

setuid
sync.quantumdex.io/ Frame E804
Redirect Chain

https://ups.analytics.yahoo.com/ups/58424/occ
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-0_su05tE2uGZjoWqMXujletPaxJSkxe7UFMZ_dk-~A

43 B
519 B

131ms
127ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-0_su05tE2uGZjoWqMXujletPaxJSkxe7UFMZ_dk-~A
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:52 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=dUSjXzX8ExchtM55AehKBxG5Ecum%2Fdl52eLczLbQaefOKfmvdJ5INjLDneH9HojGMSoyZBqs494jvVc6YD5g1tt8%2BGZrOxHegLJZLc5eQeQqz2QPCzxAAViyi8KhyXc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 64e01a063df34eaa-FRA
content-length: 43
cf-request-id: 09ffee97df00004eaab6b54000000001

Redirect headers

Date: Wed, 12 May 2021 02:08:52 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-0_su05tE2uGZjoWqMXujletPaxJSkxe7UFMZ_dk-~A
Connection: keep-alive
Content-Length: 0

GET us
sync.go.sonobi.com/ Frame E804 0
0

GET
H2

200

setuid
sync.quantumdex.io/ Frame E804
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=dfcd2b4a1a4d93e58baf189a

43 B
330 B

138ms
129ms

Image
image/gif

2606:4700:20::ac43:47f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=dfcd2b4a1a4d93e58baf189a
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:49 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NcoUG1rIxonzZG%2BVzAu6zZm6Ua2o%2BE98yK4B%2BAtwSUwFWhA5TiexaB47TkqObEBNfizTZzYdtdz%2BKzEuab7A2%2FLongsQQibgHqKCws%2Fv%2BR4x18MvNR70JPzPqUyzNo4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 64e019f38a7c178a-FRA
content-length: 43
cf-request-id: 09ffee8c370000178a2487c000000001

Redirect headers

Date: Wed, 12 May 2021 02:08:49 GMT
Server: nginx
Location: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=dfcd2b4a1a4d93e58baf189a
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET getuid
ib.adnxs.com/ Frame E804 0
0

GET
H2

200

setuid
sync.quantumdex.io/ Frame E804
Redirect Chain

https://ms.quantumdex.io/user/sync/quantumdex
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=f0381c88-b987-4ce6-82e8-0c7c06545c96

43 B
349 B

128ms
124ms

Image
image/gif

2606:4700:20::ac43:47f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=f0381c88-b987-4ce6-82e8-0c7c06545c96
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:49 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=C%2BRVT9uK11nWyQOhjxLWP20J6Qc27SrgjjW90Pek%2F3T13N9gE%2BmD9daP99CN171JRsSKkSb5A74epxlFFMU%2B4qKFCA6OVwqYrEMsBCzyA30jxmklj32sY7pS9kI0X9Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 64e019f5ccd1178a-FRA
content-length: 43
cf-request-id: 09ffee8d9e0000178afb1aa000000001

Redirect headers

date: Wed, 12 May 2021 02:08:49 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=D2Yk1t5bGLfzbcYrALuXLiFDb8fG2%2BD6Q6dQOf2NiFiDYykTqaQpO8fYntXq21rZi3XcAx4zrNOuQBBaXZBu7OqCJVjnxAfLH3jzEvmF8IrEXUNriCJYY5YhV0AM"}],"group":"cf-nel","max_age":604800}
location: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=f0381c88-b987-4ce6-82e8-0c7c06545c96
cf-ray: 64e019f2f9e8178a-FRA
content-length: 0
cf-request-id: 09ffee8bd70000178a14861000000001

GET

getuid
ib.adnxs.com/ Frame E804
Redirect Chain

https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Damx-rtb%26uid%3D
https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%3FA%3Dba85a92a-c331-47ba-8ea5-86d7fed803b1%26bidder%3Dappnexus%26cbx%3DaHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1...

0
0

GET
H2

200

setuid
sync.quantumdex.io/ Frame E804
Redirect Chain

https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-6bda429f-aaed-461a-ac37-85595e99d64a

43 B
326 B

147ms
135ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-6bda429f-aaed-461a-ac37-85595e99d64a
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:53 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gTHXEyuiWgAy3MgIZiRlboYfkiPVU8PiR%2BiXf4lnZ86PAnXa3w6vKZB%2FRiflWqtGTarpDhSTkaUBFLH46%2FV5pleNs%2BSunjukM8k6uq4jgF6eJiLidKWw%2Bf8u1hTSfSY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 64e01a0aee604e14-FRA
content-length: 43
cf-request-id: 09ffee9ad000004e14a18fd000000001

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-6bda429f-aaed-461a-ac37-85595e99d64a
date: Wed, 12 May 2021 02:08:52 GMT
server: Apache-Coyote/1.1
content-length: 0

GET match
ads.betweendigital.com/ Frame E804 0
0

GET sync
pixel.advertising.com/ups/58425/ Frame E804 0
0

GET usermatch
ssum-sec.casalemedia.com/ Frame BD5C 0
0

GET uc.html
sync.go.sonobi.com/ Frame 840D 0
0

GET
H/1.1 200
OK user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame EF57 8 KB
3 KB 9ms
7ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sync.quantumdex.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:29 GMT
ETag: "1300708-1f78-5b232eb4914bb"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 2654
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=86954
Expires: Thu, 13 May 2021 02:18:03 GMT
Date: Wed, 12 May 2021 02:08:49 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET d
ic.tynt.com/r/ Frame A61F 0
0

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 69D2 2 KB
818 B 1080ms
7ms Document
text/html 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2bb78272a859ca6

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?pubId=2bb78272a859ca6
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
strict-transport-security: max-age=15552000

GET getuid
ib.adnxs.com/ Frame F919 0
0

GET pixel
cm.g.doubleclick.net/ Frame F919 0
0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame F919
Redirect Chain

https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
https://mwzeom.zeotap.com/mw?cid=52c0b3ee-2b61-451b-a94e-a6833024c763&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca71abdf-04b4-4e8c-56aa-cfdd44879a8e&reqId=860bac87-12b7-4df4...

95 B
489 B

38ms
25ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=52c0b3ee-2b61-451b-a94e-a6833024c763&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca71abdf-04b4-4e8c-56aa-cfdd44879a8e&reqId=860bac87-12b7-4df4-6cab-d25b2fd61a00&zdid=1361
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:52 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 64e01a07fbd24e6e-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 09ffee98fd00004e6e7db78000000001

Redirect headers

date: Wed, 12 May 2021 02:08:52 GMT
via: 1.1 google
server: Jetty(9.4.36.v20210114)
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://mwzeom.zeotap.com/mw?cid=52c0b3ee-2b61-451b-a94e-a6833024c763&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca71abdf-04b4-4e8c-56aa-cfdd44879a8e&reqId=860bac87-12b7-4df4-6cab-d25b2fd61a00&zdid=1361
alt-svc: clear
content-length: 0

GET /
dmp.adform.net/serving/cookie/match/ Frame F919 0
0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame F919
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dca71abdf-04b4-4e8c-56aa-cfdd44879a8e%26reqId%3D8...
https://mwzeom.zeotap.com/mw?cid=20cb7bc9-a44b-4632-bad6-7f9939c54c11&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca71abdf-04b4-4e8c-56aa-cfdd44879a8e&reqId=860bac87-12b7-4df4...

95 B
280 B

37ms
30ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=20cb7bc9-a44b-4632-bad6-7f9939c54c11&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca71abdf-04b4-4e8c-56aa-cfdd44879a8e&reqId=860bac87-12b7-4df4-6cab-d25b2fd61a00&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:49 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 64e019f39e8c4e61-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 09ffee8c3d00004e61018b9000000001

Redirect headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:49 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://mwzeom.zeotap.com/mw?cid=20cb7bc9-a44b-4632-bad6-7f9939c54c11&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca71abdf-04b4-4e8c-56aa-cfdd44879a8e&reqId=860bac87-12b7-4df4-6cab-d25b2fd61a00&zdid=1361
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 481

GET cm
trc.taboola.com/sg/zeotap/1/ Frame F919 0
0

GET u
dmp.v.fwmrm.net/ad/ Frame F919 0
0

GET
H/1.1 200
OK UCookieSetPug
image6.pubmatic.com/AdServer/ Frame F919 0
240 B 95ms
13ms Image
text/html 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dca71abdf-04b4-4e8c-56aa-cfdd44879a8e%26reqId%3D860bac87-12b7-4df4-6cab-d25b2fd61a00%26zdid%3D1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 02:08:48 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2

200

mw
mwzeom.zeotap.com/ Frame F919
Redirect Chain

https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca71abdf-04b4-4e8c-56aa-cfdd44879a8e&reqId=860bac87-12b7-4df4-6cab-d25b2fd61a00&zdid=1361
https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca71abdf-04b4-4e8c-56aa-cfdd44879a8e&reqId=860bac87-12b7-4df4-6cab-d25b2fd61a00&zdid=136...
https://mwzeom.zeotap.com/mw?cid=c4691120-4b15-41d9-adca-6b34473871cd&zpartnerid=317&gdpr=1&gdpr_consent=

95 B
269 B

30ms
26ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=c4691120-4b15-41d9-adca-6b34473871cd&zpartnerid=317&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:49 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 64e019f678950609-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 09ffee8e0a000006096dacb000000001

Redirect headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:49 GMT
server: Apache-Coyote/1.1
location: https://mwzeom.zeotap.com/mw?cid=c4691120-4b15-41d9-adca-6b34473871cd&zpartnerid=317&gdpr=1&gdpr_consent=
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
x-xss-protection: 1; mode=block
expires: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame F919
Redirect Chain

https://dpm.demdex.net/ibs:dpid=199624&dpuuid=ca71abdf-04b4-4e8c-56aa-cfdd44879a8e&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=ca71abdf-04b4-4e8c-56aa-cfdd44879a8e&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
https://mwzeom.zeotap.com/mw?cid=13034587852374202283152254744114951068&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca71abdf-04b4-4e8c-56aa-cfdd44879a8e&reqId=860bac87-12b7-...

95 B
178 B

44ms
31ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=13034587852374202283152254744114951068&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca71abdf-04b4-4e8c-56aa-cfdd44879a8e&reqId=860bac87-12b7-4df4-6cab-d25b2fd61a00&zdid=1361
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:52 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 64e01a0afab8535d-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 09ffee9ad60000535d472d5000000001

Redirect headers

DCS: dcs-prod-irl1-2-v006-0d80e771e.edge-irl1.demdex.com 6.2.1.20210507120117-PR_1432-SNAPSHOT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: Uy6I6v1yTzY=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://mwzeom.zeotap.com/mw?cid=13034587852374202283152254744114951068&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca71abdf-04b4-4e8c-56aa-cfdd44879a8e&reqId=860bac87-12b7-4df4-6cab-d25b2fd61a00&zdid=1361
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 204 /
loadeu.exelator.com/load/ Frame F919 0
324 B 3101ms
13ms Image
text/plain 18.198.126.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca71abdf-04b4-4e8c-56aa-cfdd44879a8e&reqId=860bac87-12b7-4df4-6cab-d25b2fd61a00&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.126.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:52 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET zeotap.php
bn01.er.bemail.it/ Frame F919 0
0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame F919
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
https://mwzeom.zeotap.com/mw?cid=6961219986191349913&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca71abdf-04b4-4e8c-56aa-cfdd44879a8e&reqId=860bac87-12b7-4df4-6cab-...

95 B
257 B

79ms
28ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=6961219986191349913&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca71abdf-04b4-4e8c-56aa-cfdd44879a8e&reqId=860bac87-12b7-4df4-6cab-d25b2fd61a00&zdid=1361
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:50 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 64e019fdaf5d4df4-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 09ffee928900004df419127000000001

Redirect headers

Location: https://mwzeom.zeotap.com/mw?cid=6961219986191349913&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca71abdf-04b4-4e8c-56aa-cfdd44879a8e&reqId=860bac87-12b7-4df4-6cab-d25b2fd61a00&zdid=1361
Date: Wed, 12 May 2021 02:08:50 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/ Frame F919
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=ca71abdf-04b4-4e8c-56aa-cfdd44879a8e
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=ca71abdf-04b4-4e8c-56aa-cfdd44879a8e

95 B
415 B

19ms
19ms

Image
image/png

35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=ca71abdf-04b4-4e8c-56aa-cfdd44879a8e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Jetty(9.4.36.v20210114) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:52 GMT
via: 1.1 google
server: Jetty(9.4.36.v20210114)
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/png
alt-svc: clear
content-length: 95

Redirect headers

date: Wed, 12 May 2021 02:08:52 GMT
via: 1.1 google
server: Jetty(9.4.36.v20210114)
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=ca71abdf-04b4-4e8c-56aa-cfdd44879a8e
alt-svc: clear
content-length: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame F919
Redirect Chain

https://idsync.frontend.weborama.fr/ids?key=zeotap&value=ca71abdf-04b4-4e8c-56aa-cfdd44879a8e&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
https://idsync.frontend.weborama.fr/ids?key=zeotap&value=ca71abdf-04b4-4e8c-56aa-cfdd44879a8e&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
https://mwzeom.zeotap.com/mw?webouuid=.DXFw22m1HI.Y0GLkuDP2O&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca71abdf-04b4-4e8c-56aa-cfdd44879a8e&reqId=860bac87-12b7-4d...

95 B
258 B

47ms
33ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?webouuid=.DXFw22m1HI.Y0GLkuDP2O&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca71abdf-04b4-4e8c-56aa-cfdd44879a8e&reqId=860bac87-12b7-4df4-6cab-d25b2fd61a00&zdid=1361
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:55 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 64e01a1a5fd397a8-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 09ffeea479000097a8419bf000000001

Redirect headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:55 GMT
via: 1.1 google
last-modified: Wed, 12 May 2021 02:08:55 GMT
server: nginx/1.12.0
location: https://mwzeom.zeotap.com/mw?webouuid=.DXFw22m1HI.Y0GLkuDP2O&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca71abdf-04b4-4e8c-56aa-cfdd44879a8e&reqId=860bac87-12b7-4df4-6cab-d25b2fd61a00&zdid=1361
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: clear
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 200 2.gif
dmp.theadex.com/d/949/i/ Frame F919 36 B
378 B 1074ms
16ms Image
image/gif 89.163.159.103
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=ca71abdf-04b4-4e8c-56aa-cfdd44879a8e&axd_pid=175
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 89.163.159.103 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx /
Resource Hash: 204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:53 GMT
server: nginx
p3p: CP="CAO PSAa PSDa IVAa IVDa OUR UNI COM NAV"
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
content-length: 36
expires: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame F919
Redirect Chain

https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=ca71abdf-04b4-4e8c-56aa-cfdd44879a8e?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_con...
https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=ca71abdf-04b4-4e8c-56aa-cfdd44879a8e?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdp...
https://mwzeom.zeotap.com/mw?pid=10b03eff6f105aed1411d1dd5455eb28&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca71abdf-04b4-4e8c-56aa-cfdd44879a8e&reqId=860bac87-12...

95 B
178 B

31ms
31ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?pid=10b03eff6f105aed1411d1dd5455eb28&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca71abdf-04b4-4e8c-56aa-cfdd44879a8e&reqId=860bac87-12b7-4df4-6cab-d25b2fd61a00&zdid=1361
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:55 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 64e01a1c083197a8-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 09ffeea582000097a8401b5000000001

Redirect headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:55 GMT
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://mwzeom.zeotap.com/mw?pid=10b03eff6f105aed1411d1dd5455eb28&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca71abdf-04b4-4e8c-56aa-cfdd44879a8e&reqId=860bac87-12b7-4df4-6cab-d25b2fd61a00&zdid=1361
cache-control: no-cache
x-server: 10.45.21.54
content-length: 0
expires: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame F919
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
https://mwzeom.zeotap.com/mw?cid=y-ybOVj8VE2oqdRBEoQ9RbxxY74upXynOk2Q--~A&zpartnerid=570&env=mWeb

95 B
177 B

40ms
28ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=y-ybOVj8VE2oqdRBEoQ9RbxxY74upXynOk2Q--~A&zpartnerid=570&env=mWeb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:54 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 64e01a12afba0610-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 09ffee9fab0000061097131000000001

Redirect headers

date: Wed, 12 May 2021 02:08:54 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: text/html;charset=utf-8
location: https://mwzeom.zeotap.com/mw?cid=y-ybOVj8VE2oqdRBEoQ9RbxxY74upXynOk2Q--~A&zpartnerid=570&env=mWeb
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000
content-length: 0
x-content-type-options: nosniff

GET
H2

200

mw
mwzeom.zeotap.com/ Frame F919
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca71abdf-04b4-4e8c-56aa-cfdd44879a8e&reqId=860bac87-12b7-4df4-6cab-d25b2fd61a00&zd...
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=5tMGWk1s0ax04MKMj3vWWOCLiuuuDOUP%2BS41iYitP1U%3D

95 B
177 B

22ms
22ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=5tMGWk1s0ax04MKMj3vWWOCLiuuuDOUP%2BS41iYitP1U%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:54 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 64e01a12cfe20610-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 09ffee9fb90000061071b5e000000001

Redirect headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:54 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=5tMGWk1s0ax04MKMj3vWWOCLiuuuDOUP%2BS41iYitP1U%3D
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H2 200 v2
odr.mookie1.com/t/ Frame F919 43 B
390 B 1038ms
17ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=ca71abdf-04b4-4e8c-56aa-cfdd44879a8e&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca71abdf-04b4-4e8c-56aa-cfdd44879a8e&reqId=860bac87-12b7-4df4-6cab-d25b2fd61a00&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:55 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame F919 0
338 B 485ms
30ms Image
text/plain 54.77.62.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca71abdf-04b4-4e8c-56aa-cfdd44879a8e&reqId=860bac87-12b7-4df4-6cab-d25b2fd61a00&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.62.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:54 GMT
cache-control: private, no-cache, no-store
x-request-time: D=35 t=1620785334
x-served-by: beacon-n020-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 /
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame F919 95 B
358 B 3155ms
18ms Image
image/png 168.119.149.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=ca71abdf-04b4-4e8c-56aa-cfdd44879a8e&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca71abdf-04b4-4e8c-56aa-cfdd44879a8e&reqId=860bac87-12b7-4df4-6cab-d25b2fd61a00&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 168.119.149.178 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.178.149.119.168.clients.your-server.de
Software: nginx/1.10.3 /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:57 GMT
server: nginx/1.10.3
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: image/png

GET
H2

200

mw
mwzeom.zeotap.com/ Frame F919
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr...
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YJs4uAAAzlkwIQBg&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca71abdf-04b4-4e8c-56aa-cfdd44879a8e&reqId=860bac87-12b7-4df4-6cab-d25...

95 B
178 B

35ms
35ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YJs4uAAAzlkwIQBg&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca71abdf-04b4-4e8c-56aa-cfdd44879a8e&reqId=860bac87-12b7-4df4-6cab-d25b2fd61a00&zdid=1361&_test=YJs4uAAAzlkwIQBg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:56 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 64e01a1ece4e648b-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 09ffeea7410000648bee856000000001

Redirect headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:56 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1620785336.123274,VS0,VE0
x-served-by: cache-fra19140-FRA
x-cache: HIT
location: https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YJs4uAAAzlkwIQBg&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca71abdf-04b4-4e8c-56aa-cfdd44879a8e&reqId=860bac87-12b7-4df4-6cab-d25b2fd61a00&zdid=1361&_test=YJs4uAAAzlkwIQBg
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame F919
Redirect Chain

https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
https://mwzeom.zeotap.com/mw?cid=bd09609b-38b7-4300-9bca-d9adc3ddbede&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca71abdf-04b4-4e8c-56aa-cfdd44879a8e&reqId=860bac8...

95 B
178 B

24ms
23ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=bd09609b-38b7-4300-9bca-d9adc3ddbede&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca71abdf-04b4-4e8c-56aa-cfdd44879a8e&reqId=860bac87-12b7-4df4-6cab-d25b2fd61a00&zdid=1361
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:55 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 64e01a1d2e1e648b-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 09ffeea6390000648beca93000000001

Redirect headers

Date: Wed, 12 May 2021 02:08:55 GMT
Server: MT3 3709 11aaa92 master cdg-pixel-x24
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://mwzeom.zeotap.com/mw?cid=bd09609b-38b7-4300-9bca-d9adc3ddbede&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca71abdf-04b4-4e8c-56aa-cfdd44879a8e&reqId=860bac87-12b7-4df4-6cab-d25b2fd61a00&zdid=1361
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 0
Expires: Wed, 12 May 2021 02:10:25 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame F919
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca71abdf-04b4-4e8c-56aa-cfdd44879a8e&reqId=860bac87-12b7-4df4-6cab-d25b2fd61a00&zdid=1361
https://mwzeom.zeotap.com/mw?zpartnerid=768&cid=OHXI74SN&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca71abdf-04b4-4e8c-56aa-cfdd44879a8e&reqId=860bac87-12b7-4df4-6cab-d25b2fd61a00&zdid=1361
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=4d5e6664-1d51-4d29-7dd1-41b10e05197e

0
337 B

335ms
29ms

Image
text/plain

54.77.62.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=4d5e6664-1d51-4d29-7dd1-41b10e05197e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.62.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:57 GMT
cache-control: private, no-cache, no-store
x-request-time: D=55 t=1620785337
x-served-by: beacon-n015-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date: Wed, 12 May 2021 02:08:57 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-origin: https://spl.zeotap.com
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: text/html; charset=utf-8
location: https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=4d5e6664-1d51-4d29-7dd1-41b10e05197e
access-control-allow-credentials: true
cf-ray: 64e01a24a8dc2b59-FRA
access-control-allow-headers: *
cf-request-id: 09ffeeaaeb00002b59e8a8a000000001

GET
H/1.1

200
OK

dcm
aax-eu.amazon-adsystem.com/s/ Frame F919
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=ca71abdf-04b4-4e8c-56aa-cfdd44879a8e&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca71abdf-04b4-4e8c-56a...
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=ca71abdf-04b4-4e8c-56aa-cfdd44879a8e&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca71abdf-04b4-4e8c-56a...

43 B
433 B

60ms
34ms

Image
image/gif

52.95.116.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=ca71abdf-04b4-4e8c-56aa-cfdd44879a8e&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca71abdf-04b4-4e8c-56aa-cfdd44879a8e&reqId=860bac87-12b7-4df4-6cab-d25b2fd61a00&zdid=1361&dcc=t
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.116.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 02:08:59 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 12 May 2021 02:08:59 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=ca71abdf-04b4-4e8c-56aa-cfdd44879a8e&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca71abdf-04b4-4e8c-56aa-cfdd44879a8e&reqId=860bac87-12b7-4df4-6cab-d25b2fd61a00&zdid=1361&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK 87734
tags.bluekai.com/site/ Frame F919 62 B
425 B 484ms
151ms Image
image/gif 23.45.99.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/87734?id=ca71abdf-04b4-4e8c-56aa-cfdd44879a8e&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca71abdf-04b4-4e8c-56aa-cfdd44879a8e&reqId=860bac87-12b7-4df4-6cab-d25b2fd61a00&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.45.99.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-45-99-241.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 02:08:56 GMT
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 62
BK-Server: b1af
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 zeo
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/ Frame F919 0
37 B 84ms
28ms Image
text/plain 54.74.77.155
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dca71abdf-04b4-4e8c-56aa-cfdd44879a8e%26reqId%3D860bac87-12b7-4df4-6cab-d25b2fd61a00%26zdid%3D1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.74.77.155 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-74-77-155.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:56 GMT
content-length: 0

GET
H2 200 cmp.min.js Show response
spl.zeotap.com/ Frame F919 557 B
481 B 65ms
48ms Script
text/plain 2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca71abdf-04b4-4e8c-56aa-cfdd44879a8e&reqId=860bac87-12b7-4df4-6cab-d25b2fd61a00&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a59a36a83a332f6b096701c42aea512194487121b6befd5ecb888a19d5b4e64

Request headers

Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray: 64e019f31de14e61-FRA
date: Wed, 12 May 2021 02:08:49 GMT
via: 1.1 google
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
content-encoding: br
access-control-allow-headers: *
cf-request-id: 09ffee8bf100004e612d94b000000001

GET getuid
ib.adnxs.com/ Frame 880B 0
0

GET pixel
cm.g.doubleclick.net/ Frame 880B 0
0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 880B
Redirect Chain

https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
https://mwzeom.zeotap.com/mw?cid=52c0b3ee-2b61-451b-a94e-a6833024c763&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c56a2c1-d060-4acd-549c-17129dc7b69b&reqId=89bd1e2f-f89d-40b6...

95 B
178 B

41ms
28ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=52c0b3ee-2b61-451b-a94e-a6833024c763&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c56a2c1-d060-4acd-549c-17129dc7b69b&reqId=89bd1e2f-f89d-40b6-76e6-53bcb467a177&zdid=1361
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:52 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 64e01a07fbd44e6e-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 09ffee98fd00004e6e5801b000000001

Redirect headers

date: Wed, 12 May 2021 02:08:52 GMT
via: 1.1 google
server: Jetty(9.4.36.v20210114)
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://mwzeom.zeotap.com/mw?cid=52c0b3ee-2b61-451b-a94e-a6833024c763&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c56a2c1-d060-4acd-549c-17129dc7b69b&reqId=89bd1e2f-f89d-40b6-76e6-53bcb467a177&zdid=1361
alt-svc: clear
content-length: 0

GET /
dmp.adform.net/serving/cookie/match/ Frame 880B 0
0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 880B
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D0c56a2c1-d060-4acd-549c-17129dc7b69b%26reqId%3D8...
https://mwzeom.zeotap.com/mw?cid=20cb7bc9-a44b-4632-bad6-7f9939c54c11&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c56a2c1-d060-4acd-549c-17129dc7b69b&reqId=89bd1e2f-f89d-40b6...

95 B
189 B

31ms
25ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=20cb7bc9-a44b-4632-bad6-7f9939c54c11&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c56a2c1-d060-4acd-549c-17129dc7b69b&reqId=89bd1e2f-f89d-40b6-76e6-53bcb467a177&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:49 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 64e019f39e914e61-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 09ffee8c3d00004e610f834000000001

Redirect headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:49 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://mwzeom.zeotap.com/mw?cid=20cb7bc9-a44b-4632-bad6-7f9939c54c11&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c56a2c1-d060-4acd-549c-17129dc7b69b&reqId=89bd1e2f-f89d-40b6-76e6-53bcb467a177&zdid=1361
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 481

GET cm
trc.taboola.com/sg/zeotap/1/ Frame 880B 0
0

GET u
dmp.v.fwmrm.net/ad/ Frame 880B 0
0

GET
H/1.1 200
OK UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 880B 0
240 B 100ms
13ms Image
text/html 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D0c56a2c1-d060-4acd-549c-17129dc7b69b%26reqId%3D89bd1e2f-f89d-40b6-76e6-53bcb467a177%26zdid%3D1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 02:08:47 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 880B
Redirect Chain

https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c56a2c1-d060-4acd-549c-17129dc7b69b&reqId=89bd1e2f-f89d-40b6-76e6-53bcb467a177&zdid=1361
https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c56a2c1-d060-4acd-549c-17129dc7b69b&reqId=89bd1e2f-f89d-40b6-76e6-53bcb467a177&zdid=136...
https://mwzeom.zeotap.com/mw?cid=c4691120-4b15-41d9-adca-6b34473871cd&zpartnerid=317&gdpr=1&gdpr_consent=

95 B
178 B

37ms
33ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=c4691120-4b15-41d9-adca-6b34473871cd&zpartnerid=317&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:49 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 64e019f678940609-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 09ffee8e0a00000609628ef000000001

Redirect headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:49 GMT
server: Apache-Coyote/1.1
location: https://mwzeom.zeotap.com/mw?cid=c4691120-4b15-41d9-adca-6b34473871cd&zpartnerid=317&gdpr=1&gdpr_consent=
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
x-xss-protection: 1; mode=block
expires: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 880B
Redirect Chain

https://dpm.demdex.net/ibs:dpid=199624&dpuuid=0c56a2c1-d060-4acd-549c-17129dc7b69b&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=0c56a2c1-d060-4acd-549c-17129dc7b69b&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
https://mwzeom.zeotap.com/mw?cid=52723135408632176184565486562251500583&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c56a2c1-d060-4acd-549c-17129dc7b69b&reqId=89bd1e2f-f89d-...

95 B
489 B

25ms
24ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=52723135408632176184565486562251500583&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c56a2c1-d060-4acd-549c-17129dc7b69b&reqId=89bd1e2f-f89d-40b6-76e6-53bcb467a177&zdid=1361
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:52 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 64e01a0afaba535d-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 09ffee9ad70000535d3c1d8000000001

Redirect headers

DCS: dcs-prod-irl1-2-v006-0ca46e1cc.edge-irl1.demdex.com 6.2.1.20210507120117-PR_1432-SNAPSHOT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: BE1IkhudTM0=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://mwzeom.zeotap.com/mw?cid=52723135408632176184565486562251500583&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c56a2c1-d060-4acd-549c-17129dc7b69b&reqId=89bd1e2f-f89d-40b6-76e6-53bcb467a177&zdid=1361
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 204 /
loadeu.exelator.com/load/ Frame 880B 0
324 B 3087ms
12ms Image
text/plain 18.198.126.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c56a2c1-d060-4acd-549c-17129dc7b69b&reqId=89bd1e2f-f89d-40b6-76e6-53bcb467a177&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.126.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:52 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET zeotap.php
bn01.er.bemail.it/ Frame 880B 0
0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 880B
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
https://mwzeom.zeotap.com/mw?cid=6961219986191612057&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c56a2c1-d060-4acd-549c-17129dc7b69b&reqId=89bd1e2f-f89d-40b6-76e6-...

95 B
489 B

54ms
23ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=6961219986191612057&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c56a2c1-d060-4acd-549c-17129dc7b69b&reqId=89bd1e2f-f89d-40b6-76e6-53bcb467a177&zdid=1361
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:50 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 64e019fdaf604df4-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 09ffee928800004df4f7baa000000001

Redirect headers

Location: https://mwzeom.zeotap.com/mw?cid=6961219986191612057&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c56a2c1-d060-4acd-549c-17129dc7b69b&reqId=89bd1e2f-f89d-40b6-76e6-53bcb467a177&zdid=1361
Date: Wed, 12 May 2021 02:08:50 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/ Frame 880B
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=0c56a2c1-d060-4acd-549c-17129dc7b69b
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=0c56a2c1-d060-4acd-549c-17129dc7b69b

95 B
426 B

19ms
18ms

Image
image/png

35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=0c56a2c1-d060-4acd-549c-17129dc7b69b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Jetty(9.4.36.v20210114) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:52 GMT
via: 1.1 google
server: Jetty(9.4.36.v20210114)
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/png
alt-svc: clear
content-length: 95

Redirect headers

date: Wed, 12 May 2021 02:08:52 GMT
via: 1.1 google
server: Jetty(9.4.36.v20210114)
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=0c56a2c1-d060-4acd-549c-17129dc7b69b
alt-svc: clear
content-length: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 880B
Redirect Chain

https://idsync.frontend.weborama.fr/ids?key=zeotap&value=0c56a2c1-d060-4acd-549c-17129dc7b69b&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
https://idsync.frontend.weborama.fr/ids?key=zeotap&value=0c56a2c1-d060-4acd-549c-17129dc7b69b&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
https://mwzeom.zeotap.com/mw?webouuid=.DXFw22m1HI.Y0GLkuDP2O&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c56a2c1-d060-4acd-549c-17129dc7b69b&reqId=89bd1e2f-f89d-40...

95 B
489 B

38ms
24ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?webouuid=.DXFw22m1HI.Y0GLkuDP2O&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c56a2c1-d060-4acd-549c-17129dc7b69b&reqId=89bd1e2f-f89d-40b6-76e6-53bcb467a177&zdid=1361
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:55 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 64e01a1a5fd497a8-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 09ffeea479000097a8a7351000000001

Redirect headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:55 GMT
via: 1.1 google
last-modified: Wed, 12 May 2021 02:08:55 GMT
server: nginx/1.12.0
location: https://mwzeom.zeotap.com/mw?webouuid=.DXFw22m1HI.Y0GLkuDP2O&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c56a2c1-d060-4acd-549c-17129dc7b69b&reqId=89bd1e2f-f89d-40b6-76e6-53bcb467a177&zdid=1361
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: clear
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 200 2.gif
dmp.theadex.com/d/949/i/ Frame 880B 36 B
378 B 1074ms
17ms Image
image/gif 89.163.159.103
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=0c56a2c1-d060-4acd-549c-17129dc7b69b&axd_pid=175
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 89.163.159.103 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx /
Resource Hash: 204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:53 GMT
server: nginx
p3p: CP="CAO PSAa PSDa IVAa IVDa OUR UNI COM NAV"
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
content-length: 36
expires: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 880B
Redirect Chain

https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=0c56a2c1-d060-4acd-549c-17129dc7b69b?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_con...
https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=0c56a2c1-d060-4acd-549c-17129dc7b69b?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdp...
https://mwzeom.zeotap.com/mw?pid=10b03eff6f105aed1411d1dd5455eb28&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c56a2c1-d060-4acd-549c-17129dc7b69b&reqId=89bd1e2f-f8...

95 B
178 B

26ms
26ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?pid=10b03eff6f105aed1411d1dd5455eb28&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c56a2c1-d060-4acd-549c-17129dc7b69b&reqId=89bd1e2f-f89d-40b6-76e6-53bcb467a177&zdid=1361
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:55 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 64e01a1c784897a8-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 09ffeea5c7000097a862272000000001

Redirect headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:55 GMT
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://mwzeom.zeotap.com/mw?pid=10b03eff6f105aed1411d1dd5455eb28&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c56a2c1-d060-4acd-549c-17129dc7b69b&reqId=89bd1e2f-f89d-40b6-76e6-53bcb467a177&zdid=1361
cache-control: no-cache
x-server: 10.45.10.116
content-length: 0
expires: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 880B
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
https://mwzeom.zeotap.com/mw?cid=y-ybOVj8VE2oqdRBEoQ9RbxxY74upXynOk2Q--~A&zpartnerid=570&env=mWeb

95 B
177 B

36ms
24ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=y-ybOVj8VE2oqdRBEoQ9RbxxY74upXynOk2Q--~A&zpartnerid=570&env=mWeb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:54 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 64e01a12afbd0610-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 09ffee9fac00000610ab3c9000000001

Redirect headers

date: Wed, 12 May 2021 02:08:54 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: text/html;charset=utf-8
location: https://mwzeom.zeotap.com/mw?cid=y-ybOVj8VE2oqdRBEoQ9RbxxY74upXynOk2Q--~A&zpartnerid=570&env=mWeb
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000
content-length: 0
x-content-type-options: nosniff

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 880B
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c56a2c1-d060-4acd-549c-17129dc7b69b&reqId=89bd1e2f-f89d-40b6-76e6-53bcb467a177&zd...
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=GDNs5p3Vdkl04MKMj3vWWAOv9zieFrxp%2BS41iYitP1U%3D

95 B
177 B

20ms
20ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=GDNs5p3Vdkl04MKMj3vWWAOv9zieFrxp%2BS41iYitP1U%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:54 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 64e01a12cfdc0610-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 09ffee9fb8000006107b1fb000000001

Redirect headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:54 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=GDNs5p3Vdkl04MKMj3vWWAOv9zieFrxp%2BS41iYitP1U%3D
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H2 200 v2
odr.mookie1.com/t/ Frame 880B 43 B
390 B 1043ms
17ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=0c56a2c1-d060-4acd-549c-17129dc7b69b&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c56a2c1-d060-4acd-549c-17129dc7b69b&reqId=89bd1e2f-f89d-40b6-76e6-53bcb467a177&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:55 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 880B 0
337 B 488ms
31ms Image
text/plain 54.77.62.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c56a2c1-d060-4acd-549c-17129dc7b69b&reqId=89bd1e2f-f89d-40b6-76e6-53bcb467a177&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.62.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:54 GMT
cache-control: private, no-cache, no-store
x-request-time: D=40 t=1620785334
x-served-by: beacon-n003-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 /
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame 880B 95 B
358 B 3155ms
19ms Image
image/png 168.119.149.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=0c56a2c1-d060-4acd-549c-17129dc7b69b&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c56a2c1-d060-4acd-549c-17129dc7b69b&reqId=89bd1e2f-f89d-40b6-76e6-53bcb467a177&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 168.119.149.178 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.178.149.119.168.clients.your-server.de
Software: nginx/1.10.3 /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:57 GMT
server: nginx/1.10.3
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: image/png

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 880B
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr...
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YJs4uAAAznQxPQBg&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c56a2c1-d060-4acd-549c-17129dc7b69b&reqId=89bd1e2f-f89d-40b6-76e6-53b...

95 B
178 B

23ms
23ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YJs4uAAAznQxPQBg&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c56a2c1-d060-4acd-549c-17129dc7b69b&reqId=89bd1e2f-f89d-40b6-76e6-53bcb467a177&zdid=1361&_test=YJs4uAAAznQxPQBg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:56 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 64e01a1f5e5b648b-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 09ffeea7950000648bfaab7000000001

Redirect headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:56 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1620785336.206764,VS0,VE0
x-served-by: cache-fra19140-FRA
x-cache: HIT
location: https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YJs4uAAAznQxPQBg&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c56a2c1-d060-4acd-549c-17129dc7b69b&reqId=89bd1e2f-f89d-40b6-76e6-53bcb467a177&zdid=1361&_test=YJs4uAAAznQxPQBg
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 880B
Redirect Chain

https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
https://mwzeom.zeotap.com/mw?cid=69e0609b-38b7-4b00-b864-934f68f17fda&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c56a2c1-d060-4acd-549c-17129dc7b69b&reqId=89bd1e2...

95 B
178 B

23ms
23ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=69e0609b-38b7-4b00-b864-934f68f17fda&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c56a2c1-d060-4acd-549c-17129dc7b69b&reqId=89bd1e2f-f89d-40b6-76e6-53bcb467a177&zdid=1361
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:55 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 64e01a1cc85897a8-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 09ffeea5fb000097a8a7357000000001

Redirect headers

Date: Wed, 12 May 2021 02:08:55 GMT
Server: MT3 3709 11aaa92 master cdg-pixel-x25
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://mwzeom.zeotap.com/mw?cid=69e0609b-38b7-4b00-b864-934f68f17fda&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c56a2c1-d060-4acd-549c-17129dc7b69b&reqId=89bd1e2f-f89d-40b6-76e6-53bcb467a177&zdid=1361
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 0
Expires: Wed, 12 May 2021 02:10:24 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 880B
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c56a2c1-d060-4acd-549c-17129dc7b69b&reqId=89bd1e2f-f89d-40b6-76e6-53bcb467a177&zdid=1361
https://mwzeom.zeotap.com/mw?zpartnerid=768&cid=OHXI74SN&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c56a2c1-d060-4acd-549c-17129dc7b69b&reqId=89bd1e2f-f89d-40b6-76e6-53bcb467a177&zdid=1361
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=4d5e6664-1d51-4d29-7dd1-41b10e05197e

0
337 B

332ms
29ms

Image
text/plain

54.77.62.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=4d5e6664-1d51-4d29-7dd1-41b10e05197e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.62.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:57 GMT
cache-control: private, no-cache, no-store
x-request-time: D=33 t=1620785337
x-served-by: beacon-n017-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date: Wed, 12 May 2021 02:08:57 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-origin: https://spl.zeotap.com
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: text/html; charset=utf-8
location: https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=4d5e6664-1d51-4d29-7dd1-41b10e05197e
access-control-allow-credentials: true
cf-ray: 64e01a24a8dd2b59-FRA
access-control-allow-headers: *
cf-request-id: 09ffeeaaeb00002b59098a9000000001

GET
H/1.1

200
OK

dcm
aax-eu.amazon-adsystem.com/s/ Frame 880B
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=0c56a2c1-d060-4acd-549c-17129dc7b69b&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c56a2c1-d060-4acd-549...
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=0c56a2c1-d060-4acd-549c-17129dc7b69b&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c56a2c1-d060-4acd-549...

43 B
433 B

104ms
33ms

Image
image/gif

52.95.116.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=0c56a2c1-d060-4acd-549c-17129dc7b69b&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c56a2c1-d060-4acd-549c-17129dc7b69b&reqId=89bd1e2f-f89d-40b6-76e6-53bcb467a177&zdid=1361&dcc=t
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.116.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 02:08:59 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 12 May 2021 02:08:59 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=0c56a2c1-d060-4acd-549c-17129dc7b69b&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c56a2c1-d060-4acd-549c-17129dc7b69b&reqId=89bd1e2f-f89d-40b6-76e6-53bcb467a177&zdid=1361&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK 87734
tags.bluekai.com/site/ Frame 880B 62 B
425 B 574ms
159ms Image
image/gif 23.45.99.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/87734?id=0c56a2c1-d060-4acd-549c-17129dc7b69b&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c56a2c1-d060-4acd-549c-17129dc7b69b&reqId=89bd1e2f-f89d-40b6-76e6-53bcb467a177&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.45.99.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-45-99-241.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 02:08:56 GMT
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 62
BK-Server: 5f25
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 zeo
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/ Frame 880B 0
37 B 28ms
27ms Image
text/plain 54.74.77.155
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D0c56a2c1-d060-4acd-549c-17129dc7b69b%26reqId%3D89bd1e2f-f89d-40b6-76e6-53bcb467a177%26zdid%3D1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.74.77.155 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-74-77-155.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:56 GMT
content-length: 0

GET
H2 200 cmp.min.js Show response
spl.zeotap.com/ Frame 880B 557 B
515 B 51ms
33ms Script
text/plain 2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c56a2c1-d060-4acd-549c-17129dc7b69b&reqId=89bd1e2f-f89d-40b6-76e6-53bcb467a177&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b9e87ef4964d8d5fc149fe03f977d15ef1f90141eb67d54997b37be4725d6c3

Request headers

Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray: 64e019f32dfe4e61-FRA
date: Wed, 12 May 2021 02:08:49 GMT
via: 1.1 google
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
content-encoding: br
access-control-allow-headers: *
cf-request-id: 09ffee8bfc00004e61f90de000000001

GET getuid
ib.adnxs.com/ Frame BF32 0
0

GET pixel
cm.g.doubleclick.net/ Frame BF32 0
0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame BF32
Redirect Chain

https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
https://mwzeom.zeotap.com/mw?cid=52c0b3ee-2b61-451b-a94e-a6833024c763&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fef7a499-cbf2-488c-52d6-2fb9bab45c86&reqId=b19528cf-d57e-485e...

95 B
178 B

39ms
26ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=52c0b3ee-2b61-451b-a94e-a6833024c763&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fef7a499-cbf2-488c-52d6-2fb9bab45c86&reqId=b19528cf-d57e-485e-6cc6-bb3353794db4&zdid=1361
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:52 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 64e01a07fbd34e6e-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 09ffee98fd00004e6e63b74000000001

Redirect headers

date: Wed, 12 May 2021 02:08:52 GMT
via: 1.1 google
server: Jetty(9.4.36.v20210114)
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://mwzeom.zeotap.com/mw?cid=52c0b3ee-2b61-451b-a94e-a6833024c763&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fef7a499-cbf2-488c-52d6-2fb9bab45c86&reqId=b19528cf-d57e-485e-6cc6-bb3353794db4&zdid=1361
alt-svc: clear
content-length: 0

GET /
dmp.adform.net/serving/cookie/match/ Frame BF32 0
0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame BF32
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dfef7a499-cbf2-488c-52d6-2fb9bab45c86%26reqId%3Db...
https://mwzeom.zeotap.com/mw?cid=20cb7bc9-a44b-4632-bad6-7f9939c54c11&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fef7a499-cbf2-488c-52d6-2fb9bab45c86&reqId=b19528cf-d57e-485e...

95 B
178 B

54ms
31ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=20cb7bc9-a44b-4632-bad6-7f9939c54c11&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fef7a499-cbf2-488c-52d6-2fb9bab45c86&reqId=b19528cf-d57e-485e-6cc6-bb3353794db4&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:49 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 64e019f3eee34e61-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 09ffee8c6e00004e6165aec000000001

Redirect headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:49 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://mwzeom.zeotap.com/mw?cid=20cb7bc9-a44b-4632-bad6-7f9939c54c11&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fef7a499-cbf2-488c-52d6-2fb9bab45c86&reqId=b19528cf-d57e-485e-6cc6-bb3353794db4&zdid=1361
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 481

GET cm
trc.taboola.com/sg/zeotap/1/ Frame BF32 0
0

GET u
dmp.v.fwmrm.net/ad/ Frame BF32 0
0

GET
H/1.1 200
OK UCookieSetPug
image6.pubmatic.com/AdServer/ Frame BF32 0
240 B 104ms
13ms Image
text/html 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dfef7a499-cbf2-488c-52d6-2fb9bab45c86%26reqId%3Db19528cf-d57e-485e-6cc6-bb3353794db4%26zdid%3D1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 02:08:48 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2

200

mw
mwzeom.zeotap.com/ Frame BF32
Redirect Chain

https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fef7a499-cbf2-488c-52d6-2fb9bab45c86&reqId=b19528cf-d57e-485e-6cc6-bb3353794db4&zdid=1361
https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fef7a499-cbf2-488c-52d6-2fb9bab45c86&reqId=b19528cf-d57e-485e-6cc6-bb3353794db4&zdid=136...
https://mwzeom.zeotap.com/mw?cid=c4691120-4b15-41d9-adca-6b34473871cd&zpartnerid=317&gdpr=1&gdpr_consent=

95 B
178 B

53ms
49ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=c4691120-4b15-41d9-adca-6b34473871cd&zpartnerid=317&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:49 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 64e019f678990609-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 09ffee8e0a00000609cbb5b000000001

Redirect headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:49 GMT
server: Apache-Coyote/1.1
location: https://mwzeom.zeotap.com/mw?cid=c4691120-4b15-41d9-adca-6b34473871cd&zpartnerid=317&gdpr=1&gdpr_consent=
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
x-xss-protection: 1; mode=block
expires: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame BF32
Redirect Chain

https://dpm.demdex.net/ibs:dpid=199624&dpuuid=fef7a499-cbf2-488c-52d6-2fb9bab45c86&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=fef7a499-cbf2-488c-52d6-2fb9bab45c86&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
https://mwzeom.zeotap.com/mw?cid=51558111399064546502944162612846130322&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fef7a499-cbf2-488c-52d6-2fb9bab45c86&reqId=b19528cf-d57e-...

95 B
178 B

24ms
24ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=51558111399064546502944162612846130322&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fef7a499-cbf2-488c-52d6-2fb9bab45c86&reqId=b19528cf-d57e-485e-6cc6-bb3353794db4&zdid=1361
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:52 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 64e01a0b0ae6535d-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 09ffee9aea0000535d472d6000000001

Redirect headers

DCS: dcs-prod-irl1-1-v006-01398a4a9.edge-irl1.demdex.com 6.2.1.20210507120117-PR_1432-SNAPSHOT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 9Rik7J0YRao=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://mwzeom.zeotap.com/mw?cid=51558111399064546502944162612846130322&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fef7a499-cbf2-488c-52d6-2fb9bab45c86&reqId=b19528cf-d57e-485e-6cc6-bb3353794db4&zdid=1361
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 204 /
loadeu.exelator.com/load/ Frame BF32 0
324 B 3071ms
13ms Image
text/plain 18.198.126.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fef7a499-cbf2-488c-52d6-2fb9bab45c86&reqId=b19528cf-d57e-485e-6cc6-bb3353794db4&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.126.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:52 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET zeotap.php
bn01.er.bemail.it/ Frame BF32 0
0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame BF32
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
https://mwzeom.zeotap.com/mw?cid=6961219986191808665&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fef7a499-cbf2-488c-52d6-2fb9bab45c86&reqId=b19528cf-d57e-485e-6cc6-...

95 B
258 B

47ms
25ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=6961219986191808665&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fef7a499-cbf2-488c-52d6-2fb9bab45c86&reqId=b19528cf-d57e-485e-6cc6-bb3353794db4&zdid=1361
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:50 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 64e019fdaf614df4-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 09ffee928800004df40298e000000001

Redirect headers

Location: https://mwzeom.zeotap.com/mw?cid=6961219986191808665&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fef7a499-cbf2-488c-52d6-2fb9bab45c86&reqId=b19528cf-d57e-485e-6cc6-bb3353794db4&zdid=1361
Date: Wed, 12 May 2021 02:08:50 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/ Frame BF32
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=fef7a499-cbf2-488c-52d6-2fb9bab45c86
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=fef7a499-cbf2-488c-52d6-2fb9bab45c86

95 B
415 B

19ms
19ms

Image
image/png

35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=fef7a499-cbf2-488c-52d6-2fb9bab45c86

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Jetty(9.4.36.v20210114) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:52 GMT
via: 1.1 google
server: Jetty(9.4.36.v20210114)
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/png
alt-svc: clear
content-length: 95

Redirect headers

date: Wed, 12 May 2021 02:08:52 GMT
via: 1.1 google
server: Jetty(9.4.36.v20210114)
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=fef7a499-cbf2-488c-52d6-2fb9bab45c86
alt-svc: clear
content-length: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame BF32
Redirect Chain

https://idsync.frontend.weborama.fr/ids?key=zeotap&value=fef7a499-cbf2-488c-52d6-2fb9bab45c86&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
https://idsync.frontend.weborama.fr/ids?key=zeotap&value=fef7a499-cbf2-488c-52d6-2fb9bab45c86&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
https://mwzeom.zeotap.com/mw?webouuid=.DXFw22m1HI.Y0GLkuDP2O&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fef7a499-cbf2-488c-52d6-2fb9bab45c86&reqId=b19528cf-d57e-48...

95 B
258 B

40ms
26ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?webouuid=.DXFw22m1HI.Y0GLkuDP2O&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fef7a499-cbf2-488c-52d6-2fb9bab45c86&reqId=b19528cf-d57e-485e-6cc6-bb3353794db4&zdid=1361
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:55 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 64e01a1a5fd597a8-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 09ffeea479000097a852a7c000000001

Redirect headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:55 GMT
via: 1.1 google
last-modified: Wed, 12 May 2021 02:08:55 GMT
server: nginx/1.12.0
location: https://mwzeom.zeotap.com/mw?webouuid=.DXFw22m1HI.Y0GLkuDP2O&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fef7a499-cbf2-488c-52d6-2fb9bab45c86&reqId=b19528cf-d57e-485e-6cc6-bb3353794db4&zdid=1361
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: clear
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 200 2.gif
dmp.theadex.com/d/949/i/ Frame BF32 36 B
378 B 1073ms
16ms Image
image/gif 89.163.159.103
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=fef7a499-cbf2-488c-52d6-2fb9bab45c86&axd_pid=175
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 89.163.159.103 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx /
Resource Hash: 204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:53 GMT
server: nginx
p3p: CP="CAO PSAa PSDa IVAa IVDa OUR UNI COM NAV"
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
content-length: 36
expires: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame BF32
Redirect Chain

https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=fef7a499-cbf2-488c-52d6-2fb9bab45c86?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_con...
https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=fef7a499-cbf2-488c-52d6-2fb9bab45c86?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdp...
https://mwzeom.zeotap.com/mw?pid=10b03eff6f105aed1411d1dd5455eb28&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fef7a499-cbf2-488c-52d6-2fb9bab45c86&reqId=b19528cf-d5...

95 B
178 B

23ms
23ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?pid=10b03eff6f105aed1411d1dd5455eb28&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fef7a499-cbf2-488c-52d6-2fb9bab45c86&reqId=b19528cf-d57e-485e-6cc6-bb3353794db4&zdid=1361
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:55 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 64e01a1c283b97a8-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 09ffeea599000097a8a9a41000000001

Redirect headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:55 GMT
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://mwzeom.zeotap.com/mw?pid=10b03eff6f105aed1411d1dd5455eb28&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fef7a499-cbf2-488c-52d6-2fb9bab45c86&reqId=b19528cf-d57e-485e-6cc6-bb3353794db4&zdid=1361
cache-control: no-cache
x-server: 10.45.4.204
content-length: 0
expires: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame BF32
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
https://mwzeom.zeotap.com/mw?cid=y-ybOVj8VE2oqdRBEoQ9RbxxY74upXynOk2Q--~A&zpartnerid=570&env=mWeb

95 B
488 B

34ms
23ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=y-ybOVj8VE2oqdRBEoQ9RbxxY74upXynOk2Q--~A&zpartnerid=570&env=mWeb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:54 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 64e01a12afbb0610-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 09ffee9fac00000610d5147000000001

Redirect headers

date: Wed, 12 May 2021 02:08:54 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: text/html;charset=utf-8
location: https://mwzeom.zeotap.com/mw?cid=y-ybOVj8VE2oqdRBEoQ9RbxxY74upXynOk2Q--~A&zpartnerid=570&env=mWeb
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000
content-length: 0
x-content-type-options: nosniff

GET
H2

200

mw
mwzeom.zeotap.com/ Frame BF32
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fef7a499-cbf2-488c-52d6-2fb9bab45c86&reqId=b19528cf-d57e-485e-6cc6-bb3353794db4&zd...
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=Dd%2FjD8%2ByH9x04MKMj3vWWAwCtMbwGZyG%2BS41iYitP1U%3D

95 B
177 B

22ms
22ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=Dd%2FjD8%2ByH9x04MKMj3vWWAwCtMbwGZyG%2BS41iYitP1U%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:54 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 64e01a12cfe00610-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 09ffee9fb900000610a6b09000000001

Redirect headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:54 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=Dd%2FjD8%2ByH9x04MKMj3vWWAwCtMbwGZyG%2BS41iYitP1U%3D
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H2 200 v2
odr.mookie1.com/t/ Frame BF32 43 B
608 B 1043ms
16ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=fef7a499-cbf2-488c-52d6-2fb9bab45c86&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fef7a499-cbf2-488c-52d6-2fb9bab45c86&reqId=b19528cf-d57e-485e-6cc6-bb3353794db4&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:55 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame BF32 0
337 B 485ms
31ms Image
text/plain 54.77.62.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fef7a499-cbf2-488c-52d6-2fb9bab45c86&reqId=b19528cf-d57e-485e-6cc6-bb3353794db4&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.62.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:54 GMT
cache-control: private, no-cache, no-store
x-request-time: D=135 t=1620785334
x-served-by: beacon-n022-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 /
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame BF32 95 B
360 B 3156ms
19ms Image
image/png 168.119.149.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=fef7a499-cbf2-488c-52d6-2fb9bab45c86&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fef7a499-cbf2-488c-52d6-2fb9bab45c86&reqId=b19528cf-d57e-485e-6cc6-bb3353794db4&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 168.119.149.178 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.178.149.119.168.clients.your-server.de
Software: nginx/1.10.3 /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:57 GMT
server: nginx/1.10.3
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: image/png

GET
H2

200

mw
mwzeom.zeotap.com/ Frame BF32
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr...
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YJs4uAAA5NSapgAC&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fef7a499-cbf2-488c-52d6-2fb9bab45c86&reqId=b19528cf-d57e-485e-6cc6-bb3...

95 B
201 B

26ms
26ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YJs4uAAA5NSapgAC&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fef7a499-cbf2-488c-52d6-2fb9bab45c86&reqId=b19528cf-d57e-485e-6cc6-bb3353794db4&zdid=1361&_test=YJs4uAAA5NSapgAC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:56 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 64e01a1ece4d648b-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 09ffeea73c0000648bfaab6000000001

Redirect headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:56 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1620785336.118688,VS0,VE0
x-served-by: cache-fra19140-FRA
x-cache: HIT
location: https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YJs4uAAA5NSapgAC&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fef7a499-cbf2-488c-52d6-2fb9bab45c86&reqId=b19528cf-d57e-485e-6cc6-bb3353794db4&zdid=1361&_test=YJs4uAAA5NSapgAC
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame BF32
Redirect Chain

https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
https://mwzeom.zeotap.com/mw?cid=1d7b609b-38b7-4700-9b70-a168bb350e82&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fef7a499-cbf2-488c-52d6-2fb9bab45c86&reqId=b19528c...

95 B
489 B

45ms
31ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=1d7b609b-38b7-4700-9b70-a168bb350e82&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fef7a499-cbf2-488c-52d6-2fb9bab45c86&reqId=b19528cf-d57e-485e-6cc6-bb3353794db4&zdid=1361
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:55 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 64e01a1d0e1c648b-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 09ffeea62a0000648bf395c000000001

Redirect headers

Date: Wed, 12 May 2021 02:08:55 GMT
Server: MT3 3709 11aaa92 master cdg-pixel-x26
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://mwzeom.zeotap.com/mw?cid=1d7b609b-38b7-4700-9b70-a168bb350e82&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fef7a499-cbf2-488c-52d6-2fb9bab45c86&reqId=b19528cf-d57e-485e-6cc6-bb3353794db4&zdid=1361
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 0
Expires: Wed, 12 May 2021 02:10:25 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame BF32
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fef7a499-cbf2-488c-52d6-2fb9bab45c86&reqId=b19528cf-d57e-485e-6cc6-bb3353794db4&zdid=1361
https://mwzeom.zeotap.com/mw?zpartnerid=768&cid=OHXI74SN&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fef7a499-cbf2-488c-52d6-2fb9bab45c86&reqId=b19528cf-d57e-485e-6cc6-bb3353794db4&zdid=1361
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=4d5e6664-1d51-4d29-7dd1-41b10e05197e

0
338 B

334ms
28ms

Image
text/plain

54.77.62.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=4d5e6664-1d51-4d29-7dd1-41b10e05197e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.62.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:57 GMT
cache-control: private, no-cache, no-store
x-request-time: D=28 t=1620785337
x-served-by: beacon-n005-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date: Wed, 12 May 2021 02:08:57 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-origin: https://spl.zeotap.com
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: text/html; charset=utf-8
location: https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=4d5e6664-1d51-4d29-7dd1-41b10e05197e
access-control-allow-credentials: true
cf-ray: 64e01a24a8d62b59-FRA
access-control-allow-headers: *
cf-request-id: 09ffeeaaeb00002b59fe10a000000001

GET
H/1.1

200
OK

dcm
aax-eu.amazon-adsystem.com/s/ Frame BF32
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=fef7a499-cbf2-488c-52d6-2fb9bab45c86&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fef7a499-cbf2-488c-52d...
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=fef7a499-cbf2-488c-52d6-2fb9bab45c86&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fef7a499-cbf2-488c-52d...

43 B
433 B

98ms
35ms

Image
image/gif

52.95.116.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=fef7a499-cbf2-488c-52d6-2fb9bab45c86&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fef7a499-cbf2-488c-52d6-2fb9bab45c86&reqId=b19528cf-d57e-485e-6cc6-bb3353794db4&zdid=1361&dcc=t
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.116.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 02:08:59 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 12 May 2021 02:08:59 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=fef7a499-cbf2-488c-52d6-2fb9bab45c86&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fef7a499-cbf2-488c-52d6-2fb9bab45c86&reqId=b19528cf-d57e-485e-6cc6-bb3353794db4&zdid=1361&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK 87734
tags.bluekai.com/site/ Frame BF32 62 B
425 B 346ms
170ms Image
image/gif 23.45.99.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/87734?id=fef7a499-cbf2-488c-52d6-2fb9bab45c86&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fef7a499-cbf2-488c-52d6-2fb9bab45c86&reqId=b19528cf-d57e-485e-6cc6-bb3353794db4&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.45.99.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-45-99-241.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 02:08:56 GMT
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 62
BK-Server: b4e3
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 zeo
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/ Frame BF32 0
37 B 236ms
27ms Image
text/plain 54.74.77.155
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dfef7a499-cbf2-488c-52d6-2fb9bab45c86%26reqId%3Db19528cf-d57e-485e-6cc6-bb3353794db4%26zdid%3D1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.74.77.155 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-74-77-155.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:56 GMT
content-length: 0

GET
H2 200 cmp.min.js Show response
spl.zeotap.com/ Frame BF32 557 B
415 B 51ms
35ms Script
text/plain 2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fef7a499-cbf2-488c-52d6-2fb9bab45c86&reqId=b19528cf-d57e-485e-6cc6-bb3353794db4&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64ebe2cf0a829ee91701e4f1dc1a5d1e25c4e3841766cbc5130d33ab6121a89e

Request headers

Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray: 64e019f33e0b4e61-FRA
date: Wed, 12 May 2021 02:08:49 GMT
via: 1.1 google
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
content-encoding: br
access-control-allow-headers: *
cf-request-id: 09ffee8c0100004e61fd045000000001

GET getuid
ib.adnxs.com/ Frame 35F7 0
0

GET pixel
cm.g.doubleclick.net/ Frame 35F7 0
0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 35F7
Redirect Chain

https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
https://mwzeom.zeotap.com/mw?cid=52c0b3ee-2b61-451b-a94e-a6833024c763&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ac10b06-7fd8-4ed7-42f7-ae520d1436a4&reqId=3f2c1044-80a4-4c56...

95 B
178 B

37ms
26ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=52c0b3ee-2b61-451b-a94e-a6833024c763&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ac10b06-7fd8-4ed7-42f7-ae520d1436a4&reqId=3f2c1044-80a4-4c56-408a-5e5156e36106&zdid=1361
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:52 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 64e01a07fbd54e6e-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 09ffee98fd00004e6e388f0000000001

Redirect headers

date: Wed, 12 May 2021 02:08:52 GMT
via: 1.1 google
server: Jetty(9.4.36.v20210114)
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://mwzeom.zeotap.com/mw?cid=52c0b3ee-2b61-451b-a94e-a6833024c763&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ac10b06-7fd8-4ed7-42f7-ae520d1436a4&reqId=3f2c1044-80a4-4c56-408a-5e5156e36106&zdid=1361
alt-svc: clear
content-length: 0

GET /
dmp.adform.net/serving/cookie/match/ Frame 35F7 0
0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 35F7
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D1ac10b06-7fd8-4ed7-42f7-ae520d1436a4%26reqId%3D3...
https://mwzeom.zeotap.com/mw?cid=20cb7bc9-a44b-4632-bad6-7f9939c54c11&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ac10b06-7fd8-4ed7-42f7-ae520d1436a4&reqId=3f2c1044-80a4-4c56...

95 B
178 B

50ms
30ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=20cb7bc9-a44b-4632-bad6-7f9939c54c11&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ac10b06-7fd8-4ed7-42f7-ae520d1436a4&reqId=3f2c1044-80a4-4c56-408a-5e5156e36106&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:49 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 64e019f3eee44e61-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 09ffee8c6e00004e614519a000000001

Redirect headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:49 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://mwzeom.zeotap.com/mw?cid=20cb7bc9-a44b-4632-bad6-7f9939c54c11&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ac10b06-7fd8-4ed7-42f7-ae520d1436a4&reqId=3f2c1044-80a4-4c56-408a-5e5156e36106&zdid=1361
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 481

GET cm
trc.taboola.com/sg/zeotap/1/ Frame 35F7 0
0

GET u
dmp.v.fwmrm.net/ad/ Frame 35F7 0
0

GET
H/1.1 200
OK UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 35F7 0
240 B 117ms
13ms Image
text/html 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D1ac10b06-7fd8-4ed7-42f7-ae520d1436a4%26reqId%3D3f2c1044-80a4-4c56-408a-5e5156e36106%26zdid%3D1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 02:08:48 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 35F7
Redirect Chain

https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ac10b06-7fd8-4ed7-42f7-ae520d1436a4&reqId=3f2c1044-80a4-4c56-408a-5e5156e36106&zdid=1361
https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ac10b06-7fd8-4ed7-42f7-ae520d1436a4&reqId=3f2c1044-80a4-4c56-408a-5e5156e36106&zdid=136...
https://mwzeom.zeotap.com/mw?cid=c4691120-4b15-41d9-adca-6b34473871cd&zpartnerid=317&gdpr=1&gdpr_consent=

95 B
178 B

33ms
29ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=c4691120-4b15-41d9-adca-6b34473871cd&zpartnerid=317&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:49 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 64e019f6789a0609-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 09ffee8e0a0000060990b2b000000001

Redirect headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:49 GMT
server: Apache-Coyote/1.1
location: https://mwzeom.zeotap.com/mw?cid=c4691120-4b15-41d9-adca-6b34473871cd&zpartnerid=317&gdpr=1&gdpr_consent=
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
x-xss-protection: 1; mode=block
expires: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 35F7
Redirect Chain

https://dpm.demdex.net/ibs:dpid=199624&dpuuid=1ac10b06-7fd8-4ed7-42f7-ae520d1436a4&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=1ac10b06-7fd8-4ed7-42f7-ae520d1436a4&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
https://mwzeom.zeotap.com/mw?cid=72363649321302917392058026258919727966&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ac10b06-7fd8-4ed7-42f7-ae520d1436a4&reqId=3f2c1044-80a4-...

95 B
178 B

22ms
22ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=72363649321302917392058026258919727966&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ac10b06-7fd8-4ed7-42f7-ae520d1436a4&reqId=3f2c1044-80a4-4c56-408a-5e5156e36106&zdid=1361
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:52 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 64e01a0b2b04535d-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 09ffee9af80000535d00365000000001

Redirect headers

DCS: dcs-prod-irl1-2-v006-090c37ff1.edge-irl1.demdex.com 6.2.1.20210507120117-PR_1432-SNAPSHOT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: IyiBbo3xQ6U=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://mwzeom.zeotap.com/mw?cid=72363649321302917392058026258919727966&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ac10b06-7fd8-4ed7-42f7-ae520d1436a4&reqId=3f2c1044-80a4-4c56-408a-5e5156e36106&zdid=1361
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 204 /
loadeu.exelator.com/load/ Frame 35F7 0
324 B 3051ms
12ms Image
text/plain 18.198.126.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ac10b06-7fd8-4ed7-42f7-ae520d1436a4&reqId=3f2c1044-80a4-4c56-408a-5e5156e36106&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.126.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:52 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET zeotap.php
bn01.er.bemail.it/ Frame 35F7 0
0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 35F7
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
https://mwzeom.zeotap.com/mw?cid=6961219986191480985&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ac10b06-7fd8-4ed7-42f7-ae520d1436a4&reqId=3f2c1044-80a4-4c56-408a-...

95 B
258 B

73ms
32ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=6961219986191480985&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ac10b06-7fd8-4ed7-42f7-ae520d1436a4&reqId=3f2c1044-80a4-4c56-408a-5e5156e36106&zdid=1361
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:50 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 64e019fdaf5e4df4-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 09ffee928800004df4e8272000000001

Redirect headers

Location: https://mwzeom.zeotap.com/mw?cid=6961219986191480985&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ac10b06-7fd8-4ed7-42f7-ae520d1436a4&reqId=3f2c1044-80a4-4c56-408a-5e5156e36106&zdid=1361
Date: Wed, 12 May 2021 02:08:50 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/ Frame 35F7
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=1ac10b06-7fd8-4ed7-42f7-ae520d1436a4
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=1ac10b06-7fd8-4ed7-42f7-ae520d1436a4

95 B
416 B

15ms
14ms

Image
image/png

35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=1ac10b06-7fd8-4ed7-42f7-ae520d1436a4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Jetty(9.4.36.v20210114) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:52 GMT
via: 1.1 google
server: Jetty(9.4.36.v20210114)
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/png
alt-svc: clear
content-length: 95

Redirect headers

date: Wed, 12 May 2021 02:08:52 GMT
via: 1.1 google
server: Jetty(9.4.36.v20210114)
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=1ac10b06-7fd8-4ed7-42f7-ae520d1436a4
alt-svc: clear
content-length: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 35F7
Redirect Chain

https://idsync.frontend.weborama.fr/ids?key=zeotap&value=1ac10b06-7fd8-4ed7-42f7-ae520d1436a4&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
https://idsync.frontend.weborama.fr/ids?key=zeotap&value=1ac10b06-7fd8-4ed7-42f7-ae520d1436a4&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
https://mwzeom.zeotap.com/mw?webouuid=.DXFw22m1HI.Y0GLkuDP2O&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ac10b06-7fd8-4ed7-42f7-ae520d1436a4&reqId=3f2c1044-80a4-4c...

95 B
258 B

67ms
52ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?webouuid=.DXFw22m1HI.Y0GLkuDP2O&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ac10b06-7fd8-4ed7-42f7-ae520d1436a4&reqId=3f2c1044-80a4-4c56-408a-5e5156e36106&zdid=1361
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:55 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 64e01a1a5fd197a8-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 09ffeea478000097a83902c000000001

Redirect headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:55 GMT
via: 1.1 google
last-modified: Wed, 12 May 2021 02:08:55 GMT
server: nginx/1.12.0
location: https://mwzeom.zeotap.com/mw?webouuid=.DXFw22m1HI.Y0GLkuDP2O&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ac10b06-7fd8-4ed7-42f7-ae520d1436a4&reqId=3f2c1044-80a4-4c56-408a-5e5156e36106&zdid=1361
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: clear
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 200 2.gif
dmp.theadex.com/d/949/i/ Frame 35F7 36 B
378 B 1069ms
15ms Image
image/gif 89.163.159.103
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=1ac10b06-7fd8-4ed7-42f7-ae520d1436a4&axd_pid=175
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 89.163.159.103 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx /
Resource Hash: 204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:53 GMT
server: nginx
p3p: CP="CAO PSAa PSDa IVAa IVDa OUR UNI COM NAV"
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
content-length: 36
expires: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 35F7
Redirect Chain

https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=1ac10b06-7fd8-4ed7-42f7-ae520d1436a4?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_con...
https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=1ac10b06-7fd8-4ed7-42f7-ae520d1436a4?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdp...
https://mwzeom.zeotap.com/mw?pid=10b03eff6f105aed1411d1dd5455eb28&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ac10b06-7fd8-4ed7-42f7-ae520d1436a4&reqId=3f2c1044-80...

95 B
178 B

24ms
23ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?pid=10b03eff6f105aed1411d1dd5455eb28&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ac10b06-7fd8-4ed7-42f7-ae520d1436a4&reqId=3f2c1044-80a4-4c56-408a-5e5156e36106&zdid=1361
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:55 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 64e01a1c484097a8-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 09ffeea5ac000097a844a3c000000001

Redirect headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:55 GMT
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://mwzeom.zeotap.com/mw?pid=10b03eff6f105aed1411d1dd5455eb28&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ac10b06-7fd8-4ed7-42f7-ae520d1436a4&reqId=3f2c1044-80a4-4c56-408a-5e5156e36106&zdid=1361
cache-control: no-cache
x-server: 10.45.25.104
content-length: 0
expires: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 35F7
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
https://mwzeom.zeotap.com/mw?cid=y-ybOVj8VE2oqdRBEoQ9RbxxY74upXynOk2Q--~A&zpartnerid=570&env=mWeb

95 B
176 B

36ms
24ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=y-ybOVj8VE2oqdRBEoQ9RbxxY74upXynOk2Q--~A&zpartnerid=570&env=mWeb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:54 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 64e01a12afb60610-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 09ffee9fab00000610c281a000000001

Redirect headers

date: Wed, 12 May 2021 02:08:54 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: text/html;charset=utf-8
location: https://mwzeom.zeotap.com/mw?cid=y-ybOVj8VE2oqdRBEoQ9RbxxY74upXynOk2Q--~A&zpartnerid=570&env=mWeb
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000
content-length: 0
x-content-type-options: nosniff

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 35F7
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ac10b06-7fd8-4ed7-42f7-ae520d1436a4&reqId=3f2c1044-80a4-4c56-408a-5e5156e36106&zd...
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=gkIEi9HNhLB04MKMj3vWWMSFp9w7hfuW%2BS41iYitP1U%3D

95 B
176 B

26ms
26ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=gkIEi9HNhLB04MKMj3vWWMSFp9w7hfuW%2BS41iYitP1U%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:54 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 64e01a12cfdf0610-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 09ffee9fbc00000610aa30c000000001

Redirect headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:54 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=gkIEi9HNhLB04MKMj3vWWMSFp9w7hfuW%2BS41iYitP1U%3D
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H2 200 v2
odr.mookie1.com/t/ Frame 35F7 43 B
389 B 1042ms
16ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=1ac10b06-7fd8-4ed7-42f7-ae520d1436a4&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ac10b06-7fd8-4ed7-42f7-ae520d1436a4&reqId=3f2c1044-80a4-4c56-408a-5e5156e36106&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:55 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 35F7 0
337 B 481ms
31ms Image
text/plain 54.77.62.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ac10b06-7fd8-4ed7-42f7-ae520d1436a4&reqId=3f2c1044-80a4-4c56-408a-5e5156e36106&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.62.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:54 GMT
cache-control: private, no-cache, no-store
x-request-time: D=33 t=1620785334
x-served-by: beacon-n002-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 /
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame 35F7 95 B
358 B 3155ms
18ms Image
image/png 168.119.149.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=1ac10b06-7fd8-4ed7-42f7-ae520d1436a4&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ac10b06-7fd8-4ed7-42f7-ae520d1436a4&reqId=3f2c1044-80a4-4c56-408a-5e5156e36106&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 168.119.149.178 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.178.149.119.168.clients.your-server.de
Software: nginx/1.10.3 /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:57 GMT
server: nginx/1.10.3
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: image/png

GET
H2

200

cQZGoH6Q
sync-tm.everesttech.net/ct/upi/pid/ Frame 35F7
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr...

85 B
160 B

6ms
6ms

Image
image/png

151.101.14.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D1ac10b06-7fd8-4ed7-42f7-ae520d1436a4%26reqId%3D3f2c1044-80a4-4c56-408a-5e5156e36106%26zdid%3D1361&_test=YJs4uAAA5HGapQAC
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:56 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
age: 683
x-served-by: cache-fra19140-FRA
x-cache: HIT
content-type: image/png
cache-control: no-cache
accept-ranges: bytes
x-timer: S1620785336.122984,VS0,VE0
content-length: 85
x-cache-hits: 574

Redirect headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:56 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1620785336.022837,VS0,VE93
x-served-by: cache-fra19140-FRA
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location: https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D1ac10b06-7fd8-4ed7-42f7-ae520d1436a4%26reqId%3D3f2c1044-80a4-4c56-408a-5e5156e36106%26zdid%3D1361&_test=YJs4uAAA5HGapQAC
cache-control: no-cache
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
x-cache-hits: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 35F7
Redirect Chain

https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
https://mwzeom.zeotap.com/mw?cid=b623609b-38b7-4600-8cfe-18d609f1497a&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ac10b06-7fd8-4ed7-42f7-ae520d1436a4&reqId=3f2c104...

95 B
178 B

25ms
24ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=b623609b-38b7-4600-8cfe-18d609f1497a&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ac10b06-7fd8-4ed7-42f7-ae520d1436a4&reqId=3f2c1044-80a4-4c56-408a-5e5156e36106&zdid=1361
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:55 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 64e01a1d5e23648b-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 09ffeea6580000648b03313000000001

Redirect headers

Date: Wed, 12 May 2021 02:08:55 GMT
Server: MT3 3709 11aaa92 master cdg-pixel-x24
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://mwzeom.zeotap.com/mw?cid=b623609b-38b7-4600-8cfe-18d609f1497a&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ac10b06-7fd8-4ed7-42f7-ae520d1436a4&reqId=3f2c1044-80a4-4c56-408a-5e5156e36106&zdid=1361
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 0
Expires: Wed, 12 May 2021 02:10:25 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 35F7
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ac10b06-7fd8-4ed7-42f7-ae520d1436a4&reqId=3f2c1044-80a4-4c56-408a-5e5156e36106&zdid=1361
https://mwzeom.zeotap.com/mw?zpartnerid=768&cid=OHXI74SN&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ac10b06-7fd8-4ed7-42f7-ae520d1436a4&reqId=3f2c1044-80a4-4c56-408a-5e5156e36106&zdid=1361
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=4d5e6664-1d51-4d29-7dd1-41b10e05197e

0
337 B

336ms
29ms

Image
text/plain

54.77.62.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=4d5e6664-1d51-4d29-7dd1-41b10e05197e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.62.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:57 GMT
cache-control: private, no-cache, no-store
x-request-time: D=28 t=1620785337
x-served-by: beacon-n007-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date: Wed, 12 May 2021 02:08:57 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-origin: https://spl.zeotap.com
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: text/html; charset=utf-8
location: https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=4d5e6664-1d51-4d29-7dd1-41b10e05197e
access-control-allow-credentials: true
cf-ray: 64e01a24a8db2b59-FRA
access-control-allow-headers: *
cf-request-id: 09ffeeaaeb00002b598024f000000001

GET
H/1.1

200
OK

dcm
aax-eu.amazon-adsystem.com/s/ Frame 35F7
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=1ac10b06-7fd8-4ed7-42f7-ae520d1436a4&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ac10b06-7fd8-4ed7-42f...
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=1ac10b06-7fd8-4ed7-42f7-ae520d1436a4&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ac10b06-7fd8-4ed7-42f...

43 B
433 B

40ms
32ms

Image
image/gif

52.95.116.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=1ac10b06-7fd8-4ed7-42f7-ae520d1436a4&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ac10b06-7fd8-4ed7-42f7-ae520d1436a4&reqId=3f2c1044-80a4-4c56-408a-5e5156e36106&zdid=1361&dcc=t
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.116.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 02:08:59 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 12 May 2021 02:08:59 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=1ac10b06-7fd8-4ed7-42f7-ae520d1436a4&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ac10b06-7fd8-4ed7-42f7-ae520d1436a4&reqId=3f2c1044-80a4-4c56-408a-5e5156e36106&zdid=1361&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK 87734
tags.bluekai.com/site/ Frame 35F7 62 B
425 B 197ms
182ms Image
image/gif 23.45.99.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/87734?id=1ac10b06-7fd8-4ed7-42f7-ae520d1436a4&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ac10b06-7fd8-4ed7-42f7-ae520d1436a4&reqId=3f2c1044-80a4-4c56-408a-5e5156e36106&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.45.99.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-45-99-241.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 02:08:56 GMT
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 62
BK-Server: 7636
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 zeo
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/ Frame 35F7 0
38 B 407ms
27ms Image
text/plain 54.74.77.155
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D1ac10b06-7fd8-4ed7-42f7-ae520d1436a4%26reqId%3D3f2c1044-80a4-4c56-408a-5e5156e36106%26zdid%3D1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.74.77.155 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-74-77-155.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:56 GMT
content-length: 0

GET
H2 200 cmp.min.js Show response
spl.zeotap.com/ Frame 35F7 557 B
431 B 42ms
34ms Script
text/plain 2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ac10b06-7fd8-4ed7-42f7-ae520d1436a4&reqId=3f2c1044-80a4-4c56-408a-5e5156e36106&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 390d50acd16716e96ccacee0f57e926c63c135cb5e26a829c573eb90fa278838

Request headers

Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray: 64e019f33e0d4e61-FRA
date: Wed, 12 May 2021 02:08:49 GMT
via: 1.1 google
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
content-encoding: br
access-control-allow-headers: *
cf-request-id: 09ffee8c0100004e6145194000000001

GET
H2 200 13926 Show response
g2.gumgum.com/usync/ Frame 0CCE 4 KB
1 KB 69ms
40ms Document
text/html 52.212.126.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/usync/13926?gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D10065%26uid%3D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.126.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-126-234.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 20a1cac3be8003eac05fb7c78b8c80c139efe286e81f4742ba0d4780ddcc127a

Request headers

:method: GET
:authority: g2.gumgum.com
:scheme: https
:path: /usync/13926?gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D10065%26uid%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://public.servenobid.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_a99fda19-65e2-4122-9ec4-16d94cc68bb9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://public.servenobid.com/

Response headers

date: Wed, 12 May 2021 02:08:49 GMT
content-type: text/html;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
etag: W/"05af6e3d65cbf18f4704270a80665648d"
timing-allow-origin: *
content-encoding: gzip

GET ps
pixel.33across.com/ Frame 9BDD 0
0

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 03C7 2 KB
818 B 1017ms
8ms Document
text/html 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=1&gdpr_consent=&us_privacy=1---&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26cd%3D3258%26uid%3D

Requested by

Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?gdpr=1&gdpr_consent=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?pubId=694e68b73971b58&gdpr=1&gdpr_consent=&us_privacy=1---&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26cd%3D3258%26uid%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://public.servenobid.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://public.servenobid.com/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
strict-transport-security: max-age=15552000

GET sync
ssbsync.smartadserver.com/api/ Frame CA80 0
0

GET getuid
ib.adnxs.com/ Frame 59FC 0
0

GET
H2

200

sync
ads.servenobid.com/ Frame 59FC
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26cbimg%3D3748%26uid%3D%24UID
https://ads.servenobid.com/sync?pid=310&cbimg=3748&uid=dfcd2b4a1a4d93e58baf189a

0
289 B

1326ms
55ms

Image
image/avif

52.48.100.152
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=310&cbimg=3748&uid=dfcd2b4a1a4d93e58baf189a
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.100.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-100-152.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 12 May 2021 02:08:50 GMT
access-control-allow-credentials: true
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
content-length: 0
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin

Redirect headers

Date: Wed, 12 May 2021 02:08:49 GMT
Server: nginx
Location: https://ads.servenobid.com/sync?pid=310&cbimg=3748&uid=dfcd2b4a1a4d93e58baf189a
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2

200

usersync
rtb.gumgum.com/ Frame 59FC
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26cbimg%3D2193%26uid%3D%5BRX_UUID%5D
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=464078305
https://sync.1rx.io/usersync/tradedesk/20cb7bc9-a44b-4632-bad6-7f9939c54c11
https://sync.targeting.unrulymedia.com/csync/RX-0f1f7a4a-cfb6-4fe4-bba8-0fd07882d060-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-0f1f7a4a-cfb6-4fe4-bba8-0fd07882d060-003
https://rtb.gumgum.com/usersync?b=rhy&i=RX-0f1f7a4a-cfb6-4fe4-bba8-0fd07882d060-003

35 B
237 B

32ms
32ms

Image
image/gif

52.212.126.234
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=rhy&i=RX-0f1f7a4a-cfb6-4fe4-bba8-0fd07882d060-003
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.126.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-126-234.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 02:09:01 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

location: https://rtb.gumgum.com/usersync?b=rhy&i=RX-0f1f7a4a-cfb6-4fe4-bba8-0fd07882d060-003
date: Wed, 12 May 2021 02:09:01 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX0f1f7a4acfb64fe4bba80fd07882d060003
content-type: text/html

GET
H2

200

sync
ads.servenobid.com/ Frame 59FC
Redirect Chain

https://jadserve.postrelease.com/suid/101954?ntv_r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D322%26cbimg%3D3570%26uid%3DNTV_USER_ID
https://ads.servenobid.com/sync?pid=322&cbimg=3570&uid=98aec643-75ed-473b-8b48-fce1d7679301

0
298 B

1129ms
54ms

Image
image/avif

52.48.100.152
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=322&cbimg=3570&uid=98aec643-75ed-473b-8b48-fce1d7679301
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.100.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-100-152.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 12 May 2021 02:08:50 GMT
access-control-allow-credentials: true
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
content-length: 0
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin

Redirect headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:49 GMT
server: nginx/1.12.1
location: https://ads.servenobid.com/sync?pid=322&cbimg=3570&uid=98aec643-75ed-473b-8b48-fce1d7679301
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2

200

sync
ads.servenobid.com/ Frame 59FC
Redirect Chain

https://cs.admanmedia.com/sync/durationmedia?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D328%26cbimg%3D478%26uid%3D%7B%24UID%7D
https://ads.servenobid.com/sync?pid=328&cbimg=478&uid=c816c8a806fd607822340223744edcdd546f47bf

0
301 B

855ms
31ms

Image
image/avif

52.48.100.152
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=328&cbimg=478&uid=c816c8a806fd607822340223744edcdd546f47bf
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.100.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-100-152.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 12 May 2021 02:08:51 GMT
access-control-allow-credentials: true
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
content-length: 0
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin

Redirect headers

Location: https://ads.servenobid.com/sync?pid=328&cbimg=478&uid=c816c8a806fd607822340223744edcdd546f47bf
Date: Wed, 12 May 2021 02:08:50 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked

GET getuid
ib.adnxs.com/ Frame 9878 0
0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 9878
Redirect Chain

https://ups.analytics.yahoo.com/ups/58424/occ
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-0_su05tE2uGZjoWqMXujletPaxJSkxe7UFMZ_dk-~A

43 B
327 B

125ms
125ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-0_su05tE2uGZjoWqMXujletPaxJSkxe7UFMZ_dk-~A
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:52 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=o%2BVDnog9kTvG1npxWQI%2F6bf2%2BVy7llH2wVhGYWRU2aWGywmwYeYNcdNGweQhmzXUvWKl0PQjOXDybkek1ilYhm3Y6A%2Bpx%2F16yihq7VQnDjPEZ4HEP8y5BhAuM0cb10M%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 64e01a063dfc4eaa-FRA
content-length: 43
cf-request-id: 09ffee97e600004eaa8789f000000001

Redirect headers

Date: Wed, 12 May 2021 02:08:52 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-0_su05tE2uGZjoWqMXujletPaxJSkxe7UFMZ_dk-~A
Connection: keep-alive
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 9878
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=dfcd2b4a1a4d93e58baf189a

43 B
323 B

133ms
129ms

Image
image/gif

2606:4700:20::ac43:47f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=dfcd2b4a1a4d93e58baf189a
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:49 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=f23T%2FhlkhMNhtNOaIiaf02ofviijmrhLOW%2Fhy0uO9jqkw%2FCTijcSobXOFswa0g9qiiuKpYi2tKRCgcNteCX3rmlRqqUoRs6OsaAFE4oWZO6hm8s2i%2FTJl8zyzzaZaaQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 64e019f46b5f178a-FRA
content-length: 43
cf-request-id: 09ffee8cc10000178a2b1d6000000001

Redirect headers

Date: Wed, 12 May 2021 02:08:48 GMT
Server: nginx
Location: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=dfcd2b4a1a4d93e58baf189a
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET us
sync.go.sonobi.com/ Frame 9878 0
0

GET getuid
ib.adnxs.com/ Frame 9878 0
0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 9878
Redirect Chain

https://ms.quantumdex.io/user/sync/quantumdex
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=dc379a1a-08a4-4f6c-ab1d-6d40650d0fbd

43 B
466 B

134ms
133ms

Image
image/gif

2606:4700:20::ac43:47f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=dc379a1a-08a4-4f6c-ab1d-6d40650d0fbd
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:49 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=eL57vVxjmS34QYaWbD7Tr9SEJq4aGjCUfQ6n4RI2imzCsUC1i%2F6Pb%2F0CdGt9r00YTKrtYnnMipSwI2fk%2BMLtx77CTQIyC3GpPnz%2FIPKkKZSLhYZ%2BoeOCr7fdD%2FGoy54%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 64e019f61d23178a-FRA
content-length: 43
cf-request-id: 09ffee8dce0000178a46b41000000001

Redirect headers

date: Wed, 12 May 2021 02:08:49 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=uVa%2F8pMs%2BVoGnnR00aQHVr32816NvMt%2BBarq%2FlZeKmkHyJPPcwnclQXqWC5XlSFRltDvcK%2FHkTmobtym2l9mXaXLJKvxEfHkzrmnLEMCwP4C9GvM15xpqOQ03M7D"}],"group":"cf-nel","max_age":604800}
location: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=dc379a1a-08a4-4f6c-ab1d-6d40650d0fbd
cf-ray: 64e019f37a6f178a-FRA
content-length: 0
cf-request-id: 09ffee8c300000178a48161000000001

GET

getuid
ib.adnxs.com/ Frame 9878
Redirect Chain

https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Damx-rtb%26uid%3D
https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%3FA%3Dba85a92a-c331-47ba-8ea5-86d7fed803b1%26bidder%3Dappnexus%26cbx%3DaHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1...

0
0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 9878
Redirect Chain

https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-4d1a340a-8416-4ea3-8a21-71eab85e4411

43 B
322 B

125ms
124ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-4d1a340a-8416-4ea3-8a21-71eab85e4411
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:53 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4YFs02KSkhlZ8yRU4nSPAMovRCwlEoYCSgr5bSjNKHKStZkePbFytojd7ALa7oxjfQCqae7hlW35KrsxpAGDMcdsyAY%2FemBL2m2Epcve3o81XxY8JqZdnr%2FKSDrVlgM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 64e01a0b4ed44e14-FRA
content-length: 43
cf-request-id: 09ffee9b0f00004e147e8fc000000001

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-4d1a340a-8416-4ea3-8a21-71eab85e4411
date: Wed, 12 May 2021 02:08:52 GMT
server: Apache-Coyote/1.1
content-length: 0

GET match
ads.betweendigital.com/ Frame 9878 0
0

GET sync
pixel.advertising.com/ups/58425/ Frame 9878 0
0

GET usermatch
ssum-sec.casalemedia.com/ Frame D2F6 0
0

GET uc.html
sync.go.sonobi.com/ Frame 8CCB 0
0

GET
H/1.1 200
OK user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame B069 8 KB
3 KB 24ms
12ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sync.quantumdex.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:29 GMT
ETag: "1300708-1f78-5b232eb4914bb"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 2654
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=86954
Expires: Thu, 13 May 2021 02:18:03 GMT
Date: Wed, 12 May 2021 02:08:49 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET d
ic.tynt.com/r/ Frame 8ABF 0
0

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 20DF 2 KB
818 B 992ms
9ms Document
text/html 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2bb78272a859ca6

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?pubId=2bb78272a859ca6
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame EC3B 38 KB
14 KB 18ms
15ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 11 May 2021 05:24:02 GMT
ETag: "13006b6-96ca-5c2071a26cca4"
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13964
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=102335
Expires: Thu, 13 May 2021 06:34:24 GMT
Date: Wed, 12 May 2021 02:08:49 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 50B0 38 KB
14 KB 12ms
12ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=1&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=1&gdpr_consent=
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=1&gdpr_consent=

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 11 May 2021 05:24:02 GMT
ETag: "13006b6-96ca-5c2071a26cca4"
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13964
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=102335
Expires: Thu, 13 May 2021 06:34:24 GMT
Date: Wed, 12 May 2021 02:08:49 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 6E82 38 KB
14 KB 17ms
8ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=1&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=1&gdpr_consent=
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=1&gdpr_consent=

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 11 May 2021 05:24:02 GMT
ETag: "13006b6-96ca-5c2071a26cca4"
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13964
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=102335
Expires: Thu, 13 May 2021 06:34:24 GMT
Date: Wed, 12 May 2021 02:08:49 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame DA13 38 KB
14 KB 20ms
9ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 11 May 2021 05:24:02 GMT
ETag: "13006b6-96ca-5c2071a26cca4"
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13964
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=102335
Expires: Thu, 13 May 2021 06:34:24 GMT
Date: Wed, 12 May 2021 02:08:49 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2

200

usersync
rtb.gumgum.com/ Frame 2B34
Redirect Chain

https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID
https://rtb.gumgum.com/usersync?b=apn&i=3865145231027060475

35 B
237 B

136ms
51ms

Image
image/gif

52.212.126.234
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=apn&i=3865145231027060475
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D9520%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.126.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-126-234.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:56 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Pragma: no-cache
Date: Wed, 12 May 2021 02:08:56 GMT
X-Proxy-Origin: 159.48.53.198; 159.48.53.198; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.167:80
AN-X-Request-Uuid: 3881a397-2371-4d7c-9291-525892fa934f
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://rtb.gumgum.com/usersync?b=apn&i=3865145231027060475
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 sync
x.bidswitch.net/ Frame 2B34 43 B
145 B 28ms
6ms Image
image/gif 52.57.47.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_5172e14e-ae18-4ef2-8457-362412b70432&gdpr=1&gdpr_consent=&us_privacy=1---
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D9520%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.47.211 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-47-211.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:49 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2

200

usersync
rtb.gumgum.com/ Frame 2B34
Redirect Chain

https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=1&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D
https://rtb.gumgum.com/usersync?b=obn&i=ENC%28TUzSAr2_SSmGiQerK0Db3k5qlOKmlw79xgb2SdwMx0z6PC8mYCa58qUHYlyPFNtQ%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26pla...

35 B
237 B

1145ms
33ms

Image
image/gif

52.212.126.234
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=obn&i=ENC%28TUzSAr2_SSmGiQerK0Db3k5qlOKmlw79xgb2SdwMx0z6PC8mYCa58qUHYlyPFNtQ%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28TUzSAr2_SSmGiQerK0Db3k5qlOKmlw79xgb2SdwMx0z6PC8mYCa58qUHYlyPFNtQ%29
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D9520%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.126.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-126-234.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:51 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

location: https://rtb.gumgum.com/usersync?b=obn&i=ENC%28TUzSAr2_SSmGiQerK0Db3k5qlOKmlw79xgb2SdwMx0z6PC8mYCa58qUHYlyPFNtQ%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28TUzSAr2_SSmGiQerK0Db3k5qlOKmlw79xgb2SdwMx0z6PC8mYCa58qUHYlyPFNtQ%29
Date: Wed, 12 May 2021 02:08:50 GMT
Connection: close
X-TraceId: 4da2d90b230dcec7a09083c0875c4bab
Content-Length: 0

GET
H2

200

usersync
rtb.gumgum.com/ Frame 2B34
Redirect Chain

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
https://rtb.gumgum.com/usersync?b=opx&i=18ee2be7-f663-02af-35a9-2d0f0178200d

35 B
237 B

108ms
36ms

Image
image/gif

52.212.126.234
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=opx&i=18ee2be7-f663-02af-35a9-2d0f0178200d
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D9520%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.126.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-126-234.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:49 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

date: Wed, 12 May 2021 02:08:49 GMT
content-encoding: gzip
server: OXGW/16.207.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://rtb.gumgum.com/usersync?b=opx&i=18ee2be7-f663-02af-35a9-2d0f0178200d
content-type: image/gif
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H/1.1 200
OK sync
sync.srv.stackadapt.com/ Frame 2B34 43 B
168 B 3619ms
98ms Image
image/gif 3.225.15.51
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.srv.stackadapt.com/sync?nid=1&gdpr=1&gdpr_consent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D9520%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.225.15.51 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 02:08:52 GMT
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2

200

usersync
rtb.gumgum.com/ Frame 2B34
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=1&gdpr_consent=
https://rtb.gumgum.com/usersync?b=oth&i=y-Xq54HONE2pfceTMtQxrCC2rwoWaCqu_0Al2z~A

35 B
237 B

83ms
52ms

Image
image/gif

52.212.126.234
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=oth&i=y-Xq54HONE2pfceTMtQxrCC2rwoWaCqu_0Al2z~A
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D9520%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.126.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-126-234.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:49 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

date: Wed, 12 May 2021 02:08:49 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://rtb.gumgum.com/usersync?b=oth&i=y-Xq54HONE2pfceTMtQxrCC2rwoWaCqu_0Al2z~A
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET generic
sync.ipredictive.com/d/sync/cookie/ Frame 2B34 0
0

GET services
sync.technoratimedia.com/ Frame 2B34 0
0

GET 142
match.deepintent.com/usersync/ Frame 2B34 0
0

GET
H2

200

usersync
rtb.gumgum.com/ Frame 2B34
Redirect Chain

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_5172e14e-ae18-4ef2-8457-362412b70432&gdpr=1&gdpr_consent=&us_privacy=1---
https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=1&us_privacy=1---

35 B
237 B

32ms
31ms

Image
image/gif

52.212.126.234
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=1&us_privacy=1---
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D9520%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.126.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-126-234.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:56 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Location: https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=1&us_privacy=1---
Pragma: no-cache
Date: Wed, 12 May 2021 02:08:56 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 98
Content-Type: text/html; charset=utf-8

GET
H2

200

usersync
rtb.gumgum.com/ Frame 2B34
Redirect Chain

https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
https://rtb.gumgum.com/usersync?b=idi&i=189e3510-153e-4d8c-86a0-18276d89c3f7

35 B
237 B

800ms
54ms

Image
image/gif

52.212.126.234
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=idi&i=189e3510-153e-4d8c-86a0-18276d89c3f7
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D9520%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.126.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-126-234.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:50 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

location: https://rtb.gumgum.com/usersync?b=idi&i=189e3510-153e-4d8c-86a0-18276d89c3f7
date: Wed, 12 May 2021 02:08:49 GMT
access-control-allow-origin: *
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 2B34
Redirect Chain

https://sync.1rx.io/usersync2/floor6&gdpr=1&gdpr_consent=
https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-0f1f7a4a-cfb6-4fe4-bba8-0fd07882d060-003&rndcb=2235791985
https://x.bidswitch.net/ul_cb/sync?ssp=adconductor&user_id=RX-0f1f7a4a-cfb6-4fe4-bba8-0fd07882d060-003&rndcb=2235791985
https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=adconductor&bsw_custom_parameter=ded61855-d562-44eb-abfd-01fd63962fda
https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=adconductor&expires=10&bsw_param=ded61855-d562-44eb-abfd-01fd63962fda
https://sync.1rx.io/usersync/bidswitch/ded61855-d562-44eb-abfd-01fd63962fda?gdpr=&gdpr_consent=
https://sync.1rx.io/usersync/bidswitch/ded61855-d562-44eb-abfd-01fd63962fda?zcc=1&dspret=0&cb=1620785341884
https://sync.targeting.unrulymedia.com/csync/RX-0f1f7a4a-cfb6-4fe4-bba8-0fd07882d060-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-0f1f7a4a-cfb6-4fe4-bba8-0fd07882d060-003

42 B
849 B

39ms
13ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-0f1f7a4a-cfb6-4fe4-bba8-0fd07882d060-003
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D9520%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 02:09:01 GMT
X-lat: amspug020:0:376
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-0f1f7a4a-cfb6-4fe4-bba8-0fd07882d060-003
date: Wed, 12 May 2021 02:09:01 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX0f1f7a4acfb64fe4bba80fd07882d060003
content-type: text/html

GET rtset
bh.contextweb.com/bh/ Frame 2B34 0
0

GET
H2 200 sync
ads.servenobid.com/ Frame 2B34 0
299 B 1410ms
53ms Image
image/avif 52.48.100.152
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=309&cd=9520&uid=e_5172e14e-ae18-4ef2-8457-362412b70432
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D9520%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.100.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-100-152.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 12 May 2021 02:08:50 GMT
access-control-allow-credentials: true
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
content-length: 0
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame F0DF
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=1&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
https://rtb.gumgum.com/usersync?b=mmh&i=c6cb609b-38b0-4b00-b903-59e1267a19b5&gdpr=1&gdpr_consent=

35 B
237 B

61ms
60ms

Document
image/gif

52.212.126.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=mmh&i=c6cb609b-38b0-4b00-b903-59e1267a19b5&gdpr=1&gdpr_consent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D9520%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.126.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-126-234.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=mmh&i=c6cb609b-38b0-4b00-b903-59e1267a19b5&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://g2.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_a99fda19-65e2-4122-9ec4-16d94cc68bb9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://g2.gumgum.com/

Response headers

date: Wed, 12 May 2021 02:08:49 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

Date: Wed, 12 May 2021 02:08:52 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=360
Server: MT3 3709 11aaa92 master zrh-pixel-x7
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: uuid=c6cb609b-38b0-4b00-b903-59e1267a19b5; domain=.mathtag.com; path=/; expires=Thu, 09-Jun-2022 02:08:48 GMT; SameSite=None; Secure
location: https://rtb.gumgum.com/usersync?b=mmh&i=c6cb609b-38b0-4b00-b903-59e1267a19b5&gdpr=1&gdpr_consent=
Expires: Wed, 12 May 2021 02:08:51 GMT

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame AA84
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=&_test=YJs4sQAA5Ag6uwAC
https://rtb.gumgum.com/usersync?b=atm&i=YJs4sQAA5Ag6uwAC&gdpr=1&gdpr_consent=&_test=YJs4sQAA5Ag6uwAC

35 B
238 B

164ms
35ms

Document
image/gif

52.212.126.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=atm&i=YJs4sQAA5Ag6uwAC&gdpr=1&gdpr_consent=&_test=YJs4sQAA5Ag6uwAC
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D9520%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.126.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-126-234.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=atm&i=YJs4sQAA5Ag6uwAC&gdpr=1&gdpr_consent=&_test=YJs4sQAA5Ag6uwAC
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://g2.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_a99fda19-65e2-4122-9ec4-16d94cc68bb9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://g2.gumgum.com/

Response headers

date: Wed, 12 May 2021 02:08:49 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

server: Varnish
retry-after: 0
location: https://rtb.gumgum.com/usersync?b=atm&i=YJs4sQAA5Ag6uwAC&gdpr=1&gdpr_consent=&_test=YJs4sQAA5Ag6uwAC
accept-ranges: bytes
date: Wed, 12 May 2021 02:08:49 GMT
via: 1.1 varnish
x-served-by: cache-fra19125-FRA
x-cache: HIT
x-cache-hits: 0
x-timer: S1620785329.457333,VS0,VE0
cache-control: no-cache
pragma: no-cache
content-length: 0

GET pixel
cm.g.doubleclick.net/ Frame 9A7E 0
0

GET user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 473B 0
0

GET

/
de.tynt.com/deb/ Frame 9003
Redirect Chain

https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
https://de.tynt.com/deb/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X

0
0

GET
H2 200 generic Show response
match.adsrvr.org/track/cmf/ Frame 988B 70 B
264 B 30ms
28ms Document
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D9520%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

:method: GET
:authority: match.adsrvr.org
:scheme: https
:path: /track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://g2.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: TDID=20cb7bc9-a44b-4632-bad6-7f9939c54c11; TDCPM=CAEYASABKAIyCwjY0t3Ns73KORAFOAFaBzJ4bGdyemxgAg..
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://g2.gumgum.com/

Response headers

date: Wed, 12 May 2021 02:08:49 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 204 um
cs.emxdgt.com/ Frame 7EFB 0
0 8272ms
7ms Document
text/html 18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D9520%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

:method: GET
:authority: cs.emxdgt.com
:scheme: https
:path: /um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://g2.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://g2.gumgum.com/

Response headers

content-type: text/html
date: Wed, 12 May 2021 02:08:56 GMT
content-length: 0

GET idsync
tg.socdm.com/aux/ Frame DB42 0
0

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame B168
Redirect Chain

https://p.rfihub.com/cm?pub=42796&in=1
https://rtb.gumgum.com/usersync?b=zet&i=1871878969969599729

35 B
237 B

72ms
72ms

Document
image/gif

52.212.126.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=zet&i=1871878969969599729
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D9520%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.126.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-126-234.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=zet&i=1871878969969599729
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://g2.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_a99fda19-65e2-4122-9ec4-16d94cc68bb9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://g2.gumgum.com/

Response headers

date: Wed, 12 May 2021 02:08:49 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

Date: Wed, 12 May 2021 02:08:49 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: rud=H4sIAAAAAAAAAOMSNrQwByILSzNLIDK1tDQ3shTiM9R1LyowyYusyPQIzYiX4jU0MzIwtzA1NrKwNDQCAHsohyY0AAAA; Path=/; Domain=.rfihub.com; Expires=Mon, 6 Jun 2022 02:08:49 GMT; Secure; SameSite=None eud=H4sIAAAAAAAAADvEyGtoZmRgbmFqbGRpYGa4SgyJb2xoAADNOs3eIAAAAA; Path=/; Domain=.rfihub.com; Expires=Mon, 6 Jun 2022 02:08:49 GMT; Secure; SameSite=None ruds=H4sIAAAAAAAAAOMSNrQwByILSzNLIDK1tDQ3shTiM9R1LyowyYusyPQIzYgHAEPzgL4lAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
Location: https://rtb.gumgum.com/usersync?b=zet&i=1871878969969599729
Content-Length: 0
Server: Jetty(9.3.29.v20201019)

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame BD19
Redirect Chain

https://creativecdn.com/cm-notify?pi=gumgum
https://rtb.gumgum.com/usersync?b=rth&i=dNJNV81d9pAn6RTC9QDk&pi=gumgum

35 B
237 B

58ms
45ms

Document
image/gif

52.212.126.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=rth&i=dNJNV81d9pAn6RTC9QDk&pi=gumgum
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D9520%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.126.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-126-234.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=rth&i=dNJNV81d9pAn6RTC9QDk&pi=gumgum
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://g2.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_a99fda19-65e2-4122-9ec4-16d94cc68bb9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://g2.gumgum.com/

Response headers

date: Wed, 12 May 2021 02:08:49 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

date: Wed, 12 May 2021 02:08:49 GMT Wed, 12 May 2021 02:08:49 GMT
location: https://rtb.gumgum.com/usersync?b=rth&i=dNJNV81d9pAn6RTC9QDk&pi=gumgum
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-length: 0

GET
H2

200

usersync
rtb.gumgum.com/ Frame E6AD
Redirect Chain

https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID
https://rtb.gumgum.com/usersync?b=apn&i=7267810345627731915

35 B
237 B

103ms
32ms

Image
image/gif

52.212.126.234
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=apn&i=7267810345627731915
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D2221%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.126.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-126-234.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:56 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Pragma: no-cache
Date: Wed, 12 May 2021 02:08:56 GMT
X-Proxy-Origin: 159.48.53.198; 159.48.53.198; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.49:80
AN-X-Request-Uuid: 089aba82-b693-4aa9-990d-61b8d0dffd19
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://rtb.gumgum.com/usersync?b=apn&i=7267810345627731915
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 sync
x.bidswitch.net/ Frame E6AD 43 B
145 B 39ms
6ms Image
image/gif 52.57.47.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_5271eafe-9da0-481e-acb8-a3591dc9efb2&gdpr=1&gdpr_consent=&us_privacy=1---
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D2221%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.47.211 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-47-211.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:49 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET

syncUser
sync.outbrain.com/ Frame E6AD
Redirect Chain

https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=1&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D
https://rtb.gumgum.com/usersync?b=obn&i=ENC%28UQzM0Gj7IZDjvAbTAQDBz_UuHElNs9Kfkep3vseAuDza8KbPfKjle8xs-YVPEAvf%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26pla...
https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_4b15469e-3b9f-4430-b79b-ead79b83ca19&obuid=ENC(UQzM0Gj7IZDjvAbTAQDBz_UuHElNs9Kfkep3vseAuDza8KbPfKjle8xs-YVPEAvf)

0
0

GET
H2

200

usersync
rtb.gumgum.com/ Frame E6AD
Redirect Chain

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
https://rtb.gumgum.com/usersync?b=opx&i=18ee2be7-f663-02af-35a9-2d0f0178200d

35 B
237 B

117ms
51ms

Image
image/gif

52.212.126.234
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=opx&i=18ee2be7-f663-02af-35a9-2d0f0178200d
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D2221%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.126.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-126-234.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:49 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

date: Wed, 12 May 2021 02:08:49 GMT
content-encoding: gzip
server: OXGW/16.207.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://rtb.gumgum.com/usersync?b=opx&i=18ee2be7-f663-02af-35a9-2d0f0178200d
content-type: image/gif
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H/1.1 200
OK sync
sync.srv.stackadapt.com/ Frame E6AD 43 B
168 B 3689ms
98ms Image
image/gif 3.225.15.51
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.srv.stackadapt.com/sync?nid=1&gdpr=1&gdpr_consent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D2221%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.225.15.51 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 02:08:52 GMT
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2

200

usersync
rtb.gumgum.com/ Frame E6AD
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=1&gdpr_consent=
https://rtb.gumgum.com/usersync?b=oth&i=y-Xq54HONE2pfceTMtQxrCC2rwoWaCqu_0Al2z~A

35 B
237 B

82ms
51ms

Image
image/gif

52.212.126.234
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=oth&i=y-Xq54HONE2pfceTMtQxrCC2rwoWaCqu_0Al2z~A
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D2221%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.126.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-126-234.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:49 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

date: Wed, 12 May 2021 02:08:49 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://rtb.gumgum.com/usersync?b=oth&i=y-Xq54HONE2pfceTMtQxrCC2rwoWaCqu_0Al2z~A
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET generic
sync.ipredictive.com/d/sync/cookie/ Frame E6AD 0
0

GET services
sync.technoratimedia.com/ Frame E6AD 0
0

GET 142
match.deepintent.com/usersync/ Frame E6AD 0
0

GET
H2

200

usersync
rtb.gumgum.com/ Frame E6AD
Redirect Chain

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_5271eafe-9da0-481e-acb8-a3591dc9efb2&gdpr=1&gdpr_consent=&us_privacy=1---
https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=1&us_privacy=1---

35 B
237 B

32ms
31ms

Image
image/gif

52.212.126.234
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=1&us_privacy=1---
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D2221%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.126.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-126-234.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:56 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Location: https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=1&us_privacy=1---
Pragma: no-cache
Date: Wed, 12 May 2021 02:08:56 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 98
Content-Type: text/html; charset=utf-8

GET
H2

200

usersync
rtb.gumgum.com/ Frame E6AD
Redirect Chain

https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
https://rtb.gumgum.com/usersync?b=idi&i=189e3510-153e-4d8c-86a0-18276d89c3f7

35 B
237 B

801ms
55ms

Image
image/gif

52.212.126.234
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=idi&i=189e3510-153e-4d8c-86a0-18276d89c3f7
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D2221%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.126.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-126-234.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:50 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

location: https://rtb.gumgum.com/usersync?b=idi&i=189e3510-153e-4d8c-86a0-18276d89c3f7
date: Wed, 12 May 2021 02:08:49 GMT
access-control-allow-origin: *
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET

pixel
cm.g.doubleclick.net/ Frame E6AD
Redirect Chain

https://sync.1rx.io/usersync2/floor6&gdpr=1&gdpr_consent=
https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-0f1f7a4a-cfb6-4fe4-bba8-0fd07882d060-003&rndcb=5648341936
https://x.bidswitch.net/ul_cb/sync?ssp=adconductor&user_id=RX-0f1f7a4a-cfb6-4fe4-bba8-0fd07882d060-003&rndcb=5648341936
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=ded61855-d562-44eb-abfd-01fd63962fda&google_hm=ZGVkNjE4NTUtZDU2Mi00NGViLWFiZmQtMDFmZDYzOTYy...

0
0

GET rtset
bh.contextweb.com/bh/ Frame E6AD 0
0

GET
H2 200 sync
ads.servenobid.com/ Frame E6AD 0
299 B 1363ms
31ms Image
image/avif 52.48.100.152
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=309&cd=2221&uid=e_5271eafe-9da0-481e-acb8-a3591dc9efb2
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D2221%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.100.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-100-152.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 12 May 2021 02:08:50 GMT
access-control-allow-credentials: true
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
content-length: 0
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 6386
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=1&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
https://rtb.gumgum.com/usersync?b=mmh&i=2b09609b-38b0-4700-bdc3-fd731a8862b1&gdpr=1&gdpr_consent=

35 B
237 B

42ms
41ms

Document
image/gif

52.212.126.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=mmh&i=2b09609b-38b0-4700-bdc3-fd731a8862b1&gdpr=1&gdpr_consent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D2221%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.126.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-126-234.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=mmh&i=2b09609b-38b0-4700-bdc3-fd731a8862b1&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://g2.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_a99fda19-65e2-4122-9ec4-16d94cc68bb9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://g2.gumgum.com/

Response headers

date: Wed, 12 May 2021 02:08:49 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

Date: Wed, 12 May 2021 02:08:52 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=360
Server: MT3 3709 11aaa92 master zrh-pixel-x13
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://rtb.gumgum.com/usersync?b=mmh&i=2b09609b-38b0-4700-bdc3-fd731a8862b1&gdpr=1&gdpr_consent=
Expires: Wed, 12 May 2021 02:08:51 GMT

GET
H2

200

URnmbSKM Show response
sync-tm.everesttech.net/ct/upi/pid/ Frame 2BC9
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=&_test=YJs4sQAA5Ak6pwAC

85 B
165 B

9ms
5ms

Document
image/png

151.101.14.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=&_test=YJs4sQAA5Ak6pwAC
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D2221%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

:method: GET
:authority: sync-tm.everesttech.net
:scheme: https
:path: /ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=&_test=YJs4sQAA5Ak6pwAC
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://g2.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: everest_g_v2=g_surferid~YJs4sQAA5Ag6uwAC
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://g2.gumgum.com/

Response headers

content-type: image/png
server: Jetty(9.4.35.v20201120)
accept-ranges: bytes
date: Wed, 12 May 2021 02:08:49 GMT
via: 1.1 varnish
age: 677
x-served-by: cache-fra19125-FRA
x-cache: HIT
x-cache-hits: 633
x-timer: S1620785329.457355,VS0,VE0
cache-control: no-cache
pragma: no-cache
content-length: 85

Redirect headers

p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
set-cookie: everest_g_v2=g_surferid~YJs4sQAA5Ak6pwAC; Path=/; Domain=.everesttech.net; Expires=Thu, 12-May-2022 02:08:49 GMT; Max-Age=31536000;SameSite=None;Secure
location: https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=&_test=YJs4sQAA5Ak6pwAC
server: Jetty(9.4.35.v20201120)
accept-ranges: bytes
date: Wed, 12 May 2021 02:08:49 GMT
via: 1.1 varnish
x-served-by: cache-fra19125-FRA
x-cache: MISS
x-cache-hits: 0
x-timer: S1620785329.325698,VS0,VE93
cache-control: no-cache
pragma: no-cache
content-length: 0

GET pixel
cm.g.doubleclick.net/ Frame 77A9 0
0

GET user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 737F 0
0

GET

/
de.tynt.com/deb/ Frame B7BB
Redirect Chain

https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
https://de.tynt.com/deb/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X

0
0

GET
H2 200 generic Show response
match.adsrvr.org/track/cmf/ Frame E965 70 B
264 B 30ms
30ms Document
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D2221%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

:method: GET
:authority: match.adsrvr.org
:scheme: https
:path: /track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://g2.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: TDID=20cb7bc9-a44b-4632-bad6-7f9939c54c11; TDCPM=CAEYASABKAIyCwjY0t3Ns73KORAFOAFaBzJ4bGdyemxgAg..
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://g2.gumgum.com/

Response headers

date: Wed, 12 May 2021 02:08:49 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 204 um
cs.emxdgt.com/ Frame 8F61 0
0 8232ms
7ms Document
text/html 18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D2221%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

:method: GET
:authority: cs.emxdgt.com
:scheme: https
:path: /um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://g2.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://g2.gumgum.com/

Response headers

content-type: text/html
date: Wed, 12 May 2021 02:08:56 GMT
content-length: 0

GET idsync
tg.socdm.com/aux/ Frame AACE 0
0

GET cm
p.rfihub.com/ Frame 4DC2 0
0

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 231D
Redirect Chain

https://creativecdn.com/cm-notify?pi=gumgum
https://rtb.gumgum.com/usersync?b=rth&i=dNJNV81d9pAn6RTC9QDk&pi=gumgum

35 B
237 B

41ms
41ms

Document
image/gif

52.212.126.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=rth&i=dNJNV81d9pAn6RTC9QDk&pi=gumgum
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D2221%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.126.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-126-234.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=rth&i=dNJNV81d9pAn6RTC9QDk&pi=gumgum
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://g2.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_a99fda19-65e2-4122-9ec4-16d94cc68bb9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://g2.gumgum.com/

Response headers

date: Wed, 12 May 2021 02:08:49 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

date: Wed, 12 May 2021 02:08:49 GMT Wed, 12 May 2021 02:08:49 GMT
location: https://rtb.gumgum.com/usersync?b=rth&i=dNJNV81d9pAn6RTC9QDk&pi=gumgum
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-length: 0

GET
H2

200

usersync
rtb.gumgum.com/ Frame C4A6
Redirect Chain

https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID
https://rtb.gumgum.com/usersync?b=apn&i=2786625648831098835

35 B
238 B

89ms
31ms

Image
image/gif

52.212.126.234
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=apn&i=2786625648831098835
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D479%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.126.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-126-234.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:56 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Pragma: no-cache
Date: Wed, 12 May 2021 02:08:56 GMT
X-Proxy-Origin: 159.48.53.198; 159.48.53.198; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.84:80
AN-X-Request-Uuid: 61db7705-60d7-4fd6-8cbc-ffc22d6e5e88
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://rtb.gumgum.com/usersync?b=apn&i=2786625648831098835
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 sync
x.bidswitch.net/ Frame C4A6 43 B
145 B 13ms
1ms Image
image/gif 52.57.47.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_227d0bdb-5a1e-45f9-8ecd-e3c2f1bef11a&gdpr=1&gdpr_consent=&us_privacy=1---
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D479%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.47.211 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-47-211.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:49 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET

syncUser
sync.outbrain.com/ Frame C4A6
Redirect Chain

https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=1&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D
https://rtb.gumgum.com/usersync?b=obn&i=ENC%28AyYNm4p1-VOk908JxIMQGFPIA97Px7c0Fgnj0uVnxSlMlYNG3qvceKmBMZJ4-vRj%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26pla...
https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_4b15469e-3b9f-4430-b79b-ead79b83ca19&obuid=ENC(AyYNm4p1-VOk908JxIMQGFPIA97Px7c0Fgnj0uVnxSlMlYNG3qvceKmBMZJ4-vRj)

0
0

GET
H2

200

usersync
rtb.gumgum.com/ Frame C4A6
Redirect Chain

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
https://rtb.gumgum.com/usersync?b=opx&i=18ee2be7-f663-02af-35a9-2d0f0178200d

35 B
237 B

94ms
50ms

Image
image/gif

52.212.126.234
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=opx&i=18ee2be7-f663-02af-35a9-2d0f0178200d
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D479%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.126.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-126-234.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:49 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

date: Wed, 12 May 2021 02:08:49 GMT
content-encoding: gzip
server: OXGW/16.207.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://rtb.gumgum.com/usersync?b=opx&i=18ee2be7-f663-02af-35a9-2d0f0178200d
content-type: image/gif
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H/1.1 200
OK sync
sync.srv.stackadapt.com/ Frame C4A6 43 B
168 B 3754ms
100ms Image
image/gif 3.225.15.51
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.srv.stackadapt.com/sync?nid=1&gdpr=1&gdpr_consent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D479%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.225.15.51 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 02:08:53 GMT
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2

200

usersync
rtb.gumgum.com/ Frame C4A6
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=1&gdpr_consent=
https://rtb.gumgum.com/usersync?b=oth&i=y-Xq54HONE2pfceTMtQxrCC2rwoWaCqu_0Al2z~A

35 B
237 B

76ms
51ms

Image
image/gif

52.212.126.234
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=oth&i=y-Xq54HONE2pfceTMtQxrCC2rwoWaCqu_0Al2z~A
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D479%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.126.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-126-234.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:49 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

date: Wed, 12 May 2021 02:08:49 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://rtb.gumgum.com/usersync?b=oth&i=y-Xq54HONE2pfceTMtQxrCC2rwoWaCqu_0Al2z~A
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET generic
sync.ipredictive.com/d/sync/cookie/ Frame C4A6 0
0

GET services
sync.technoratimedia.com/ Frame C4A6 0
0

GET 142
match.deepintent.com/usersync/ Frame C4A6 0
0

GET
H2

200

usersync
rtb.gumgum.com/ Frame C4A6
Redirect Chain

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_227d0bdb-5a1e-45f9-8ecd-e3c2f1bef11a&gdpr=1&gdpr_consent=&us_privacy=1---
https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=1&us_privacy=1---

35 B
237 B

32ms
31ms

Image
image/gif

52.212.126.234
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=1&us_privacy=1---
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D479%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.126.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-126-234.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:57 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Location: https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=1&us_privacy=1---
Pragma: no-cache
Date: Wed, 12 May 2021 02:08:56 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 98
Content-Type: text/html; charset=utf-8

GET
H2

200

usersync
rtb.gumgum.com/ Frame C4A6
Redirect Chain

https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
https://rtb.gumgum.com/usersync?b=idi&i=189e3510-153e-4d8c-86a0-18276d89c3f7

35 B
237 B

801ms
55ms

Image
image/gif

52.212.126.234
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=idi&i=189e3510-153e-4d8c-86a0-18276d89c3f7
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D479%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.126.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-126-234.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:50 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

location: https://rtb.gumgum.com/usersync?b=idi&i=189e3510-153e-4d8c-86a0-18276d89c3f7
date: Wed, 12 May 2021 02:08:49 GMT
access-control-allow-origin: *
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame C4A6
Redirect Chain

https://sync.1rx.io/usersync2/floor6&gdpr=1&gdpr_consent=
https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-0f1f7a4a-cfb6-4fe4-bba8-0fd07882d060-003&rndcb=3521223470
https://x.bidswitch.net/ul_cb/sync?ssp=adconductor&user_id=RX-0f1f7a4a-cfb6-4fe4-bba8-0fd07882d060-003&rndcb=3521223470
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=adconductor&bsw_custom_parameter=ded61855-d562-44eb-abfd-01fd63962fda
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=adconductor&bsw_custom_parameter=ded61855-d562-44eb-abfd-01fd63962fda
https://x.bidswitch.net/sync?dsp_id=4&user_id=c6d3520c-0bbc-4a46-b0f7-c0e80a95360d&ssp=adconductor&expires=30&user_group=5&bsw_param=ded61855-d562-44eb-abfd-01fd63962fda
https://sync.1rx.io/usersync/bidswitch/ded61855-d562-44eb-abfd-01fd63962fda?gdpr=&gdpr_consent=
https://sync.1rx.io/usersync/bidswitch/ded61855-d562-44eb-abfd-01fd63962fda?zcc=1&dspret=0&cb=1620785341883
https://sync.targeting.unrulymedia.com/csync/RX-0f1f7a4a-cfb6-4fe4-bba8-0fd07882d060-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-0f1f7a4a-cfb6-4fe4-bba8-0fd07882d060-003

42 B
849 B

13ms
13ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-0f1f7a4a-cfb6-4fe4-bba8-0fd07882d060-003
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D479%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 02:09:00 GMT
X-lat: amspug006:0:404
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-0f1f7a4a-cfb6-4fe4-bba8-0fd07882d060-003
date: Wed, 12 May 2021 02:09:01 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX0f1f7a4acfb64fe4bba80fd07882d060003
content-type: text/html

GET rtset
bh.contextweb.com/bh/ Frame C4A6 0
0

GET
H2 200 sync
ads.servenobid.com/ Frame C4A6 0
299 B 1325ms
31ms Image
image/avif 52.48.100.152
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=309&cd=479&uid=e_227d0bdb-5a1e-45f9-8ecd-e3c2f1bef11a
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D479%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.100.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-100-152.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 12 May 2021 02:08:50 GMT
access-control-allow-credentials: true
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
content-length: 0
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame BD0E
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=1&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
https://rtb.gumgum.com/usersync?b=mmh&i=c6cb609b-38b0-4b00-b903-59e1267a19b5&gdpr=1&gdpr_consent=

35 B
237 B

38ms
38ms

Document
image/gif

52.212.126.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=mmh&i=c6cb609b-38b0-4b00-b903-59e1267a19b5&gdpr=1&gdpr_consent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D479%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.126.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-126-234.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=mmh&i=c6cb609b-38b0-4b00-b903-59e1267a19b5&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://g2.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_a99fda19-65e2-4122-9ec4-16d94cc68bb9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://g2.gumgum.com/

Response headers

date: Wed, 12 May 2021 02:08:49 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

Date: Wed, 12 May 2021 02:08:52 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=360
Server: MT3 3709 11aaa92 master zrh-pixel-x29
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://rtb.gumgum.com/usersync?b=mmh&i=c6cb609b-38b0-4b00-b903-59e1267a19b5&gdpr=1&gdpr_consent=
Expires: Wed, 12 May 2021 02:08:51 GMT

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 6971
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=&_test=YJs4sQAAzmLRlwBg
https://rtb.gumgum.com/usersync?b=atm&i=YJs4sQAAzmLRlwBg&gdpr=1&gdpr_consent=&_test=YJs4sQAAzmLRlwBg

35 B
237 B

108ms
50ms

Document
image/gif

52.212.126.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=atm&i=YJs4sQAAzmLRlwBg&gdpr=1&gdpr_consent=&_test=YJs4sQAAzmLRlwBg
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D479%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.126.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-126-234.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=atm&i=YJs4sQAAzmLRlwBg&gdpr=1&gdpr_consent=&_test=YJs4sQAAzmLRlwBg
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://g2.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_a99fda19-65e2-4122-9ec4-16d94cc68bb9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://g2.gumgum.com/

Response headers

date: Wed, 12 May 2021 02:08:49 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

server: Varnish
retry-after: 0
location: https://rtb.gumgum.com/usersync?b=atm&i=YJs4sQAAzmLRlwBg&gdpr=1&gdpr_consent=&_test=YJs4sQAAzmLRlwBg
accept-ranges: bytes
date: Wed, 12 May 2021 02:08:49 GMT
via: 1.1 varnish
x-served-by: cache-fra19125-FRA
x-cache: HIT
x-cache-hits: 0
x-timer: S1620785330.539057,VS0,VE0
cache-control: no-cache
pragma: no-cache
content-length: 0

GET pixel
cm.g.doubleclick.net/ Frame D590 0
0

GET user_sync.html
ads.pubmatic.com/AdServer/js/ Frame EA98 0
0

GET

/
de.tynt.com/deb/ Frame 72A6
Redirect Chain

https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
https://de.tynt.com/deb/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X

0
0

GET
H2 200 generic Show response
match.adsrvr.org/track/cmf/ Frame 22C6 70 B
264 B 36ms
34ms Document
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D479%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

:method: GET
:authority: match.adsrvr.org
:scheme: https
:path: /track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://g2.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: TDID=20cb7bc9-a44b-4632-bad6-7f9939c54c11; TDCPM=CAEYASABKAIyCwjY0t3Ns73KORAFOAFaBzJ4bGdyemxgAg..
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://g2.gumgum.com/

Response headers

date: Wed, 12 May 2021 02:08:49 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 204 um
cs.emxdgt.com/ Frame E1B3 0
0 8199ms
7ms Document
text/html 18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D479%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

:method: GET
:authority: cs.emxdgt.com
:scheme: https
:path: /um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://g2.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://g2.gumgum.com/

Response headers

content-type: text/html
date: Wed, 12 May 2021 02:08:56 GMT
content-length: 0

GET idsync
tg.socdm.com/aux/ Frame F183 0
0

GET cm
p.rfihub.com/ Frame 6D4C 0
0

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 1BC0
Redirect Chain

https://creativecdn.com/cm-notify?pi=gumgum
https://rtb.gumgum.com/usersync?b=rth&i=dNJNV81d9pAn6RTC9QDk&pi=gumgum

35 B
237 B

38ms
38ms

Document
image/gif

52.212.126.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=rth&i=dNJNV81d9pAn6RTC9QDk&pi=gumgum
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D479%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.126.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-126-234.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=rth&i=dNJNV81d9pAn6RTC9QDk&pi=gumgum
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://g2.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_a99fda19-65e2-4122-9ec4-16d94cc68bb9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://g2.gumgum.com/

Response headers

date: Wed, 12 May 2021 02:08:49 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

date: Wed, 12 May 2021 02:08:49 GMT Wed, 12 May 2021 02:08:49 GMT
location: https://rtb.gumgum.com/usersync?b=rth&i=dNJNV81d9pAn6RTC9QDk&pi=gumgum
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-length: 0

GET showad.js
ads.pubmatic.com/AdServer/js/ Frame A962 0
0

GET showad.js
ads.pubmatic.com/AdServer/js/ Frame AA40 0
0

GET
H2 204 cmp
spl.zeotap.com/ Frame 880B 0
0 31ms
26ms Document
text/plain 2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c56a2c1-d060-4acd-549c-17129dc7b69b&reqId=89bd1e2f-f89d-40b6-76e6-53bcb467a177&zdid=1361&cmp=0
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c56a2c1-d060-4acd-549c-17129dc7b69b&reqId=89bd1e2f-f89d-40b6-76e6-53bcb467a177&zdid=1361
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: spl.zeotap.com
:scheme: https
:path: /cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c56a2c1-d060-4acd-549c-17129dc7b69b&reqId=89bd1e2f-f89d-40b6-76e6-53bcb467a177&zdid=1361&cmp=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: zc=1ac10b06-7fd8-4ed7-42f7-ae520d1436a4; zsc=%AF%F8bJ%85%F7%FAo%BF%8BH%CA%5D%FEz%FA%8D%F5Dv%9BUm%C2%0F%FBX%18%C22%8E%83%22%19g5%E8Vr%21%26%2B%83%CE.%97p%B9%F9%DB9%1FI5k%D4A%FE%FEM%A0%F9P%0E9%5D%DD%FD%92le%B0%8Cr%8D%CB%01_%A5%C0%DB%D7%C75H%AEl%FE%B5%09%E2k%AE%0C%5DL%C7az%E2%C6%F4C%C3%FBYC%9B%EC%F3%CE%D9%24%2B%1Dw%9A%81F%D0%BD%F0%00Uw+%18%2B6%40%B6%86%015%AB-%28%3EAj%E6%F6%60%14%93q%F4%80%B2%BFl%94%A7%C7B%9A%A6%BD%91%C9%B2%CD%AA%C3%C0%A9%3D%A7
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Response headers

date: Wed, 12 May 2021 02:08:49 GMT
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://spl.zeotap.com
vary: Origin
via: 1.1 google
cf-cache-status: DYNAMIC
cf-request-id: 09ffee8cda00004e613f3c0000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 64e019f49fc44e61-FRA

GET
H2 204 cmp
spl.zeotap.com/ Frame F919 0
0 106ms
32ms Document
text/plain 2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca71abdf-04b4-4e8c-56aa-cfdd44879a8e&reqId=860bac87-12b7-4df4-6cab-d25b2fd61a00&zdid=1361&cmp=0
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca71abdf-04b4-4e8c-56aa-cfdd44879a8e&reqId=860bac87-12b7-4df4-6cab-d25b2fd61a00&zdid=1361
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: spl.zeotap.com
:scheme: https
:path: /cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca71abdf-04b4-4e8c-56aa-cfdd44879a8e&reqId=860bac87-12b7-4df4-6cab-d25b2fd61a00&zdid=1361&cmp=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: zc=1ac10b06-7fd8-4ed7-42f7-ae520d1436a4; zsc=%AF%F8bJ%85%F7%FAo%BF%8BH%CA%5D%FEz%FA%8D%F5Dv%9BUm%C2%0F%FBX%18%C22%8E%83%22%19g5%E8Vr%21%26%2B%83%CE.%97p%B9%F9%DB9%1FI5k%D4A%FE%FEM%A0%F9P%0E9%5D%DD%FD%92le%B0%8Cr%8D%CB%01_%A5%C0%DB%D7%C75H%AEl%FE%B5%09%E2k%AE%0C%5DL%C7az%E2%C6%F4C%C3%FBYC%9B%EC%F3%CE%D9%24%2B%1Dw%9A%81F%D0%BD%F0%00Uw+%18%2B6%40%B6%86%015%AB-%28%3EAj%E6%F6%60%14%93q%F4%80%B2%BFl%94%A7%C7B%9A%A6%BD%91%C9%B2%CD%AA%C3%C0%A9%3D%A7
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Response headers

date: Wed, 12 May 2021 02:08:49 GMT
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://spl.zeotap.com
vary: Origin
via: 1.1 google
cf-cache-status: DYNAMIC
cf-request-id: 09ffee8d2f00000609cbb4b000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 64e019f51e2a0609-FRA

GET
H2 204 cmp
spl.zeotap.com/ Frame 35F7 0
0 100ms
27ms Document
text/plain 2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ac10b06-7fd8-4ed7-42f7-ae520d1436a4&reqId=3f2c1044-80a4-4c56-408a-5e5156e36106&zdid=1361&cmp=0
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ac10b06-7fd8-4ed7-42f7-ae520d1436a4&reqId=3f2c1044-80a4-4c56-408a-5e5156e36106&zdid=1361
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: spl.zeotap.com
:scheme: https
:path: /cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ac10b06-7fd8-4ed7-42f7-ae520d1436a4&reqId=3f2c1044-80a4-4c56-408a-5e5156e36106&zdid=1361&cmp=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: zc=1ac10b06-7fd8-4ed7-42f7-ae520d1436a4; zsc=%AF%F8bJ%85%F7%FAo%BF%8BH%CA%5D%FEz%FA%8D%F5Dv%9BUm%C2%0F%FBX%18%C22%8E%83%22%19g5%E8Vr%21%26%2B%83%CE.%97p%B9%F9%DB9%1FI5k%D4A%FE%FEM%A0%F9P%0E9%5D%DD%FD%92le%B0%8Cr%8D%CB%01_%A5%C0%DB%D7%C75H%AEl%FE%B5%09%E2k%AE%0C%5DL%C7az%E2%C6%F4C%C3%FBYC%9B%EC%F3%CE%D9%24%2B%1Dw%9A%81F%D0%BD%F0%00Uw+%18%2B6%40%B6%86%015%AB-%28%3EAj%E6%F6%60%14%93q%F4%80%B2%BFl%94%A7%C7B%9A%A6%BD%91%C9%B2%CD%AA%C3%C0%A9%3D%A7
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Response headers

date: Wed, 12 May 2021 02:08:49 GMT
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://spl.zeotap.com
vary: Origin
via: 1.1 google
cf-cache-status: DYNAMIC
cf-request-id: 09ffee8d2f00000609c6027000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 64e019f51e2c0609-FRA

GET
H2 204 cmp
spl.zeotap.com/ Frame BF32 0
0 75ms
25ms Document
text/plain 2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fef7a499-cbf2-488c-52d6-2fb9bab45c86&reqId=b19528cf-d57e-485e-6cc6-bb3353794db4&zdid=1361&cmp=0
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fef7a499-cbf2-488c-52d6-2fb9bab45c86&reqId=b19528cf-d57e-485e-6cc6-bb3353794db4&zdid=1361
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: spl.zeotap.com
:scheme: https
:path: /cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fef7a499-cbf2-488c-52d6-2fb9bab45c86&reqId=b19528cf-d57e-485e-6cc6-bb3353794db4&zdid=1361&cmp=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: zc=1ac10b06-7fd8-4ed7-42f7-ae520d1436a4; zsc=%AF%F8bJ%85%F7%FAo%BF%8BH%CA%5D%FEz%FA%8D%F5Dv%9BUm%C2%0F%FBX%18%C22%8E%83%22%19g5%E8Vr%21%26%2B%83%CE.%97p%B9%F9%DB9%1FI5k%D4A%FE%FEM%A0%F9P%0E9%5D%DD%FD%92le%B0%8Cr%8D%CB%01_%A5%C0%DB%D7%C75H%AEl%FE%B5%09%E2k%AE%0C%5DL%C7az%E2%C6%F4C%C3%FBYC%9B%EC%F3%CE%D9%24%2B%1Dw%9A%81F%D0%BD%F0%00Uw+%18%2B6%40%B6%86%015%AB-%28%3EAj%E6%F6%60%14%93q%F4%80%B2%BFl%94%A7%C7B%9A%A6%BD%91%C9%B2%CD%AA%C3%C0%A9%3D%A7
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Response headers

date: Wed, 12 May 2021 02:08:49 GMT
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://spl.zeotap.com
vary: Origin
via: 1.1 google
cf-cache-status: DYNAMIC
cf-request-id: 09ffee8d2f000006098b87f000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 64e019f51e2b0609-FRA

GET
H2

200

usersync
rtb.gumgum.com/ Frame 959F
Redirect Chain

https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID
https://rtb.gumgum.com/usersync?b=apn&i=3456146575206965942

35 B
237 B

76ms
32ms

Image
image/gif

52.212.126.234
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=apn&i=3456146575206965942
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.126.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-126-234.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:56 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Pragma: no-cache
Date: Wed, 12 May 2021 02:08:56 GMT
X-Proxy-Origin: 159.48.53.198; 159.48.53.198; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.176:80
AN-X-Request-Uuid: 4337f7fb-145a-4122-9923-b99577d7698d
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://rtb.gumgum.com/usersync?b=apn&i=3456146575206965942
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 sync
x.bidswitch.net/ Frame 959F 43 B
146 B 516ms
8ms Image
image/gif 52.57.47.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_984e4dc3-7ca4-4447-ad35-2874e729ffb8&gdpr=1&gdpr_consent=&us_privacy=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.47.211 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-47-211.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:49 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2

200

usersync
rtb.gumgum.com/ Frame 959F
Redirect Chain

https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=1&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D
https://rtb.gumgum.com/usersync?b=obn&i=ENC%28GA-3JTt-MQjU3WtkwdZ03HmiI9jLFo7iHiGXDIjM_TO2j7JtKms-8YsVDXLnnmOZ%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26pla...

35 B
237 B

32ms
32ms

Image
image/gif

52.212.126.234
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=obn&i=ENC%28GA-3JTt-MQjU3WtkwdZ03HmiI9jLFo7iHiGXDIjM_TO2j7JtKms-8YsVDXLnnmOZ%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28GA-3JTt-MQjU3WtkwdZ03HmiI9jLFo7iHiGXDIjM_TO2j7JtKms-8YsVDXLnnmOZ%29
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.126.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-126-234.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:58 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

location: https://rtb.gumgum.com/usersync?b=obn&i=ENC%28GA-3JTt-MQjU3WtkwdZ03HmiI9jLFo7iHiGXDIjM_TO2j7JtKms-8YsVDXLnnmOZ%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28GA-3JTt-MQjU3WtkwdZ03HmiI9jLFo7iHiGXDIjM_TO2j7JtKms-8YsVDXLnnmOZ%29
Date: Wed, 12 May 2021 02:08:58 GMT
Connection: close
X-TraceId: 6b1a617c9bc1da0dddf1f87c1ecebcc0
Content-Length: 0

GET cm
us-u.openx.net/w/1.0/ Frame 959F 0
0

GET
H/1.1 200
OK sync
sync.srv.stackadapt.com/ Frame 959F 43 B
168 B 3775ms
98ms Image
image/gif 3.225.15.51
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.srv.stackadapt.com/sync?nid=1&gdpr=1&gdpr_consent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.225.15.51 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 02:08:53 GMT
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2

200

usersync
rtb.gumgum.com/ Frame 959F
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=1&gdpr_consent=
https://rtb.gumgum.com/usersync?b=oth&i=y-Xq54HONE2pfceTMtQxrCC2rwoWaCqu_0Al2z~A

35 B
237 B

36ms
35ms

Image
image/gif

52.212.126.234
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=oth&i=y-Xq54HONE2pfceTMtQxrCC2rwoWaCqu_0Al2z~A
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.126.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-126-234.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:49 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

date: Wed, 12 May 2021 02:08:49 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://rtb.gumgum.com/usersync?b=oth&i=y-Xq54HONE2pfceTMtQxrCC2rwoWaCqu_0Al2z~A
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET generic
sync.ipredictive.com/d/sync/cookie/ Frame 959F 0
0

GET services
sync.technoratimedia.com/ Frame 959F 0
0

GET 142
match.deepintent.com/usersync/ Frame 959F 0
0

GET
H2

200

usersync
rtb.gumgum.com/ Frame 959F
Redirect Chain

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_984e4dc3-7ca4-4447-ad35-2874e729ffb8&gdpr=1&gdpr_consent=&us_privacy=
https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=1

35 B
237 B

32ms
31ms

Image
image/gif

52.212.126.234
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=1
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.126.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-126-234.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:57 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Location: https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=1
Pragma: no-cache
Date: Wed, 12 May 2021 02:08:57 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 78
Content-Type: text/html; charset=utf-8

GET
H2

200

usersync
rtb.gumgum.com/ Frame 959F
Redirect Chain

https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
https://rtb.gumgum.com/usersync?b=idi&i=189e3510-153e-4d8c-86a0-18276d89c3f7

35 B
237 B

801ms
54ms

Image
image/gif

52.212.126.234
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=idi&i=189e3510-153e-4d8c-86a0-18276d89c3f7
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.126.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-126-234.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:50 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

location: https://rtb.gumgum.com/usersync?b=idi&i=189e3510-153e-4d8c-86a0-18276d89c3f7
date: Wed, 12 May 2021 02:08:49 GMT
access-control-allow-origin: *
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 959F
Redirect Chain

https://sync.1rx.io/usersync2/floor6&gdpr=1&gdpr_consent=
https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-0f1f7a4a-cfb6-4fe4-bba8-0fd07882d060-003&rndcb=3132387626
https://x.bidswitch.net/ul_cb/sync?ssp=adconductor&user_id=RX-0f1f7a4a-cfb6-4fe4-bba8-0fd07882d060-003&rndcb=3132387626
https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=adconductor&bsw_custom_parameter=ded61855-d562-44eb-abfd-01fd63962fda
https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=adconductor&expires=10&bsw_param=ded61855-d562-44eb-abfd-01fd63962fda
https://sync.1rx.io/usersync/bidswitch/ded61855-d562-44eb-abfd-01fd63962fda?gdpr=&gdpr_consent=
https://sync.1rx.io/usersync/bidswitch/ded61855-d562-44eb-abfd-01fd63962fda?zcc=1&dspret=0&cb=1620785341884
https://sync.targeting.unrulymedia.com/csync/RX-0f1f7a4a-cfb6-4fe4-bba8-0fd07882d060-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-0f1f7a4a-cfb6-4fe4-bba8-0fd07882d060-003

42 B
849 B

39ms
14ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-0f1f7a4a-cfb6-4fe4-bba8-0fd07882d060-003
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 02:09:01 GMT
X-lat: amspug008:0:417
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-0f1f7a4a-cfb6-4fe4-bba8-0fd07882d060-003
date: Wed, 12 May 2021 02:09:01 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX0f1f7a4acfb64fe4bba80fd07882d060003
content-type: text/html

GET rtset
bh.contextweb.com/bh/ Frame 959F 0
0

GET
H/1.1 200
OK merge
ce.lijit.com/ Frame 959F 43 B
1 KB 1052ms
19ms Image
image/gif 216.52.2.30
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=36&3pid=e_984e4dc3-7ca4-4447-ad35-2874e729ffb8
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 02:08:50 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap6ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame F13E
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=1&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
https://rtb.gumgum.com/usersync?b=mmh&i=0b4e609b-38b1-4600-9931-68881dae1de6&gdpr=1&gdpr_consent=

35 B
237 B

164ms
36ms

Document
image/gif

52.212.126.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=mmh&i=0b4e609b-38b1-4600-9931-68881dae1de6&gdpr=1&gdpr_consent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.126.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-126-234.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=mmh&i=0b4e609b-38b1-4600-9931-68881dae1de6&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_a99fda19-65e2-4122-9ec4-16d94cc68bb9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

date: Wed, 12 May 2021 02:08:49 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

Date: Wed, 12 May 2021 02:08:52 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=360
Server: MT3 3709 11aaa92 master zrh-pixel-x10
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://rtb.gumgum.com/usersync?b=mmh&i=0b4e609b-38b1-4600-9931-68881dae1de6&gdpr=1&gdpr_consent=
Expires: Wed, 12 May 2021 02:08:51 GMT

GET
H2

200

URnmbSKM Show response
sync-tm.everesttech.net/ct/upi/pid/ Frame AA3D
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=&_test=YJs4sQAA5Ag8EgAC

85 B
148 B

8ms
6ms

Document
image/png

151.101.14.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=&_test=YJs4sQAA5Ag8EgAC
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

:method: GET
:authority: sync-tm.everesttech.net
:scheme: https
:path: /ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=&_test=YJs4sQAA5Ag8EgAC
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: everest_g_v2=g_surferid~YJs4sQAAzmLRlwBg
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

content-type: image/png
server: Jetty(9.4.35.v20201120)
accept-ranges: bytes
date: Wed, 12 May 2021 02:08:49 GMT
via: 1.1 varnish
age: 677
x-served-by: cache-fra19125-FRA
x-cache: HIT
x-cache-hits: 634
x-timer: S1620785330.539071,VS0,VE0
cache-control: no-cache
pragma: no-cache
content-length: 85

Redirect headers

p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
set-cookie: everest_g_v2=g_surferid~YJs4sQAA5Ag8EgAC; Path=/; Domain=.everesttech.net; Expires=Thu, 12-May-2022 02:08:49 GMT; Max-Age=31536000;SameSite=None;Secure
location: https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=&_test=YJs4sQAA5Ag8EgAC
server: Jetty(9.4.35.v20201120)
accept-ranges: bytes
date: Wed, 12 May 2021 02:08:49 GMT
via: 1.1 varnish
x-served-by: cache-fra19125-FRA
x-cache: MISS
x-cache-hits: 0
x-timer: S1620785329.422080,VS0,VE93
cache-control: no-cache
pragma: no-cache
content-length: 0

GET pixel
cm.g.doubleclick.net/ Frame 4604 0
0

GET user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D249 0
0

GET

/
de.tynt.com/deb/ Frame 0890
Redirect Chain

https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
https://de.tynt.com/deb/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X

0
0

GET
H2 200 generic Show response
match.adsrvr.org/track/cmf/ Frame 6D78 70 B
264 B 413ms
31ms Document
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

:method: GET
:authority: match.adsrvr.org
:scheme: https
:path: /track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: TDID=20cb7bc9-a44b-4632-bad6-7f9939c54c11; TDCPM=CAEYASABKAIyCwjys8HPs73KORAFOAFaC2FkY29uZHVjdG9yYAI.
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

date: Wed, 12 May 2021 02:08:49 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 204 um
cs.emxdgt.com/ Frame 68F4 0
0 8102ms
8ms Document
text/html 18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

:method: GET
:authority: cs.emxdgt.com
:scheme: https
:path: /um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

content-type: text/html
date: Wed, 12 May 2021 02:08:56 GMT
content-length: 0

GET idsync
tg.socdm.com/aux/ Frame E663 0
0

GET cm
p.rfihub.com/ Frame AE11 0
0

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame C5ED
Redirect Chain

https://creativecdn.com/cm-notify?pi=gumgum
https://rtb.gumgum.com/usersync?b=rth&i=dNJNV81d9pAn6RTC9QDk&pi=gumgum

35 B
237 B

835ms
37ms

Document
image/gif

52.212.126.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=rth&i=dNJNV81d9pAn6RTC9QDk&pi=gumgum
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.126.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-126-234.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=rth&i=dNJNV81d9pAn6RTC9QDk&pi=gumgum
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_a99fda19-65e2-4122-9ec4-16d94cc68bb9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

date: Wed, 12 May 2021 02:08:50 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

date: Wed, 12 May 2021 02:08:49 GMT Wed, 12 May 2021 02:08:49 GMT
location: https://rtb.gumgum.com/usersync?b=rth&i=dNJNV81d9pAn6RTC9QDk&pi=gumgum
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-length: 0

GET
H2

200

usersync
rtb.gumgum.com/ Frame 491B
Redirect Chain

https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID
https://rtb.gumgum.com/usersync?b=apn&i=4057645199733260110

35 B
237 B

82ms
51ms

Image
image/gif

52.212.126.234
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=apn&i=4057645199733260110
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.126.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-126-234.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:56 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Pragma: no-cache
Date: Wed, 12 May 2021 02:08:56 GMT
X-Proxy-Origin: 159.48.53.198; 159.48.53.198; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.105:80
AN-X-Request-Uuid: ca478e91-06bb-412c-a18e-764056c95f84
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://rtb.gumgum.com/usersync?b=apn&i=4057645199733260110
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 sync
x.bidswitch.net/ Frame 491B 43 B
145 B 459ms
9ms Image
image/gif 52.57.47.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_a99fda19-65e2-4122-9ec4-16d94cc68bb9&gdpr=1&gdpr_consent=&us_privacy=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.47.211 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-47-211.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:49 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2

200

usersync
rtb.gumgum.com/ Frame 491B
Redirect Chain

https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=1&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D
https://rtb.gumgum.com/usersync?b=obn&i=ENC%286swE4H5U1sLnNAkHNIbVZpmY5NI3vtX15Ksa_nMjBHt8nULm66UrcFQ57lVjI6l0%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26pla...

35 B
237 B

32ms
32ms

Image
image/gif

52.212.126.234
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=obn&i=ENC%286swE4H5U1sLnNAkHNIbVZpmY5NI3vtX15Ksa_nMjBHt8nULm66UrcFQ57lVjI6l0%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%286swE4H5U1sLnNAkHNIbVZpmY5NI3vtX15Ksa_nMjBHt8nULm66UrcFQ57lVjI6l0%29
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.126.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-126-234.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:58 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

location: https://rtb.gumgum.com/usersync?b=obn&i=ENC%286swE4H5U1sLnNAkHNIbVZpmY5NI3vtX15Ksa_nMjBHt8nULm66UrcFQ57lVjI6l0%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%286swE4H5U1sLnNAkHNIbVZpmY5NI3vtX15Ksa_nMjBHt8nULm66UrcFQ57lVjI6l0%29
Date: Wed, 12 May 2021 02:08:58 GMT
Connection: close
X-TraceId: eebeb822f190e5640765ed55437905e6
Content-Length: 0

GET cm
us-u.openx.net/w/1.0/ Frame 491B 0
0

GET
H/1.1 200
OK sync
sync.srv.stackadapt.com/ Frame 491B 43 B
168 B 3821ms
98ms Image
image/gif 3.225.15.51
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.srv.stackadapt.com/sync?nid=1&gdpr=1&gdpr_consent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.225.15.51 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 02:08:53 GMT
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2

200

usersync
rtb.gumgum.com/ Frame 491B
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=1&gdpr_consent=
https://rtb.gumgum.com/usersync?b=oth&i=y-Xq54HONE2pfceTMtQxrCC2rwoWaCqu_0Al2z~A

35 B
237 B

46ms
35ms

Image
image/gif

52.212.126.234
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=oth&i=y-Xq54HONE2pfceTMtQxrCC2rwoWaCqu_0Al2z~A
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.126.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-126-234.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:49 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

date: Wed, 12 May 2021 02:08:49 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://rtb.gumgum.com/usersync?b=oth&i=y-Xq54HONE2pfceTMtQxrCC2rwoWaCqu_0Al2z~A
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET generic
sync.ipredictive.com/d/sync/cookie/ Frame 491B 0
0

GET services
sync.technoratimedia.com/ Frame 491B 0
0

GET 142
match.deepintent.com/usersync/ Frame 491B 0
0

GET
H2

200

usersync
rtb.gumgum.com/ Frame 491B
Redirect Chain

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_a99fda19-65e2-4122-9ec4-16d94cc68bb9&gdpr=1&gdpr_consent=&us_privacy=
https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=1

35 B
237 B

32ms
31ms

Image
image/gif

52.212.126.234
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=1
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.126.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-126-234.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:57 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Location: https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=1
Pragma: no-cache
Date: Wed, 12 May 2021 02:08:57 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 78
Content-Type: text/html; charset=utf-8

GET
H2

200

usersync
rtb.gumgum.com/ Frame 491B
Redirect Chain

https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
https://rtb.gumgum.com/usersync?b=idi&i=189e3510-153e-4d8c-86a0-18276d89c3f7

35 B
237 B

801ms
54ms

Image
image/gif

52.212.126.234
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=idi&i=189e3510-153e-4d8c-86a0-18276d89c3f7
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.126.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-126-234.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:50 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

location: https://rtb.gumgum.com/usersync?b=idi&i=189e3510-153e-4d8c-86a0-18276d89c3f7
date: Wed, 12 May 2021 02:08:49 GMT
access-control-allow-origin: *
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 491B
Redirect Chain

https://sync.1rx.io/usersync2/floor6&gdpr=1&gdpr_consent=
https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-0f1f7a4a-cfb6-4fe4-bba8-0fd07882d060-003&rndcb=3244697696
https://x.bidswitch.net/ul_cb/sync?ssp=adconductor&user_id=RX-0f1f7a4a-cfb6-4fe4-bba8-0fd07882d060-003&rndcb=3244697696
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=adconductor&bsw_custom_parameter=ded61855-d562-44eb-abfd-01fd63962fda
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=adconductor&bsw_custom_parameter=ded61855-d562-44eb-abfd-01fd63962fda
https://x.bidswitch.net/sync?dsp_id=4&user_id=5b74364b-19e2-417a-ad71-8c0f704ee25a&ssp=adconductor&expires=30&user_group=5&bsw_param=ded61855-d562-44eb-abfd-01fd63962fda
https://sync.1rx.io/usersync/bidswitch/ded61855-d562-44eb-abfd-01fd63962fda?gdpr=&gdpr_consent=
https://sync.1rx.io/usersync/bidswitch/ded61855-d562-44eb-abfd-01fd63962fda?zcc=1&dspret=0&cb=1620785341883
https://sync.targeting.unrulymedia.com/csync/RX-0f1f7a4a-cfb6-4fe4-bba8-0fd07882d060-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-0f1f7a4a-cfb6-4fe4-bba8-0fd07882d060-003

42 B
849 B

35ms
13ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-0f1f7a4a-cfb6-4fe4-bba8-0fd07882d060-003
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 02:09:00 GMT
X-lat: amspug013:0:369
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-0f1f7a4a-cfb6-4fe4-bba8-0fd07882d060-003
date: Wed, 12 May 2021 02:09:01 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX0f1f7a4acfb64fe4bba80fd07882d060003
content-type: text/html

GET rtset
bh.contextweb.com/bh/ Frame 491B 0
0

GET
H/1.1 200
OK merge
ce.lijit.com/ Frame 491B 43 B
1 KB 1038ms
14ms Image
image/gif 216.52.2.30
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=36&3pid=e_a99fda19-65e2-4122-9ec4-16d94cc68bb9
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 02:08:50 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap6ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 64A1
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=1&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
https://rtb.gumgum.com/usersync?b=mmh&i=93ce609b-38b1-4500-97af-85b0a122fbe3&gdpr=1&gdpr_consent=

35 B
237 B

150ms
37ms

Document
image/gif

52.212.126.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=mmh&i=93ce609b-38b1-4500-97af-85b0a122fbe3&gdpr=1&gdpr_consent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.126.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-126-234.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=mmh&i=93ce609b-38b1-4500-97af-85b0a122fbe3&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_a99fda19-65e2-4122-9ec4-16d94cc68bb9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

date: Wed, 12 May 2021 02:08:49 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

Date: Wed, 12 May 2021 02:08:52 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=360
Server: MT3 3709 11aaa92 master zrh-pixel-x24
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://rtb.gumgum.com/usersync?b=mmh&i=93ce609b-38b1-4500-97af-85b0a122fbe3&gdpr=1&gdpr_consent=
Expires: Wed, 12 May 2021 02:08:51 GMT

GET
H2 200 URnmbSKM Show response
sync-tm.everesttech.net/upi/pid/ Frame 72EC 85 B
390 B 103ms
102ms Document
image/png 151.101.14.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

:method: GET
:authority: sync-tm.everesttech.net
:scheme: https
:path: /upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: everest_g_v2=g_surferid~YJs4sQAA5Ag6uwAC
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

content-type: image/png
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
set-cookie: everest_g_v2=g_surferid~YJs4sQAA5Ag6uwAC;Max-Age=31536000;Domain=everesttech.net;Path=/;SameSite=None;Secure
server: Jetty(9.4.35.v20201120)
accept-ranges: bytes
date: Wed, 12 May 2021 02:08:49 GMT
via: 1.1 varnish
x-served-by: cache-fra19125-FRA
x-cache: MISS
x-cache-hits: 0
x-timer: S1620785329.461185,VS0,VE93
cache-control: no-cache
pragma: no-cache
content-length: 85

GET pixel
cm.g.doubleclick.net/ Frame 6A8B 0
0

GET user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7EC1 0
0

GET

/
de.tynt.com/deb/ Frame 6C48
Redirect Chain

https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
https://de.tynt.com/deb/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X

0
0

GET
H2 200 generic Show response
match.adsrvr.org/track/cmf/ Frame A8E1 70 B
264 B 382ms
30ms Document
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

:method: GET
:authority: match.adsrvr.org
:scheme: https
:path: /track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: TDID=20cb7bc9-a44b-4632-bad6-7f9939c54c11; TDCPM=CAEYASABKAIyCwjys8HPs73KORAFOAFaC2FkY29uZHVjdG9yYAI.
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

date: Wed, 12 May 2021 02:08:49 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 204 um
cs.emxdgt.com/ Frame 06F5 0
0 8072ms
8ms Document
text/html 18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

:method: GET
:authority: cs.emxdgt.com
:scheme: https
:path: /um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

content-type: text/html
date: Wed, 12 May 2021 02:08:56 GMT
content-length: 0

GET idsync
tg.socdm.com/aux/ Frame 47C0 0
0

GET cm
p.rfihub.com/ Frame F2C1 0
0

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 89AF
Redirect Chain

https://creativecdn.com/cm-notify?pi=gumgum
https://rtb.gumgum.com/usersync?b=rth&i=dNJNV81d9pAn6RTC9QDk&pi=gumgum

35 B
237 B

835ms
37ms

Document
image/gif

52.212.126.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=rth&i=dNJNV81d9pAn6RTC9QDk&pi=gumgum
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.126.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-126-234.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=rth&i=dNJNV81d9pAn6RTC9QDk&pi=gumgum
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_a99fda19-65e2-4122-9ec4-16d94cc68bb9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

date: Wed, 12 May 2021 02:08:50 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

date: Wed, 12 May 2021 02:08:49 GMT Wed, 12 May 2021 02:08:49 GMT
location: https://rtb.gumgum.com/usersync?b=rth&i=dNJNV81d9pAn6RTC9QDk&pi=gumgum
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-length: 0

GET
H2

200

usersync
rtb.gumgum.com/ Frame 792F
Redirect Chain

https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID
https://rtb.gumgum.com/usersync?b=apn&i=2677143257178690577

35 B
237 B

49ms
32ms

Image
image/gif

52.212.126.234
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=apn&i=2677143257178690577
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.126.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-126-234.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:56 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Pragma: no-cache
Date: Wed, 12 May 2021 02:08:56 GMT
X-Proxy-Origin: 159.48.53.198; 159.48.53.198; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.133:80
AN-X-Request-Uuid: e0af4ac4-2c3f-4ae3-928f-3b6ffacfedce
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://rtb.gumgum.com/usersync?b=apn&i=2677143257178690577
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 sync
x.bidswitch.net/ Frame 792F 43 B
145 B 421ms
8ms Image
image/gif 52.57.47.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_227d0bdb-5a1e-45f9-8ecd-e3c2f1bef11a&gdpr=1&gdpr_consent=&us_privacy=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.47.211 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-47-211.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:49 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2

200

usersync
rtb.gumgum.com/ Frame 792F
Redirect Chain

https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=1&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D
https://rtb.gumgum.com/usersync?b=obn&i=ENC%28rGJwsWq8RZvzz2JWPPBOI2AS_ca9cdiqlOCrwizzi6A467P2AsM3yuUke8pby87k%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26pla...

35 B
237 B

32ms
32ms

Image
image/gif

52.212.126.234
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=obn&i=ENC%28rGJwsWq8RZvzz2JWPPBOI2AS_ca9cdiqlOCrwizzi6A467P2AsM3yuUke8pby87k%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28rGJwsWq8RZvzz2JWPPBOI2AS_ca9cdiqlOCrwizzi6A467P2AsM3yuUke8pby87k%29
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.126.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-126-234.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 02:09:00 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

location: https://rtb.gumgum.com/usersync?b=obn&i=ENC%28rGJwsWq8RZvzz2JWPPBOI2AS_ca9cdiqlOCrwizzi6A467P2AsM3yuUke8pby87k%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28rGJwsWq8RZvzz2JWPPBOI2AS_ca9cdiqlOCrwizzi6A467P2AsM3yuUke8pby87k%29
Date: Wed, 12 May 2021 02:09:00 GMT
Connection: close
X-TraceId: 97111f457389855ba6c4fbe8fa0b1532
Content-Length: 0

GET cm
us-u.openx.net/w/1.0/ Frame 792F 0
0

GET
H/1.1 200
OK sync
sync.srv.stackadapt.com/ Frame 792F 43 B
168 B 3880ms
99ms Image
image/gif 3.225.15.51
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.srv.stackadapt.com/sync?nid=1&gdpr=1&gdpr_consent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.225.15.51 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 02:08:53 GMT
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2

200

usersync
rtb.gumgum.com/ Frame 792F
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=1&gdpr_consent=
https://rtb.gumgum.com/usersync?b=oth&i=y-Xq54HONE2pfceTMtQxrCC2rwoWaCqu_0Al2z~A

35 B
237 B

37ms
34ms

Image
image/gif

52.212.126.234
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=oth&i=y-Xq54HONE2pfceTMtQxrCC2rwoWaCqu_0Al2z~A
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.126.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-126-234.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:49 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

date: Wed, 12 May 2021 02:08:49 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://rtb.gumgum.com/usersync?b=oth&i=y-Xq54HONE2pfceTMtQxrCC2rwoWaCqu_0Al2z~A
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET generic
sync.ipredictive.com/d/sync/cookie/ Frame 792F 0
0

GET services
sync.technoratimedia.com/ Frame 792F 0
0

GET 142
match.deepintent.com/usersync/ Frame 792F 0
0

GET
H2

200

usersync
rtb.gumgum.com/ Frame 792F
Redirect Chain

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_227d0bdb-5a1e-45f9-8ecd-e3c2f1bef11a&gdpr=1&gdpr_consent=&us_privacy=
https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=1

35 B
237 B

32ms
32ms

Image
image/gif

52.212.126.234
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=1
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.126.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-126-234.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:57 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Location: https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=1
Pragma: no-cache
Date: Wed, 12 May 2021 02:08:57 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 78
Content-Type: text/html; charset=utf-8

GET
H2

200

usersync
rtb.gumgum.com/ Frame 792F
Redirect Chain

https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
https://rtb.gumgum.com/usersync?b=idi&i=189e3510-153e-4d8c-86a0-18276d89c3f7

35 B
237 B

39ms
38ms

Image
image/gif

52.212.126.234
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=idi&i=189e3510-153e-4d8c-86a0-18276d89c3f7
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.126.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-126-234.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:49 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

location: https://rtb.gumgum.com/usersync?b=idi&i=189e3510-153e-4d8c-86a0-18276d89c3f7
date: Wed, 12 May 2021 02:08:49 GMT
access-control-allow-origin: *
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 792F
Redirect Chain

https://sync.1rx.io/usersync2/floor6&gdpr=1&gdpr_consent=
https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-0f1f7a4a-cfb6-4fe4-bba8-0fd07882d060-003&rndcb=4881900560
https://x.bidswitch.net/ul_cb/sync?ssp=adconductor&user_id=RX-0f1f7a4a-cfb6-4fe4-bba8-0fd07882d060-003&rndcb=4881900560
https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=adconductor&bsw_custom_parameter=ded61855-d562-44eb-abfd-01fd63962fda
https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=adconductor&expires=10&bsw_param=ded61855-d562-44eb-abfd-01fd63962fda
https://sync.1rx.io/usersync/bidswitch/ded61855-d562-44eb-abfd-01fd63962fda?gdpr=&gdpr_consent=
https://sync.1rx.io/usersync/bidswitch/ded61855-d562-44eb-abfd-01fd63962fda?zcc=1&dspret=0&cb=1620785341884
https://sync.targeting.unrulymedia.com/csync/RX-0f1f7a4a-cfb6-4fe4-bba8-0fd07882d060-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-0f1f7a4a-cfb6-4fe4-bba8-0fd07882d060-003

42 B
849 B

39ms
13ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-0f1f7a4a-cfb6-4fe4-bba8-0fd07882d060-003
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 02:09:01 GMT
X-lat: amspug020:0:383
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-0f1f7a4a-cfb6-4fe4-bba8-0fd07882d060-003
date: Wed, 12 May 2021 02:09:01 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX0f1f7a4acfb64fe4bba80fd07882d060003
content-type: text/html

GET rtset
bh.contextweb.com/bh/ Frame 792F 0
0

GET
H/1.1 200
OK merge
ce.lijit.com/ Frame 792F 43 B
1 KB 1014ms
15ms Image
image/gif 216.52.2.30
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=36&3pid=e_227d0bdb-5a1e-45f9-8ecd-e3c2f1bef11a
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 02:08:50 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap6ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 2BF1
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=1&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
https://rtb.gumgum.com/usersync?b=mmh&i=93ce609b-38b1-4500-97af-85b0a122fbe3&gdpr=1&gdpr_consent=

35 B
237 B

144ms
49ms

Document
image/gif

52.212.126.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=mmh&i=93ce609b-38b1-4500-97af-85b0a122fbe3&gdpr=1&gdpr_consent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.126.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-126-234.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=mmh&i=93ce609b-38b1-4500-97af-85b0a122fbe3&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_a99fda19-65e2-4122-9ec4-16d94cc68bb9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

date: Wed, 12 May 2021 02:08:49 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

Date: Wed, 12 May 2021 02:08:52 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=360
Server: MT3 3709 11aaa92 master zrh-pixel-x2
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://rtb.gumgum.com/usersync?b=mmh&i=93ce609b-38b1-4500-97af-85b0a122fbe3&gdpr=1&gdpr_consent=
Expires: Wed, 12 May 2021 02:08:51 GMT

GET
H2 200 URnmbSKM Show response
sync-tm.everesttech.net/upi/pid/ Frame F81E 85 B
146 B 98ms
97ms Document
image/png 151.101.14.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

:method: GET
:authority: sync-tm.everesttech.net
:scheme: https
:path: /upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: everest_g_v2=g_surferid~YJs4sQAA5Ag6uwAC
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

content-type: image/png
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
set-cookie: everest_g_v2=g_surferid~YJs4sQAA5Ag6uwAC;Max-Age=31536000;Domain=everesttech.net;Path=/;SameSite=None;Secure
server: Jetty(9.4.35.v20201120)
accept-ranges: bytes
date: Wed, 12 May 2021 02:08:49 GMT
via: 1.1 varnish
x-served-by: cache-fra19125-FRA
x-cache: MISS
x-cache-hits: 0
x-timer: S1620785329.494010,VS0,VE90
cache-control: no-cache
pragma: no-cache
content-length: 85

GET pixel
cm.g.doubleclick.net/ Frame 43A7 0
0

GET user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 817E 0
0

GET

/
de.tynt.com/deb/ Frame 92FD
Redirect Chain

https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
https://de.tynt.com/deb/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X

0
0

GET
H2 200 generic Show response
match.adsrvr.org/track/cmf/ Frame 3957 70 B
265 B 347ms
30ms Document
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

:method: GET
:authority: match.adsrvr.org
:scheme: https
:path: /track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: TDID=20cb7bc9-a44b-4632-bad6-7f9939c54c11; TDCPM=CAEYASABKAIyCwjys8HPs73KORAFOAFaC2FkY29uZHVjdG9yYAI.
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

date: Wed, 12 May 2021 02:08:49 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 204 um
cs.emxdgt.com/ Frame 73F9 0
0 8035ms
8ms Document
text/html 18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

:method: GET
:authority: cs.emxdgt.com
:scheme: https
:path: /um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

content-type: text/html
date: Wed, 12 May 2021 02:08:56 GMT
content-length: 0

GET idsync
tg.socdm.com/aux/ Frame EF37 0
0

GET cm
p.rfihub.com/ Frame BBF1 0
0

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 90AF
Redirect Chain

https://creativecdn.com/cm-notify?pi=gumgum
https://rtb.gumgum.com/usersync?b=rth&i=dNJNV81d9pAn6RTC9QDk&pi=gumgum

35 B
238 B

834ms
36ms

Document
image/gif

52.212.126.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=rth&i=dNJNV81d9pAn6RTC9QDk&pi=gumgum
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.126.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-126-234.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=rth&i=dNJNV81d9pAn6RTC9QDk&pi=gumgum
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_a99fda19-65e2-4122-9ec4-16d94cc68bb9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

date: Wed, 12 May 2021 02:08:50 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

date: Wed, 12 May 2021 02:08:49 GMT Wed, 12 May 2021 02:08:49 GMT
location: https://rtb.gumgum.com/usersync?b=rth&i=dNJNV81d9pAn6RTC9QDk&pi=gumgum
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-length: 0

GET showad.js
ads.pubmatic.com/AdServer/js/ Frame C5DA 0
0

GET showad.js
ads.pubmatic.com/AdServer/js/ Frame 8B73 0
0

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=pastebin.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050601.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 12 May 2021 02:08:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 20ms
18ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=pastebin.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050601.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 12 May 2021 02:08:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 13 KB
6 KB 203ms
203ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4441367774568930&correlator=2697321217714798&output=ldjh&impl=fifs&eid=31061018%2C21068031%2C44740387&vrg=2021050601&ptt=17&gdpr=1&sc=1&sfv=1-0-38&ecs=20210512&iu_parts=307492156%2C12825_Pastebin.com%2C12825_Pastebin.com_SmartBanner_1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=160x600&prev_scp=vli_adslot%3D50013%26vli_adtype%3Ddisplay%26vli_sf%3D1&eri=1&cust_params=hb_domain%3Dpastebin.com&cookie=ID%3D5baad05f34cae925-22031fdf10c80055%3AT%3D1620785326%3AS%3DALNI_MZsFqqvVeYD3l4Xs_w2DfmFBOHfCg&bc=31&abxe=1&lmt=1620785329&dt=1620785329553&dlt=1620785324263&idt=1206&frm=20&biw=1600&bih=1200&oid=3&adxs=-190&adys=600&adks=2821627711&ucis=3&ifi=3&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fpastebin.com%2FFMmQ5FdC&ref=https%3A%2F%2Ft.co%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=160x-1&msz=160x-1&ga_vid=861194447.1620785325&ga_sid=1620785326&ga_hid=1797356772&ga_fc=false&fws=512&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050601.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4f132e93ae153387d87c90344af5e4a4f7fb8596f40ab8402b56d55ada2547c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:49 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6557
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pastebin.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame 5004 0
119 B 3545ms
9ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=120&adFormat=2&adslotId=&siteId=94859637&bannerId=146056&e=3&p=YJs4rgAEJ38K4DYSAAdTFcRAC8iMWRdRf38m4A&penc=&bp=38462&a=609b38ae-0004-d37e-0a77-8b197d07aa5e&n=1&geo=412122&rawURL=https%3A%2F%2Fpastebin.com%2FFMmQ5FdC&rawReferrerURL=&uid=ff60c67f-6142-4e7a-bd36-bbce98a85107&euid=&encn=N4IgXglgDiBcIgDQgMYHsCuA7ALgJwE84QARAUSRAEMc4BGZAGywHM4BOAOjoA4BmPshQQcReJQDOOGgFNiAISoATGVgC0AdQA-eHDhkBbAEYy8bJjTgAWHpwDsANgd2AvkA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCU9iKrjibYP_OEJLsgAeVpp3AA-b-o_dcjsqU12nAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItOTAzNTA4Nzc5MjY5Mjc3NcgBCakCNPy-p7hhtD7gAgCoAwGqBO4BT9Aj_FO6rx--Wd6-wKVk_QHgWb6qNw-m3Y9iZ7EA04uVwt27R-QzLbxpB63MD2RPYTc-k04BAwIPfbNRmXqu7W1KZlUkZ_zYMDQc8DMqxfp4TaXeULl01CtI7bRjz7c5lgYUgDwgIe2GKva8zgpqu0-mTd53Ntzf7HhxtZPmiJUlwBJovEv9CJu7gCWuK6Cx7-fCVe9_luJ4SriHZaTH14pONzplNukyVklZJWA73sEQqc1iZ3AEKCKtitMUlsp48arXv7gY_7OGDGQL59qa1ucBIlft9RKeLv060gwO8xCUuLBIltU5hl0aJCVP_uAEAYAG17OK4pyg7Y0RoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YBQEAHyCBthZHgtc3Vic3luLTc5MDQ5MDE4Njk5Nzc3NjX6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3lzqnVtqCuWcGpLDYdHBKEWxCwoA%26client%3Dca-pub-9035087792692775%26adurl%3D&gdpr=1&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Wed, 12 May 2021 02:08:53 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

POST c
prebid.a-mo.net/a/ 0
0

POST
H2 204 quantumdex Show response
useast.quantumdex.io/auction/ 0
439 B 232ms
226ms XHR
text/plain 2606:4700:20::ac43:47f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://useast.quantumdex.io/auction/quantumdex
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 12 May 2021 02:08:49 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST, GET
access-control-allow-origin: https://pastebin.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xI2jV2RyawjMejT9wKRIfY9%2Bf5gwL4Yo25aOCOe6CkgOJjyuelZraGz1ImyJvcPkfaskkN7LN1w8Sc6DZ75clJJf88KbVu4qJ%2Bib1R1LnBahFUI9JYqenwmIHUlhfKyvFg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 64e019f60d11178a-FRA
cf-request-id: 09ffee8dc10000178a8b363000000001

POST prebid
ib.adnxs.com/ut/v3/ 0
0

POST bid
ap.lijit.com/rtb/ 0
0

GET ROS
ads.us.e-planning.net/hb/1/2c995/1/pastebin.com/ 0
0

GET bidRequest
c2shb.ssp.yahoo.com/ 0
0

POST
H2 200 adreq Show response
ads.servenobid.com/ 301 B
542 B 145ms
76ms XHR
application/json 52.48.100.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servenobid.com/adreq?cb=10191
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.100.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-100-152.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 3bf2cdef54772b1204773e9534ce2ba2cfd29a55f65e10587a590bed98b5ca17

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 12 May 2021 02:08:49 GMT
content-encoding: gzip
amp-access-control-allow-source-origin: *
vary: accept-encoding
content-type: application/json
access-control-allow-origin: https://pastebin.com
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
access-control-allow-credentials: true

GET trinity.json
apex.go.sonobi.com/ 0
0

POST prebid
prebid.ad.smaato.net/oapi/ 0
0

POST prebid
ib.adnxs.com/ut/v3/ 0
0

POST bids
prebid-eu.creativecdn.com/bidder/prebid/ 0
0

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
367 B 3638ms
66ms XHR
text/javascript 65.9.95.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fpastebin.com%2FFMmQ5FdC&pr=https%3A%2F%2Ft.co%2F&pid=jVLFtIbQ28tvR&cb=4&ws=1600x1200&v=7.64.00&t=2000&slots=%5B%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22Amazon%22%7D%5D&cfgv=0&schain=1.0%2C1!interdogmedia.com%2C4734%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 6139dddd3b6b6b847bccd476918dc8fb4f4f5a10908e5707c704f155e0918e84

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:53 GMT
via: 1.1 aa90ed38e679f04bd48e055cce602e21.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: PRG50-C1
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://pastebin.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: FGZwrLlSMW3y47KCbDRu9cybuHtPSvUwfQ_6i_FpAbeDAn2IPAqp3w==

GET
H2

200

usersync
rtb.gumgum.com/ Frame D8A1
Redirect Chain

https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID
https://rtb.gumgum.com/usersync?b=apn&i=701479025587909645

35 B
237 B

35ms
32ms

Image
image/gif

52.212.126.234
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=apn&i=701479025587909645
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.126.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-126-234.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:56 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Pragma: no-cache
Date: Wed, 12 May 2021 02:08:56 GMT
X-Proxy-Origin: 159.48.53.198; 159.48.53.198; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.43:80
AN-X-Request-Uuid: 7f78151f-b3c2-45f2-ab26-3f7de25666be
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://rtb.gumgum.com/usersync?b=apn&i=701479025587909645
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 sync
x.bidswitch.net/ Frame D8A1 43 B
145 B 260ms
10ms Image
image/gif 52.57.47.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_227d0bdb-5a1e-45f9-8ecd-e3c2f1bef11a&gdpr=1&gdpr_consent=&us_privacy=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.47.211 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-47-211.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:49 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET redirectObuid
sync.outbrain.com/ Frame D8A1 0
0

GET cm
us-u.openx.net/w/1.0/ Frame D8A1 0
0

GET
H/1.1 200
OK sync
sync.srv.stackadapt.com/ Frame D8A1 43 B
168 B 3823ms
100ms Image
image/gif 3.225.15.51
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.srv.stackadapt.com/sync?nid=1&gdpr=1&gdpr_consent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.225.15.51 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 02:08:53 GMT
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2

200

usersync
rtb.gumgum.com/ Frame D8A1
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=1&gdpr_consent=
https://rtb.gumgum.com/usersync?b=oth&i=y-Xq54HONE2pfceTMtQxrCC2rwoWaCqu_0Al2z~A

35 B
237 B

755ms
53ms

Image
image/gif

52.212.126.234
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=oth&i=y-Xq54HONE2pfceTMtQxrCC2rwoWaCqu_0Al2z~A
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.126.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-126-234.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:50 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

date: Wed, 12 May 2021 02:08:49 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://rtb.gumgum.com/usersync?b=oth&i=y-Xq54HONE2pfceTMtQxrCC2rwoWaCqu_0Al2z~A
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET generic
sync.ipredictive.com/d/sync/cookie/ Frame D8A1 0
0

GET services
sync.technoratimedia.com/ Frame D8A1 0
0

GET 142
match.deepintent.com/usersync/ Frame D8A1 0
0

GET
H2

200

usersync
rtb.gumgum.com/ Frame D8A1
Redirect Chain

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_227d0bdb-5a1e-45f9-8ecd-e3c2f1bef11a&gdpr=1&gdpr_consent=&us_privacy=
https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=1

35 B
237 B

32ms
32ms

Image
image/gif

52.212.126.234
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=1
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.126.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-126-234.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:57 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Location: https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=1
Pragma: no-cache
Date: Wed, 12 May 2021 02:08:57 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 78
Content-Type: text/html; charset=utf-8

GET
H2

200

usersync
rtb.gumgum.com/ Frame D8A1
Redirect Chain

https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
https://rtb.gumgum.com/usersync?b=idi&i=189e3510-153e-4d8c-86a0-18276d89c3f7

35 B
237 B

762ms
54ms

Image
image/gif

52.212.126.234
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=idi&i=189e3510-153e-4d8c-86a0-18276d89c3f7
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.126.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-126-234.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:50 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

location: https://rtb.gumgum.com/usersync?b=idi&i=189e3510-153e-4d8c-86a0-18276d89c3f7
date: Wed, 12 May 2021 02:08:49 GMT
access-control-allow-origin: *
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame D8A1
Redirect Chain

https://sync.1rx.io/usersync2/floor6&gdpr=1&gdpr_consent=
https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-0f1f7a4a-cfb6-4fe4-bba8-0fd07882d060-003&rndcb=2579267512
https://x.bidswitch.net/ul_cb/sync?ssp=adconductor&user_id=RX-0f1f7a4a-cfb6-4fe4-bba8-0fd07882d060-003&rndcb=2579267512
https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=adconductor&bsw_custom_parameter=ded61855-d562-44eb-abfd-01fd63962fda&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
https://x.bidswitch.net/sync?dsp_id=283&user_id=b34a3b9d-0869-4582-a1d2-1d072e70e2d1&expires=1&user_group=5&ssp=adconductor&bsw_param=ded61855-d562-44eb-abfd-01fd63962fda
https://x.bidswitch.net/ul_cb/sync?dsp_id=283&user_id=b34a3b9d-0869-4582-a1d2-1d072e70e2d1&expires=1&user_group=5&ssp=adconductor&bsw_param=ded61855-d562-44eb-abfd-01fd63962fda
https://sync.1rx.io/usersync/bidswitch/2e863faa-4117-4926-82f0-b0f05af81357?gdpr=&gdpr_consent=
https://sync.1rx.io/usersync/bidswitch/2e863faa-4117-4926-82f0-b0f05af81357?zcc=1&dspret=0&cb=1620785341883
https://sync.targeting.unrulymedia.com/csync/RX-0f1f7a4a-cfb6-4fe4-bba8-0fd07882d060-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-0f1f7a4a-cfb6-4fe4-bba8-0fd07882d060-003

42 B
850 B

29ms
16ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-0f1f7a4a-cfb6-4fe4-bba8-0fd07882d060-003
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 02:09:01 GMT
X-lat: amspug004:0:2364
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-0f1f7a4a-cfb6-4fe4-bba8-0fd07882d060-003
date: Wed, 12 May 2021 02:09:01 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX0f1f7a4acfb64fe4bba80fd07882d060003
content-type: text/html

GET rtset
bh.contextweb.com/bh/ Frame D8A1 0
0

GET
H/1.1 200
OK merge
ce.lijit.com/ Frame D8A1 43 B
1 KB 974ms
15ms Image
image/gif 216.52.2.30
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=36&3pid=e_227d0bdb-5a1e-45f9-8ecd-e3c2f1bef11a
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 02:08:50 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap6ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 3DDD
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=1&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
https://rtb.gumgum.com/usersync?b=mmh&i=93ce609b-38b1-4500-97af-85b0a122fbe3&gdpr=1&gdpr_consent=

35 B
237 B

42ms
39ms

Document
image/gif

52.212.126.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=mmh&i=93ce609b-38b1-4500-97af-85b0a122fbe3&gdpr=1&gdpr_consent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.126.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-126-234.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=mmh&i=93ce609b-38b1-4500-97af-85b0a122fbe3&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_a99fda19-65e2-4122-9ec4-16d94cc68bb9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

date: Wed, 12 May 2021 02:08:49 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

Date: Wed, 12 May 2021 02:08:53 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=360
Server: MT3 3709 11aaa92 master zrh-pixel-x27
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://rtb.gumgum.com/usersync?b=mmh&i=93ce609b-38b1-4500-97af-85b0a122fbe3&gdpr=1&gdpr_consent=
Expires: Wed, 12 May 2021 02:08:52 GMT

GET
H2 200 URnmbSKM Show response
sync-tm.everesttech.net/upi/pid/ Frame 939D 85 B
154 B 111ms
105ms Document
image/png 151.101.14.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

:method: GET
:authority: sync-tm.everesttech.net
:scheme: https
:path: /upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: everest_g_v2=g_surferid~YJs4sQAA5Ag6uwAC
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

content-type: image/png
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
set-cookie: everest_g_v2=g_surferid~YJs4sQAA5Ag6uwAC;Max-Age=31536000;Domain=everesttech.net;Path=/;SameSite=None;Secure
server: Jetty(9.4.35.v20201120)
accept-ranges: bytes
date: Wed, 12 May 2021 02:08:49 GMT
via: 1.1 varnish
x-served-by: cache-fra19125-FRA
x-cache: MISS
x-cache-hits: 0
x-timer: S1620785330.655401,VS0,VE96
cache-control: no-cache
pragma: no-cache
content-length: 85

GET pixel
cm.g.doubleclick.net/ Frame CAC0 0
0

GET user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0341 0
0

GET

/
de.tynt.com/deb/ Frame 4CB6
Redirect Chain

https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
https://de.tynt.com/deb/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X

0
0

GET
H2 200 generic Show response
match.adsrvr.org/track/cmf/ Frame 0A0A 70 B
264 B 201ms
31ms Document
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

:method: GET
:authority: match.adsrvr.org
:scheme: https
:path: /track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: TDID=20cb7bc9-a44b-4632-bad6-7f9939c54c11; TDCPM=CAEYASABKAIyCwjys8HPs73KORAFOAFaC2FkY29uZHVjdG9yYAI.
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

date: Wed, 12 May 2021 02:08:49 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 204 um
cs.emxdgt.com/ Frame ADF5 0
0 7892ms
9ms Document
text/html 18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

:method: GET
:authority: cs.emxdgt.com
:scheme: https
:path: /um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

content-type: text/html
date: Wed, 12 May 2021 02:08:56 GMT
content-length: 0

GET idsync
tg.socdm.com/aux/ Frame 5D6C 0
0

GET cm
p.rfihub.com/ Frame 15DC 0
0

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 0913
Redirect Chain

https://creativecdn.com/cm-notify?pi=gumgum
https://rtb.gumgum.com/usersync?b=rth&i=dNJNV81d9pAn6RTC9QDk&pi=gumgum

35 B
237 B

835ms
36ms

Document
image/gif

52.212.126.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=rth&i=dNJNV81d9pAn6RTC9QDk&pi=gumgum
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.126.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-126-234.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=rth&i=dNJNV81d9pAn6RTC9QDk&pi=gumgum
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_a99fda19-65e2-4122-9ec4-16d94cc68bb9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

date: Wed, 12 May 2021 02:08:50 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

date: Wed, 12 May 2021 02:08:49 GMT Wed, 12 May 2021 02:08:49 GMT
location: https://rtb.gumgum.com/usersync?b=rth&i=dNJNV81d9pAn6RTC9QDk&pi=gumgum
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-length: 0

GET showad.js
ads.pubmatic.com/AdServer/js/ Frame EB7F 0
0

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame EB36 0
119 B 3447ms
9ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=90&adWidth=728&adFormat=4&adslotId=&siteId=94859637&bannerId=146072&e=3&p=YJs4rgAFR94K3rqFAAav9FkYZQcYFJ5HEd1p1w&penc=&bp=38462&a=609b38ae-0005-e22b-0ae0-25ca59038aa8&n=1&geo=412122&rawURL=https%3A%2F%2Fpastebin.com%2FFMmQ5FdC&rawReferrerURL=&uid=ff60c67f-6142-4e7a-bd36-bbce98a85107&euid=&encn=N4IgXglgDiBcIgDQgMYHsCuA7ALgJwE84QARAUSRAEMc4BGZAGywHM4BOAOjoA4BmPshQQcReJQDOOGgFNiAISoATGVgC0AdQA-eHDhkBbAEYy8bJjTgAWHpwDsANgd2AvkA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJUROrjibYN6PFYX1-gb035qYD-b-o_dc7ousiF_AjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItOTAzNTA4Nzc5MjY5Mjc3NcgBCakCKsu9ywlitD7gAgCoAwGqBO4BT9ADU5AzNthOvMw2Es3jpsFQD0-wJZtsjm-Qk_Kunn48mjdnagmYB7DCC7Vcm9E79n2hk7NzlwRLyesKzpaMt6GcYZnkVgVPknUl7_EvIza6oPlPs1IrjmoSAvDWvqEfHC1oPsQEwFNGrsKUvUVHEIUnwPI7SwV5wBA7YbNm46prx-jTXVb2WL_cOlnns4jLFEVQx14uACX1tC_tNSVZmcbf7jKFjYB_zrN8HoVnrT4IvXvDWviaOdShhhHHBfaSDSG8S9V6zAiShG2C9kKspybNESyWCyCMyKV21LsOfpz4Gmi6Ce59ow_AjHR7_-AEAYAGnPah-N7y5czxAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIiOGAEBAB8ggbYWR4LXN1YnN5bi03OTA0OTAxODY5OTc3NzY1-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_021CBPoQadwF5MZZcOsjeb7Vf6jQ%26client%3Dca-pub-9035087792692775%26adurl%3D&gdpr=1&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Wed, 12 May 2021 02:08:53 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

GET showad.js
ads.pubmatic.com/AdServer/js/ Frame A550 0
0

GET
H/1.1 200
OK merge
ce.lijit.com/ Frame B967 43 B
1 KB 926ms
16ms Image
image/gif 216.52.2.30
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=76&3pid=833d5157-34c2-00f4-156e-8b44b1991e19&gdpr=1&gdpr_consent=
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 02:08:50 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap6ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET img
sync.mathtag.com/sync/ Frame B967 0
0

GET p-25CIknq_eSg16.gif
pixel.quantserve.com/pixel/ Frame B967 0
0

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame B967
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8153820788382730034
https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=8153820788382730034

43 B
106 B

367ms
16ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=8153820788382730034
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.207.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:55 GMT
via: 1.1 google
server: OXGW/16.207.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=8153820788382730034
date: Wed, 12 May 2021 02:08:54 GMT
via: 1.1 google
server: OXGW/16.207.0
alt-svc: clear
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame B967 70 B
264 B 130ms
32ms Image
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=efd38f97-de76-3af9-52d2-3de2c928214b&gdpr=0
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:49 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET pixel
cm.g.doubleclick.net/ Frame B967 0
0

GET
H/1.1 200
OK merge
ce.lijit.com/ Frame 13EE 43 B
1 KB 925ms
17ms Image
image/gif 216.52.2.30
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=76&3pid=833d5157-34c2-00f4-156e-8b44b1991e19&gdpr=1&gdpr_consent=
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 02:08:50 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap6ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET img
sync.mathtag.com/sync/ Frame 13EE 0
0

GET p-25CIknq_eSg16.gif
pixel.quantserve.com/pixel/ Frame 13EE 0
0

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 13EE
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8898975458673937275
https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=8898975458673937275

43 B
106 B

368ms
18ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=8898975458673937275
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.207.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:55 GMT
via: 1.1 google
server: OXGW/16.207.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=8898975458673937275
date: Wed, 12 May 2021 02:08:54 GMT
via: 1.1 google
server: OXGW/16.207.0
alt-svc: clear
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame 13EE 70 B
264 B 141ms
54ms Image
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=efd38f97-de76-3af9-52d2-3de2c928214b&gdpr=0
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:49 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET pixel
cm.g.doubleclick.net/ Frame 13EE 0
0

GET
H/1.1 200
OK merge
ce.lijit.com/ Frame A4F1 43 B
1 KB 911ms
15ms Image
image/gif 216.52.2.30
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=76&3pid=833d5157-34c2-00f4-156e-8b44b1991e19&gdpr=1&gdpr_consent=
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 02:08:50 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap6ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET img
sync.mathtag.com/sync/ Frame A4F1 0
0

GET p-25CIknq_eSg16.gif
pixel.quantserve.com/pixel/ Frame A4F1 0
0

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame A4F1
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4672416737569210774
https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=4672416737569210774

43 B
243 B

366ms
15ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=4672416737569210774
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.207.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:55 GMT
via: 1.1 google
server: OXGW/16.207.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=4672416737569210774
date: Wed, 12 May 2021 02:08:54 GMT
via: 1.1 google
server: OXGW/16.207.0
alt-svc: clear
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame A4F1 70 B
264 B 104ms
55ms Image
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=efd38f97-de76-3af9-52d2-3de2c928214b&gdpr=0
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:49 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET pixel
cm.g.doubleclick.net/ Frame A4F1 0
0

GET
H/1.1 200
OK merge
ce.lijit.com/ Frame 8B8F 43 B
1 KB 925ms
14ms Image
image/gif 216.52.2.30
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=76&3pid=833d5157-34c2-00f4-156e-8b44b1991e19&gdpr=1&gdpr_consent=
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 02:08:50 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap6ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET img
sync.mathtag.com/sync/ Frame 8B8F 0
0

GET p-25CIknq_eSg16.gif
pixel.quantserve.com/pixel/ Frame 8B8F 0
0

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 8B8F
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=138700817122901300
https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=138700817122901300

43 B
106 B

367ms
16ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=138700817122901300
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.207.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:55 GMT
via: 1.1 google
server: OXGW/16.207.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=138700817122901300
date: Wed, 12 May 2021 02:08:54 GMT
via: 1.1 google
server: OXGW/16.207.0
alt-svc: clear
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame 8B8F 70 B
264 B 100ms
55ms Image
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=efd38f97-de76-3af9-52d2-3de2c928214b&gdpr=0
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:49 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET pixel
cm.g.doubleclick.net/ Frame 8B8F 0
0

GET showad.js
ads.pubmatic.com/AdServer/js/ Frame D3FF 0
0

GET
H3-29 200 container.html Show response
18f34aadf5b5bb994b05cb8f6a4026b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9FBC 6 KB
3 KB 10ms
9ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://18f34aadf5b5bb994b05cb8f6a4026b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050601.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 18f34aadf5b5bb994b05cb8f6a4026b6.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://pastebin.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://pastebin.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Wed, 12 May 2021 02:08:46 GMT
expires: Thu, 12 May 2022 02:08:46 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 3
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 50B0 6 KB
6 KB 1067ms
14ms Script
text/html 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=90900600&p=156212&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: f04883a22e6189721d7d87fa8d53db8c2a7a096c45481ec5b442779de8975da9

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 02:08:49 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ Frame FFE4 87 KB
35 KB 31ms
16ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-128776493-28

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1620759185/adf050ece17b957604b4bbfc1829059f.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c8adafc935010c435160fcdb96288564bed0c425f18cd9040df43713c2964fd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:49 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35502
x-xss-protection: 0
last-modified: Wed, 12 May 2021 00:23:24 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 12 May 2021 02:08:49 GMT

GET
H2

200

usersync
rtb.gumgum.com/ Frame 0CCE
Redirect Chain

https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID
https://rtb.gumgum.com/usersync?b=apn&i=3879939630180998637

35 B
237 B

42ms
42ms

Image
image/gif

52.212.126.234
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=apn&i=3879939630180998637
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D10065%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.126.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-126-234.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:56 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Pragma: no-cache
Date: Wed, 12 May 2021 02:08:56 GMT
X-Proxy-Origin: 159.48.53.198; 159.48.53.198; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.43:80
AN-X-Request-Uuid: fdc07946-161e-4573-a6e0-8b2cb2406bf1
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://rtb.gumgum.com/usersync?b=apn&i=3879939630180998637
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 sync
x.bidswitch.net/ Frame 0CCE 43 B
145 B 10ms
8ms Image
image/gif 52.57.47.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_a99fda19-65e2-4122-9ec4-16d94cc68bb9&gdpr=1&gdpr_consent=&us_privacy=1---
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D10065%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.47.211 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-47-211.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:49 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET redirectObuid
sync.outbrain.com/ Frame 0CCE 0
0

GET cm
us-u.openx.net/w/1.0/ Frame 0CCE 0
0

GET
H/1.1 200
OK sync
sync.srv.stackadapt.com/ Frame 0CCE 43 B
168 B 3638ms
100ms Image
image/gif 3.225.15.51
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.srv.stackadapt.com/sync?nid=1&gdpr=1&gdpr_consent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D10065%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.225.15.51 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 02:08:53 GMT
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2

200

usersync
rtb.gumgum.com/ Frame 0CCE
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=1&gdpr_consent=
https://rtb.gumgum.com/usersync?b=oth&i=y-Xq54HONE2pfceTMtQxrCC2rwoWaCqu_0Al2z~A

35 B
237 B

545ms
55ms

Image
image/gif

52.212.126.234
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=oth&i=y-Xq54HONE2pfceTMtQxrCC2rwoWaCqu_0Al2z~A
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D10065%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.126.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-126-234.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:50 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

date: Wed, 12 May 2021 02:08:50 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://rtb.gumgum.com/usersync?b=oth&i=y-Xq54HONE2pfceTMtQxrCC2rwoWaCqu_0Al2z~A
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET generic
sync.ipredictive.com/d/sync/cookie/ Frame 0CCE 0
0

GET services
sync.technoratimedia.com/ Frame 0CCE 0
0

GET 142
match.deepintent.com/usersync/ Frame 0CCE 0
0

GET
H2

200

usersync
rtb.gumgum.com/ Frame 0CCE
Redirect Chain

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_a99fda19-65e2-4122-9ec4-16d94cc68bb9&gdpr=1&gdpr_consent=&us_privacy=1---
https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=1&us_privacy=1---

35 B
238 B

591ms
32ms

Image
image/gif

52.212.126.234
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=1&us_privacy=1---
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D10065%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.126.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-126-234.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:58 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Location: https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=1&us_privacy=1---
Pragma: no-cache
Date: Wed, 12 May 2021 02:08:57 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 98
Content-Type: text/html; charset=utf-8

GET
H2

200

usersync
rtb.gumgum.com/ Frame 0CCE
Redirect Chain

https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
https://rtb.gumgum.com/usersync?b=idi&i=189e3510-153e-4d8c-86a0-18276d89c3f7

35 B
237 B

993ms
33ms

Image
image/gif

52.212.126.234
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=idi&i=189e3510-153e-4d8c-86a0-18276d89c3f7
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D10065%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.126.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-126-234.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:51 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

location: https://rtb.gumgum.com/usersync?b=idi&i=189e3510-153e-4d8c-86a0-18276d89c3f7
date: Wed, 12 May 2021 02:08:50 GMT
access-control-allow-origin: *
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET

match
ads.betweendigital.com/ Frame 0CCE
Redirect Chain

https://sync.1rx.io/usersync2/floor6&gdpr=1&gdpr_consent=
https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-0f1f7a4a-cfb6-4fe4-bba8-0fd07882d060-003&rndcb=2022572857
https://x.bidswitch.net/ul_cb/sync?ssp=adconductor&user_id=RX-0f1f7a4a-cfb6-4fe4-bba8-0fd07882d060-003&rndcb=2022572857
https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dadconductor%26expires%3D30%26user_group%3D...

0
0

GET rtset
bh.contextweb.com/bh/ Frame 0CCE 0
0

GET
H2 200 sync
ads.servenobid.com/ Frame 0CCE 0
299 B 735ms
55ms Image
image/avif 52.48.100.152
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=309&cd=10065&uid=e_a99fda19-65e2-4122-9ec4-16d94cc68bb9
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D10065%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.100.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-100-152.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 12 May 2021 02:08:50 GMT
access-control-allow-credentials: true
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
content-length: 0
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin

GET img
sync.mathtag.com/sync/ Frame B045 0
0

GET
H2 200 URnmbSKM Show response
sync-tm.everesttech.net/upi/pid/ Frame 1D6A 85 B
417 B 119ms
102ms Document
image/png 151.101.14.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D10065%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

:method: GET
:authority: sync-tm.everesttech.net
:scheme: https
:path: /upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://g2.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: everest_g_v2=g_surferid~YJs4sQAA5Ag6uwAC
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://g2.gumgum.com/

Response headers

content-type: image/png
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
set-cookie: everest_g_v2=g_surferid~YJs4sQAA5Ag6uwAC;Max-Age=31536000;Domain=everesttech.net;Path=/;SameSite=None;Secure
server: Jetty(9.4.35.v20201120)
accept-ranges: bytes
date: Wed, 12 May 2021 02:08:50 GMT
via: 1.1 varnish
x-served-by: cache-fra19151-FRA
x-cache: MISS
x-cache-hits: 0
x-timer: S1620785330.954330,VS0,VE96
cache-control: no-cache
pragma: no-cache
content-length: 85

GET pixel
cm.g.doubleclick.net/ Frame AC76 0
0

GET user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A44A 0
0

GET /
ssc-cms.33across.com/ps/ Frame B95C 0
0

GET
H2 200 generic Show response
match.adsrvr.org/track/cmf/ Frame 45FB 70 B
265 B 2101ms
30ms Document
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D10065%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

:method: GET
:authority: match.adsrvr.org
:scheme: https
:path: /track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://g2.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: TDID=20cb7bc9-a44b-4632-bad6-7f9939c54c11; TDCPM=CAEYASABKAIyCwjys8HPs73KORAFOAFaC2FkY29uZHVjdG9yYAI.
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://g2.gumgum.com/

Response headers

date: Wed, 12 May 2021 02:08:52 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 204 um
cs.emxdgt.com/ Frame D2A5 0
0 7600ms
9ms Document
text/html 18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D10065%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

:method: GET
:authority: cs.emxdgt.com
:scheme: https
:path: /um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://g2.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://g2.gumgum.com/

Response headers

content-type: text/html
date: Wed, 12 May 2021 02:08:56 GMT
content-length: 0

GET idsync
tg.socdm.com/aux/ Frame CEDE 0
0

GET cm
p.rfihub.com/ Frame 9EEC 0
0

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 5709
Redirect Chain

https://creativecdn.com/cm-notify?pi=gumgum
https://rtb.gumgum.com/usersync?b=rth&i=dNJNV81d9pAn6RTC9QDk&pi=gumgum

35 B
237 B

883ms
33ms

Document
image/gif

52.212.126.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=rth&i=dNJNV81d9pAn6RTC9QDk&pi=gumgum
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D10065%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.126.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-126-234.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=rth&i=dNJNV81d9pAn6RTC9QDk&pi=gumgum
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://g2.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://g2.gumgum.com/

Response headers

date: Wed, 12 May 2021 02:08:51 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

date: Wed, 12 May 2021 02:08:51 GMT Wed, 12 May 2021 02:08:51 GMT
location: https://rtb.gumgum.com/usersync?b=rth&i=dNJNV81d9pAn6RTC9QDk&pi=gumgum
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-length: 0

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame 5004 0
119 B 3121ms
9ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=120&adFormat=2&adslotId=&siteId=94859637&bannerId=146056&e=3&p=YJs4rgAEJ38K4DYSAAdTFcRAC8iMWRdRf38m4A&penc=&bp=38462&a=609b38ae-0004-d37e-0a77-8b197d07aa5e&n=1&geo=412122&rawURL=https%3A%2F%2Fpastebin.com%2FFMmQ5FdC&rawReferrerURL=&uid=ff60c67f-6142-4e7a-bd36-bbce98a85107&euid=&encn=N4IgXglgDiBcIgDQgMYHsCuA7ALgJwE84QARAUSRAEMc4BGZAGywHM4BOAOjoA4BmPshQQcReJQDOOGgFNiAISoATGVgC0AdQA-eHDhkBbAEYy8bJjTgAWHpwDsANgd2AvkA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCU9iKrjibYP_OEJLsgAeVpp3AA-b-o_dcjsqU12nAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItOTAzNTA4Nzc5MjY5Mjc3NcgBCakCNPy-p7hhtD7gAgCoAwGqBO4BT9Aj_FO6rx--Wd6-wKVk_QHgWb6qNw-m3Y9iZ7EA04uVwt27R-QzLbxpB63MD2RPYTc-k04BAwIPfbNRmXqu7W1KZlUkZ_zYMDQc8DMqxfp4TaXeULl01CtI7bRjz7c5lgYUgDwgIe2GKva8zgpqu0-mTd53Ntzf7HhxtZPmiJUlwBJovEv9CJu7gCWuK6Cx7-fCVe9_luJ4SriHZaTH14pONzplNukyVklZJWA73sEQqc1iZ3AEKCKtitMUlsp48arXv7gY_7OGDGQL59qa1ucBIlft9RKeLv060gwO8xCUuLBIltU5hl0aJCVP_uAEAYAG17OK4pyg7Y0RoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YBQEAHyCBthZHgtc3Vic3luLTc5MDQ5MDE4Njk5Nzc3NjX6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3lzqnVtqCuWcGpLDYdHBKEWxCwoA%26client%3Dca-pub-9035087792692775%26adurl%3D&gdpr=1&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Wed, 12 May 2021 02:08:53 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 9FBC 0
0 47ms
47ms Fetch
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CSiPOsTibYN6gJJiL7gOt4onIBeb-o_dc7s2U12nAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItOTAzNTA4Nzc5MjY5Mjc3NcgBCakCKsu9ywlitD7gAgCoAwGqBP0BT9BhcK85DKNHSWA0lpxN-udx7tQwgqbRRiAzhTtybhAKqcnQVedAnY0pcIWXldI7zYwGq7B_W-KpDTYZQLZNzigugTVZNe6QdvcV96GelsKXvTSZe5w1UMrbjvjFZWB7D_jOa_K1iU1zXfdX_kmhZP-8J2xLF-LvH2CvNedwr2oo22CiwIHnJTi10b-iFiLHdKcA-CYLgLDGGXncRfqdNK8pER_lNa_864w1lV4G5T7wqroWAw-HCEQvOfFt-4qtpbonLrsqtiSyiCUNIfn3KMSr_VOfCxh-Zel0CbpmUf4DHjYMQA-FyCuqvUrfJjZ2ZP0TAuPjtBrLJQPWhOAEAYAGjs2xk9b3yuRJoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTc5MDQ5MDE4Njk5Nzc3NjWACgP6CwIIAYAMAdAVAYAXAbIXGAoWEhRwdWItOTAzNTA4Nzc5MjY5Mjc3NQ&sigh=HQy3griUOFk
Requested by: Host: t.co
URL: https://t.co/9Vk8hb9h3x
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://18f34aadf5b5bb994b05cb8f6a4026b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 200 Cookie set ShowAd Show response
brain.rvty.net/RTB/ Frame C536 2 KB
2 KB 3071ms
15ms Document
text/html 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=94859637&bannerId=146060&e=3&p=YJs4sQAJEF4Ke4WYAAJxLUjnOX2KUtSRZ5LiZg&penc=&bp=38462&a=609b38b1-0009-ce5c-0ae0-338379011f85&n=1&geo=412122&rawURL=https%3A%2F%2Fpastebin.com%2FFMmQ5FdC&rawReferrerURL=&uid=4aba4bda-0a13-44b7-bb1e-ac05604d65ed&euid=CAESEGMj64v031Bt0oo0R_6b3qI&encn=N4IgXglgDiBcIgDQgMYHsCuA7ALgJwE84QARAUSRAEMc4BGZAGywHM4BOAOjoA4BmPshQQcReJQDOOGgFNiAISoATGVgC0AdQA-eHDhkBbAEYy8bJjTgAWHpwDsANgd2AvkA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIedJsTibYN6gJJiL7gOt4onIBeb-o_dc7s2U12nAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItOTAzNTA4Nzc5MjY5Mjc3NcgBCakCKsu9ywlitD7gAgCoAwGqBIACT9BhcK85DKNHSWA0lpxN-udx7tQwgqbRRiAzhTtybhAKqcnQVedAnY0pcIWXldI7zYwGq7B_W-KpDTYZQLZNzigugTVZNe6QdvcV96GelsKXvTSZe5w1UMrbjvjFZWB7D_jOa_K1iU1zXfdX_kmhZP-8J2xLF-LvH2CvNedwr2oo22CiwIHnJTi10b-iFiLHdKcA-CYLgLDGGXncRfqdNK8pER_lNa_864w1lV4G5T7wqroWAw-HCEQvOfFt-4qtpbonLrsqtiSyiCUNIfn3KMSr_VOfCxh-Zel0CbpmUf4DHjYMQA-FyCuqvQjdK6T8hTsr_iWqP8TlqvWskGF--OAEAYAGjs2xk9b3yuRJoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTc5MDQ5MDE4Njk5Nzc3NjX6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1zoaOZEDT6gMwa9vaq8FmJSovGaQ%26client%3Dca-pub-9035087792692775%26adurl%3D&gdpr=1&gdpr_consent=
Requested by: Host: 18f34aadf5b5bb994b05cb8f6a4026b6.safeframe.googlesyndication.com
URL: https://18f34aadf5b5bb994b05cb8f6a4026b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: 4060f1b4708b9b58ea5bcf43d8543c496a283511df995913247bf02b33a334c5

Request headers

Host: brain.rvty.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://18f34aadf5b5bb994b05cb8f6a4026b6.safeframe.googlesyndication.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: RTBUserId=ff60c67f-6142-4e7a-bd36-bbce98a85107
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://18f34aadf5b5bb994b05cb8f6a4026b6.safeframe.googlesyndication.com/

Response headers

Server: nginx/1.13.4
Date: Wed, 12 May 2021 02:08:53 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: RTBUserId=4aba4bda-0a13-44b7-bb1e-ac05604d65ed; path=/; SameSite=None; secure; Expires=Thu, 12 May 2022 04:08:53 CEST RTBUserId-Old=4aba4bda-0a13-44b7-bb1e-ac05604d65ed; path=/; secure; Expires=Thu, 12 May 2022 04:08:53 CEST RTBUserId-Plain=4aba4bda-0a13-44b7-bb1e-ac05604d65ed; path=/; Expires=Thu, 12 May 2022 04:08:53 CEST
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Encoding: gzip

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210510/r20110914/client/ Frame 9FBC 2 KB
1 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210510/r20110914/client/window_focus_fy2019.js

Requested by

Host: 18f34aadf5b5bb994b05cb8f6a4026b6.safeframe.googlesyndication.com
URL: https://18f34aadf5b5bb994b05cb8f6a4026b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://18f34aadf5b5bb994b05cb8f6a4026b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 01:12:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3382
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 May 2021 01:12:28 GMT

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame C991 1 KB
749 B 9ms
8ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 18f34aadf5b5bb994b05cb8f6a4026b6.safeframe.googlesyndication.com
URL: https://18f34aadf5b5bb994b05cb8f6a4026b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://18f34aadf5b5bb994b05cb8f6a4026b6.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://18f34aadf5b5bb994b05cb8f6a4026b6.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 11 May 2021 06:38:34 GMT
expires: Wed, 12 May 2021 06:38:34 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
cache-control: public, max-age=86400
age: 70216
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9FBC 116 KB
35 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 18f34aadf5b5bb994b05cb8f6a4026b6.safeframe.googlesyndication.com
URL: https://18f34aadf5b5bb994b05cb8f6a4026b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e3de2e14d9c8708fe42cbb220f1c4d52b720493b1503aa266fac9361b64ac31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://18f34aadf5b5bb994b05cb8f6a4026b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620696594685118"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36097
x-xss-protection: 0
expires: Wed, 12 May 2021 02:08:50 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210510/r20110914/client/ Frame 9FBC 13 KB
6 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210510/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 18f34aadf5b5bb994b05cb8f6a4026b6.safeframe.googlesyndication.com
URL: https://18f34aadf5b5bb994b05cb8f6a4026b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://18f34aadf5b5bb994b05cb8f6a4026b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 01:27:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2472
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5621
x-xss-protection: 0
server: cafe
etag: 8169261014141303515
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 May 2021 01:27:38 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 9FBC 0
0 47ms
14ms Image
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRQQKkdUsfjXuq1Wnc1-szHpcfyD0o-JUIB7Z0oCnnzzW19-Y_zf8E3r6TeKGy6CqCQvVpCvZBrXtBtNj3afp0WQGw-lQ
Requested by: Host: 18f34aadf5b5bb994b05cb8f6a4026b6.safeframe.googlesyndication.com
URL: https://18f34aadf5b5bb994b05cb8f6a4026b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://18f34aadf5b5bb994b05cb8f6a4026b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 9FBC 22 KB
7 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 18f34aadf5b5bb994b05cb8f6a4026b6.safeframe.googlesyndication.com
URL: https://18f34aadf5b5bb994b05cb8f6a4026b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://18f34aadf5b5bb994b05cb8f6a4026b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 09:30:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59894
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 May 2022 09:30:36 GMT

GET
H3-29 200 analytics.js Show response
www.google-analytics.com/ Frame FFE4 48 KB
19 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-128776493-28

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 6118
date: Wed, 12 May 2021 00:26:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Wed, 12 May 2021 02:26:52 GMT

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame EB36 0
119 B 3033ms
9ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=90&adWidth=728&adFormat=4&adslotId=&siteId=94859637&bannerId=146072&e=3&p=YJs4rgAFR94K3rqFAAav9FkYZQcYFJ5HEd1p1w&penc=&bp=38462&a=609b38ae-0005-e22b-0ae0-25ca59038aa8&n=1&geo=412122&rawURL=https%3A%2F%2Fpastebin.com%2FFMmQ5FdC&rawReferrerURL=&uid=ff60c67f-6142-4e7a-bd36-bbce98a85107&euid=&encn=N4IgXglgDiBcIgDQgMYHsCuA7ALgJwE84QARAUSRAEMc4BGZAGywHM4BOAOjoA4BmPshQQcReJQDOOGgFNiAISoATGVgC0AdQA-eHDhkBbAEYy8bJjTgAWHpwDsANgd2AvkA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJUROrjibYN6PFYX1-gb035qYD-b-o_dc7ousiF_AjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItOTAzNTA4Nzc5MjY5Mjc3NcgBCakCKsu9ywlitD7gAgCoAwGqBO4BT9ADU5AzNthOvMw2Es3jpsFQD0-wJZtsjm-Qk_Kunn48mjdnagmYB7DCC7Vcm9E79n2hk7NzlwRLyesKzpaMt6GcYZnkVgVPknUl7_EvIza6oPlPs1IrjmoSAvDWvqEfHC1oPsQEwFNGrsKUvUVHEIUnwPI7SwV5wBA7YbNm46prx-jTXVb2WL_cOlnns4jLFEVQx14uACX1tC_tNSVZmcbf7jKFjYB_zrN8HoVnrT4IvXvDWviaOdShhhHHBfaSDSG8S9V6zAiShG2C9kKspybNESyWCyCMyKV21LsOfpz4Gmi6Ce59ow_AjHR7_-AEAYAGnPah-N7y5czxAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIiOGAEBAB8ggbYWR4LXN1YnN5bi03OTA0OTAxODY5OTc3NzY1-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_021CBPoQadwF5MZZcOsjeb7Vf6jQ%26client%3Dca-pub-9035087792692775%26adurl%3D&gdpr=1&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Wed, 12 May 2021 02:08:53 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

GET
DATA 200
OK truncated
/ Frame 9FBC 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 98a42630691dd9a9e70c70d3a8ce47baa885fe6f89f8dae8a2ffd18b325d8142

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 collect Show response
www.google-analytics.com/j/ Frame FFE4 1 B
406 B 406ms
13ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=462729829&t=pageview&_s=1&dl=https%3A%2F%2Fpastebin.com%2FFMmQ5FdC&ul=en-us&de=UTF-8&dt=Adx_smartbanner_pastebin.com_0_Default&sd=24-bit&sr=1600x1200&vp=&je=0&cn=0&cs=pastebin.com&cm=Adx_smartbanner&cc=Default&_u=YEBAAUABAAAAAC~&jid=1136808786&gjid=784861677&cid=1410753441.1620785330&tid=UA-128776493-28&_gid=2098393849.1620785330&_r=1&gtm=2ou550&z=1224547209

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pastebin.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET

pixel
cm.g.doubleclick.net/ Frame C991
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESELWTfp6a84dDFionGsXJEoA&google_push=AQvitUKBHvehR1-uw_iMh49xoi-93ehNI3psVCOvcPw1F8A9AFNYPWfm8t...

0
0

GET

pixel
cm.g.doubleclick.net/ Frame C991
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=9O3h4hixT22FhwII503kmg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

0
0

GET sync.php
pixel.rubiconproject.com/exchange/ Frame C991 0
0

GET

pixel
cm.g.doubleclick.net/ Frame C991
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEJ1A1EtFJCbGRhmMVouGlC4&google_cver=1&google_push=AQvitUIb74pO1-0IuuUO6VKF84hD6znNYgM1lb-QvmmEEROp80EPcwM1OUbHpFuOntsNQxtq4u_Q9qpv5F4Hhl6z4...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AQvitUIb74pO1-0IuuUO6VKF84hD6znNYgM1lb-QvmmEEROp80EPcwM1OUbHpFuOntsNQxtq4u_Q9qpv5F4Hhl6z4_pmi_7JQFDn&google_hm=dfcd2b4a1a4d93e58baf189a

0
0

GET ebda
eb2.3lift.com/ Frame C991 0
0

GET sync
pixel.advertising.com/ups/58202/ Frame C991 0
0

GET
H2 200 dot.gif
s0.2mdn.net/ Frame C991 43 B
396 B 471ms
14ms Image
image/gif 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_gid=CAESEHpPgnSyFiSSSYlog4jVf7s&google_cver=1&google_push=AQvitULS4cE-KWv1vJ8gOw5uBe2X3ZvgUmUv79qAH168UGaRZDbeXlcPuHP6nTEKWDi7aToyAcjiUjOhiGzPd1RcNiZqMldSuwKq1w

Requested by

Host: 18f34aadf5b5bb994b05cb8f6a4026b6.safeframe.googlesyndication.com
URL: https://18f34aadf5b5bb994b05cb8f6a4026b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Thu, 13 May 2021 02:08:50 GMT

GET attr
cm.g.doubleclick.net/pixel/ Frame C991 0
0

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame 5004 0
119 B 2646ms
9ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=120&adFormat=2&adslotId=&siteId=94859637&bannerId=146056&e=3&p=YJs4rgAEJ38K4DYSAAdTFcRAC8iMWRdRf38m4A&penc=&bp=38462&a=609b38ae-0004-d37e-0a77-8b197d07aa5e&n=1&geo=412122&rawURL=https%3A%2F%2Fpastebin.com%2FFMmQ5FdC&rawReferrerURL=&uid=ff60c67f-6142-4e7a-bd36-bbce98a85107&euid=&encn=N4IgXglgDiBcIgDQgMYHsCuA7ALgJwE84QARAUSRAEMc4BGZAGywHM4BOAOjoA4BmPshQQcReJQDOOGgFNiAISoATGVgC0AdQA-eHDhkBbAEYy8bJjTgAWHpwDsANgd2AvkA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCU9iKrjibYP_OEJLsgAeVpp3AA-b-o_dcjsqU12nAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItOTAzNTA4Nzc5MjY5Mjc3NcgBCakCNPy-p7hhtD7gAgCoAwGqBO4BT9Aj_FO6rx--Wd6-wKVk_QHgWb6qNw-m3Y9iZ7EA04uVwt27R-QzLbxpB63MD2RPYTc-k04BAwIPfbNRmXqu7W1KZlUkZ_zYMDQc8DMqxfp4TaXeULl01CtI7bRjz7c5lgYUgDwgIe2GKva8zgpqu0-mTd53Ntzf7HhxtZPmiJUlwBJovEv9CJu7gCWuK6Cx7-fCVe9_luJ4SriHZaTH14pONzplNukyVklZJWA73sEQqc1iZ3AEKCKtitMUlsp48arXv7gY_7OGDGQL59qa1ucBIlft9RKeLv060gwO8xCUuLBIltU5hl0aJCVP_uAEAYAG17OK4pyg7Y0RoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YBQEAHyCBthZHgtc3Vic3luLTc5MDQ5MDE4Njk5Nzc3NjX6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3lzqnVtqCuWcGpLDYdHBKEWxCwoA%26client%3Dca-pub-9035087792692775%26adurl%3D&gdpr=1&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Wed, 12 May 2021 02:08:53 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame EB36 0
119 B 2571ms
9ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=90&adWidth=728&adFormat=4&adslotId=&siteId=94859637&bannerId=146072&e=3&p=YJs4rgAFR94K3rqFAAav9FkYZQcYFJ5HEd1p1w&penc=&bp=38462&a=609b38ae-0005-e22b-0ae0-25ca59038aa8&n=1&geo=412122&rawURL=https%3A%2F%2Fpastebin.com%2FFMmQ5FdC&rawReferrerURL=&uid=ff60c67f-6142-4e7a-bd36-bbce98a85107&euid=&encn=N4IgXglgDiBcIgDQgMYHsCuA7ALgJwE84QARAUSRAEMc4BGZAGywHM4BOAOjoA4BmPshQQcReJQDOOGgFNiAISoATGVgC0AdQA-eHDhkBbAEYy8bJjTgAWHpwDsANgd2AvkA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJUROrjibYN6PFYX1-gb035qYD-b-o_dc7ousiF_AjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItOTAzNTA4Nzc5MjY5Mjc3NcgBCakCKsu9ywlitD7gAgCoAwGqBO4BT9ADU5AzNthOvMw2Es3jpsFQD0-wJZtsjm-Qk_Kunn48mjdnagmYB7DCC7Vcm9E79n2hk7NzlwRLyesKzpaMt6GcYZnkVgVPknUl7_EvIza6oPlPs1IrjmoSAvDWvqEfHC1oPsQEwFNGrsKUvUVHEIUnwPI7SwV5wBA7YbNm46prx-jTXVb2WL_cOlnns4jLFEVQx14uACX1tC_tNSVZmcbf7jKFjYB_zrN8HoVnrT4IvXvDWviaOdShhhHHBfaSDSG8S9V6zAiShG2C9kKspybNESyWCyCMyKV21LsOfpz4Gmi6Ce59ow_AjHR7_-AEAYAGnPah-N7y5czxAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIiOGAEBAB8ggbYWR4LXN1YnN5bi03OTA0OTAxODY5OTc3NzY1-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_021CBPoQadwF5MZZcOsjeb7Vf6jQ%26client%3Dca-pub-9035087792692775%26adurl%3D&gdpr=1&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Wed, 12 May 2021 02:08:53 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

GET usersync.aspx
dis.criteo.com/dis/ Frame 20E9 0
0

GET pubmatic
d5p.de17a.com/getuid/ Frame F0D0 0
0

GET
H/1.1

200
OK

Cookie set Pug Show response
simage2.pubmatic.com/AdServer/ Frame AE11
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6961219986191808665

42 B
771 B

279ms
13ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6961219986191808665
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host: simage2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KADUSERCOOKIE=F4EDE1E2-18B1-4F6D-8587-0208E74DE49A; chkChromeAb67Sec=1; DPSync3=1621987200%3A201_227_226_221; SyncRTB3=1622073600%3A35%7C1621641600%3A63%7C1621987200%3A161_8_22_71_166_55_13_21_3_231_165_99_204_56_88_220_234_230_176_54_7_81_189%7C1621382400%3A223_2_15_67%7C1623369600%3A203; KTPCACOOKIE=YES
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Wed, 12 May 2021 02:08:51 GMT
Content-Type: image/gif; charset=utf-8
Content-Length: 42
Connection: keep-alive
Set-Cookie: KRTBCOOKIE_1101=23040-6961219986191808665; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 11-Jun-2021 02:08:51 GMT; path=/ PugT=1620785331; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 11-Jun-2021 02:08:51 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 10-Aug-2021 02:08:51 GMT; path=/
X-lat: amspug009:0:385
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private

Redirect headers

Server: nginx
Date: Wed, 12 May 2021 02:08:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie: UserID1=6961219986191808665; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6961219986191808665

GET pm&gdpr=1&gdpr_consent=
match.prod.bidr.io/cookie-sync/ Frame 6EFA 0
0

GET
H/1.1 200
OK bridge Show response
cm.adgrx.com/ Frame 9E38 43 B
408 B 173ms
14ms Document
image/gif 173.231.180.197
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=1&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.231.180.197 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Host: cm.adgrx.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Date: Wed, 12 May 2021 02:08:51 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
server: Cowboy
X-RealServer-NX: ams-delivery-1
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Pragma: no-cache
Expires: Thu, 23 Sep 2004 17:42:04 GMT
P3P: CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin: *

GET
H/1.1

200
OK

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 0179
Redirect Chain

https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie=$UID&gdpr=1&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=1

0
411 B

1867ms
13ms

Document
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host: simage2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KADUSERCOOKIE=F4EDE1E2-18B1-4F6D-8587-0208E74DE49A; chkChromeAb67Sec=1; DPSync3=1621987200%3A201_227_226_221; SyncRTB3=1622073600%3A35%7C1621641600%3A63%7C1621987200%3A161_8_22_71_166_55_13_21_3_231_165_99_204_56_88_220_234_230_176_54_7_81_189%7C1621382400%3A223_2_15_67%7C1623369600%3A203; KTPCACOOKIE=YES
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Wed, 12 May 2021 02:08:52 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-lat: amspug018:5:182
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Content-Encoding: gzip

Redirect headers

set-cookie: viewer_token=57ca61f4-8115-4c48-a8cc-a40876db7a3c; path=/; domain=csync.loopme.me; Expires=Sat, 12-Jun-2021 02:08:51 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=1
content-length: 0
date: Wed, 12 May 2021 02:08:51 GMT
server: _

GET
H2

200

RX-0f1f7a4a-cfb6-4fe4-bba8-0fd07882d060-003 Show response
sync.targeting.unrulymedia.com/csync/ Frame 5ABC
Redirect Chain

https://sync.1rx.io/usersync2/pubmatic&gdpr=1&gdpr_consent=
https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-0f1f7a4a-cfb6-4fe4-bba8-0fd07882d060-003&rndcb=4899893815
https://x.bidswitch.net/ul_cb/sync?ssp=adconductor&user_id=RX-0f1f7a4a-cfb6-4fe4-bba8-0fd07882d060-003&rndcb=4899893815
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=adconductor&bsw_custom_parameter=3d895cb7-9a6a-4e5e-a88e-62bb7c5096b9
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=adconductor&bsw_custom_parameter=3d895cb7-9a6a-4e5e-a88e-62bb7c5096b9
https://x.bidswitch.net/sync?dsp_id=4&user_id=c4c8dee9-1c18-42e7-8955-351738a65b63&ssp=adconductor&expires=30&user_group=5&bsw_param=3d895cb7-9a6a-4e5e-a88e-62bb7c5096b9
https://sync.1rx.io/usersync/bidswitch/3d895cb7-9a6a-4e5e-a88e-62bb7c5096b9?gdpr=&gdpr_consent=
https://sync.targeting.unrulymedia.com/csync/RX-0f1f7a4a-cfb6-4fe4-bba8-0fd07882d060-003

43 B
395 B

13ms
13ms

Document
image/gif

213.19.147.45
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.targeting.unrulymedia.com/csync/RX-0f1f7a4a-cfb6-4fe4-bba8-0fd07882d060-003
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.45 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Tengine /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

:method: GET
:authority: sync.targeting.unrulymedia.com
:scheme: https
:path: /csync/RX-0f1f7a4a-cfb6-4fe4-bba8-0fd07882d060-003
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: _rxuuid=%7B%22rx_uuid%22%3A%22RX-0f1f7a4a-cfb6-4fe4-bba8-0fd07882d060-003%22%7D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: Tengine
date: Wed, 12 May 2021 02:09:01 GMT
content-length: 43
set-cookie: _rxuuid=%7B%22rx_uuid%22%3A%22RX-0f1f7a4a-cfb6-4fe4-bba8-0fd07882d060-003%22%7D; path=/; expires=Thu, 12 May 2022 02:09:01 GMT; domain=.targeting.unrulymedia.com; samesite=none; secure; httponly
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

server: Tengine
date: Wed, 12 May 2021 02:09:01 GMT
content-type: text/html
cache-control: no-store, no-cache, must-revalidate
expires: 0
pragma: no-cache
location: https://sync.targeting.unrulymedia.com/csync/RX-0f1f7a4a-cfb6-4fe4-bba8-0fd07882d060-003

GET
H/1.1

200
OK

Cookie set Pug Show response
image2.pubmatic.com/AdServer/ Frame 3101
Redirect Chain

https://green.erne.co/pubmatic/cm?
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=o2PoCJt186xWBRaFSaUJWyqg

42 B
775 B

19ms
18ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=o2PoCJt186xWBRaFSaUJWyqg
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host: image2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KRTBCOOKIE_153=19420-rdgUY6jQTzW22xs3-tkAM_7bGDm22kxkrtFzfuvU&KRTB&22979-rdgUY6jQTzW22xs3-tkAM_7bGDm22kxkrtFzfuvU; PUBMDCID=3; KRTBCOOKIE_188=3189-no-consent; PugT=1620785338
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Wed, 12 May 2021 02:08:58 GMT
Content-Type: image/gif; charset=utf-8
Content-Length: 42
Connection: keep-alive
Set-Cookie: KRTBCOOKIE_409=22966-o2PoCJt186xWBRaFSaUJWyqg; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 11-Jun-2021 02:08:58 GMT; path=/ PugT=1620785338; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 11-Jun-2021 02:08:58 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 10-Aug-2021 02:08:58 GMT; path=/
X-lat: lhrpug016:0:398
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private

Redirect headers

server: openresty
date: Wed, 12 May 2021 02:08:58 GMT
content-length: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie: u=o2PoCJt186xWBRaFSaUJWyqg; Max-Age=63072000; Domain=.erne.co; Path=/; Secure; SameSite=None
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=o2PoCJt186xWBRaFSaUJWyqg
strict-transport-security: max-age=0; includeSubDomains;

GET
H2 200 dpe Show response
ad4m.at/ad/ Frame E5E9 42 B
992 B 122ms
20ms Document
image/gif 2606:4700:3039::6815:c025
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3039::6815:c025 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

date: Wed, 12 May 2021 02:08:51 GMT
content-type: image/gif
content-length: 42
report-to: {"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires: 0
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy: block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy: same-origin
pragma: no-cache
surrogate-control: no-store
x-fastcgi-cache: BYPASS
x-backend-server: adsrv-wmp3
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-request-id: 09ffee939000004ed3cdbf6000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 64e019ff48bd4ed3-FRA

GET
H2

200

i.match Show response
s.tribalfusion.com/z/ Frame 1D02
Redirect Chain

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...

43 B
726 B

613ms
169ms

Document
image/gif

2606:4700::6812:c05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

:method: GET
:authority: s.tribalfusion.com
:scheme: https
:path: /z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: ANON_ID=aQnoeUo0P8uCmTNa4gZcrgwW8ZagSFmx4bRLvPyvAi
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

date: Wed, 12 May 2021 02:08:51 GMT
content-type: image/gif; charset=utf-8
content-length: 43
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 302
cache-control: no-cache private
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
set-cookie: ANON_ID=aPnseFwZcF1eoXarpfrg5708bIlZaeZcTrmQ4vtUeVracPkZbGSg4ARF2eUuXNKncHA0jVTSM8R1ZddNHQpI5fDQT; path=/; domain=.tribalfusion.com; expires=Tue, 10-Aug-2021 02:08:51 GMT; SameSite=None; Secure; ANON_ID_old=aPnseFwZcF1eoXarpfrg5708bIlZaeZcTrmQ4vtUeVracPkZbGSg4ARF2eUuXNKncHA0jVTSM8R1ZddNHQpI5fDQT; path=/; domain=.tribalfusion.com; expires=Tue, 10-Aug-2021 02:08:51 GMT;
cf-cache-status: DYNAMIC
cf-request-id: 09ffee95a300004ece8e1f1000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 64e01a029f254ece-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date: Wed, 12 May 2021 02:08:51 GMT
content-type: text/html
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 206
x-reuse-index: 94
cache-control: no-cache private
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
set-cookie: ANON_ID=aQnoeUo0P8uCmTNa4gZcrgwW8ZagSFmx4bRLvPyvAi; path=/; domain=.tribalfusion.com; expires=Tue, 10-Aug-2021 02:08:51 GMT; SameSite=None; Secure; ANON_ID_old=aQnoeUo0P8uCmTNa4gZcrgwW8ZagSFmx4bRLvPyvAi; path=/; domain=.tribalfusion.com; expires=Tue, 10-Aug-2021 02:08:51 GMT;
location: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
cf-cache-status: DYNAMIC
cf-request-id: 09ffee933b00004e803404f000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 64e019fecde54e80-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET rtset
bh.contextweb.com/bh/ Frame 1FCF 0
0

GET 141
match.deepintent.com/usersync/ Frame 3E08 0
0

GET
H/1.1 200
OK Cookie set merge Show response
ce.lijit.com/ Frame E3FA 43 B
3 KB 1075ms
15ms Document
image/gif 216.52.2.30
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ce.lijit.com/merge?pid=71&3pid=F4EDE1E2-18B1-4F6D-8587-0208E74DE49A
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Host: ce.lijit.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: _ljtrtb_10=1871878969969599729; ljtrtbexp=eJxlkDsSgDAIRO%2BS2iIQfuvVHO%2FumLFhLR%2BEx5JryDgldFZKah1DNwpgeDGi8%2BqY0lkm9b%2FxhSm7T3oA%2BasUOSlC0Y6iTGXETkw%2B5XlKpPH9kJZvzn7TIp%2BRz9DZ6b23e%2B8HkTBPpw%3D%3D; ljtrtb=eJyrrgUAAXUA%2BQ%3D%3D; ljt_reader=dfcd2b4a1a4d93e58baf189a; _ljtrtb_16=no-consent; _ljtrtb_87=a45e64a1-6c06-4f84-946e-49fdc5a36121; _ljtrtb_56=OPTOUT; _ljtrtb_86=dNJNV81d9pAn6RTC9QDk; _ljtrtb_85=AAHc0U7BNnEAACtmSG3f2A; _ljtrtb_84=c:2924306c0d996554e309867824bbf26b; _ljtrtb_36=e_227d0bdb-5a1e-45f9-8ecd-e3c2f1bef11a; _ljtrtb_3=93ce609b-38b1-4500-97af-85b0a122fbe3; _ljtrtb_76=833d5157-34c2-00f4-156e-8b44b1991e19
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Wed, 12 May 2021 02:08:52 GMT
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT
Set-Cookie: _ljtrtb_36=e_227d0bdb-5a1e-45f9-8ecd-e3c2f1bef11a;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None _ljtrtb_16=no-consent;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None _ljtrtb_84=c:2924306c0d996554e309867824bbf26b;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None _ljtrtb_3=93ce609b-38b1-4500-97af-85b0a122fbe3;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None _ljtrtb_85=AAHc0U7BNnEAACtmSG3f2A;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None _ljtrtb_86=dNJNV81d9pAn6RTC9QDk;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None _ljtrtb_10=1871878969969599729;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None _ljtrtb_87=a45e64a1-6c06-4f84-946e-49fdc5a36121;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None _ljtrtb_76=833d5157-34c2-00f4-156e-8b44b1991e19;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None _ljtrtb_56=OPTOUT;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None ljtrtb=eJwVjstOQzEMRP%2FlrrEUO3YSd3cpCMSi5dGyRXluELdIdIf4dxzJG88ce%2BZ3kbDsluPz6Xg%2BLTeLt0V97cFpAZ8KAotzoDEPSFJcRqJRup%2FoPOwfRLG50gpIxm70UEi9Nui%2B0sDSB2I2Gie9XaBetp%2B%2BXU1JbErdkRJ7F6prqkGEu3eaQkzEpQwKZZJi5Lo%2BVneOt4ftfl3316%2B3Bz9one783A5Ph%2FeETb%2FXLbye9vpy9zm9aF5m6YEzgoUE4JEYlIN11dGqZB%2BQcDZ0xmKKNkmDlVFRjaRmxRmRvG%2BCEsFzJXBuMKDYm1SYC6piR13%2B%2FgH7OlMS;Path=/;Domain=.lijit.com;Expires=Thu, 12-May-2022 02:08:52 GMT;Max-Age=31536000;Secure;SameSite=None _ljtrtb_71=F4EDE1E2-18B1-4F6D-8587-0208E74DE49A;Path=/;Domain=.lijit.com;Expires=Thu, 12-May-2022 02:08:52 GMT;Max-Age=31536000;Secure;SameSite=None ljtrtbexp=eJxlkDsSgDAIRO%2BS2iIQfuvVHO%2FumLFhLR%2BEx5JryDgldFZKah1DNwpgeDGi8%2BqY0lkm9b%2FxhSm7T3oA%2BasUOSlC0Y6iTGXETkw%2B5XlKpPH9kJZvzn7TIp%2BRz9DZ6b23e%2B8HkTBPpw%3D%3D;Path=/;Domain=.lijit.com;Expires=Thu, 12-May-2022 02:08:52 GMT;Max-Age=31536000;Secure;SameSite=None ljt_reader=dfcd2b4a1a4d93e58baf189a;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
X-Powered-By: raptor
X-Sovrn-Pod: ad_ap6ams1

GET pixel
cm.g.doubleclick.net/ Frame 50B0 0
0

GET
H2 200 mw
mwzeom.zeotap.com/ Frame 50B0 95 B
490 B 688ms
42ms Image
image/png 2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=1&gdpr_consent=&cid=F4EDE1E2-18B1-4F6D-8587-0208E74DE49A
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:51 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 64e01a02bd694e50-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 09ffee95b200004e506e939000000001

GET info
uipglob.semasio.net/pubmatic/1/ Frame 50B0 0
0

GET
H/1.1

200
OK

Artemis
aud.pubmatic.com/AdServer/ Frame 50B0
Redirect Chain

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=F4EDE1E2-18B1-4F6D-8587-0208E74DE49A&gdpr=
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=F4EDE1E2-18B1-4F6D-8587-0208E74DE49A&gdpr=&fbounce=1
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=F4EDE1E2-18B1-4F6D-8587-0208E74DE49A&addseg=11,34,40

7 B
123 B

94ms
21ms

Image
text/plain

185.64.190.87
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=F4EDE1E2-18B1-4F6D-8587-0208E74DE49A&addseg=11,34,40
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.87 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 02:08:55 GMT
Content-Length: 7
Content-Type: text/plain; charset=utf-8

Redirect headers

date: Wed, 12 May 2021 02:08:55 GMT
via: 1.1 google
p3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=F4EDE1E2-18B1-4F6D-8587-0208E74DE49A&addseg=11,34,40
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: text/html; charset=utf-8
alt-svc: clear
content-length: 141

GET pixel
cm.g.doubleclick.net/ Frame 50B0 0
0

GET
H2 200 pubmatic
um.simpli.fi/ Frame 50B0 43 B
609 B 3857ms
17ms Image
image/gif 159.253.128.183
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=1&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:54 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Tue, 11 May 2021 02:08:54 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 50B0 70 B
264 B 1055ms
31ms Image
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:52 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 403 match
c1.adform.net/serving/cookie/ Frame 50B0 0
331 B 617ms
21ms Image
text/plain 37.157.6.241
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=1&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:51 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET img
sync.mathtag.com/sync/ Frame 50B0 0
0

GET getuid
ib.adnxs.com/ Frame 50B0 0
0

GET
H2 200 F4EDE1E2-18B1-4F6D-8587-0208E74DE49A
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 50B0 43 B
838 B 270ms
32ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/F4EDE1E2-18B1-4F6D-8587-0208E74DE49A?gdpr=1&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:51 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content sync
ups.analytics.yahoo.com/ups/58292/ Frame 50B0 0
234 B 327ms
9ms Image
text/plain 3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=F4EDE1E2-18B1-4F6D-8587-0208E74DE49A&redir=true&gdpr=1&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS/7.1.2.128 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 02:08:52 GMT
Server: ATS/7.1.2.128
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 sync
x.bidswitch.net/ Frame 50B0 43 B
145 B 900ms
9ms Image
image/gif 52.57.47.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=1&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.47.211 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-47-211.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:52 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame 50B0
Redirect Chain

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=1&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?gdpr=1&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=rdgUY6jQTzW22xs3-tkAM_7bGDm22kxkrtFzfuvU

42 B
843 B

3583ms
19ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?gdpr=1&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=rdgUY6jQTzW22xs3-tkAM_7bGDm22kxkrtFzfuvU
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 02:08:55 GMT
X-lat: lhrpug005:0:474
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:52 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://image2.pubmatic.com/AdServer/Pug?gdpr=1&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=rdgUY6jQTzW22xs3-tkAM_7bGDm22kxkrtFzfuvU
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 50B0
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=1&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2471532957141241981&gdpr=1&gdpr_consent=&us_privacy=

1 B
727 B

103ms
13ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2471532957141241981&gdpr=1&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 02:08:51 GMT
X-lat: amspug015:0:431
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 1

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2471532957141241981&gdpr=1&gdpr_consent=&us_privacy=
pragma: no-cache
date: Wed, 12 May 2021 02:08:52 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 50B0
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YJs4swAA7-KfFwA4&gdpr=1&gdpr_consent=

1 B
809 B

55ms
13ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YJs4swAA7-KfFwA4&gdpr=1&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 02:08:52 GMT
X-lat: amspug017:0:384
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 1

Redirect headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:53 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1620785333.964865,VS0,VE89
x-served-by: cache-fra19125-FRA
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YJs4swAA7-KfFwA4&gdpr=1&gdpr_consent=
cache-control: no-cache
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
x-cache-hits: 0

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 50B0
Redirect Chain

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=1&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:461ac1b7-6180-4f10-a969-4bdf33ae896b&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

42 B
505 B

39ms
13ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:461ac1b7-6180-4f10-a969-4bdf33ae896b&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 02:09:00 GMT
X-lat: amspug008:0:356
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:461ac1b7-6180-4f10-a969-4bdf33ae896b&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date: Wed, 12 May 2021 02:09:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H2 204 current
pubmatic-match.dotomi.com/match/bounce/ Frame 50B0 0
104 B 262ms
64ms Image
text/plain 2a02:fa8:8806:16::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=F4EDE1E2-18B1-4F6D-8587-0208E74DE49A&gdpr=1&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:16::1400 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:55 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame 50B0
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=1&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=

42 B
760 B

55ms
19ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 02:08:58 GMT
X-lat: lhrpug006:0:412
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:58 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 50B0
Redirect Chain

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA%3D%26piggybackCookie%3D%24UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5435704286177591948

42 B
505 B

13ms
13ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5435704286177591948
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 02:09:01 GMT
X-lat: amspug003:0:303
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

Pragma: no-cache
Date: Wed, 12 May 2021 02:09:02 GMT
X-Proxy-Origin: 159.48.53.198; 159.48.53.198; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.136:80
AN-X-Request-Uuid: 8e90b9fd-51ca-4b8e-9d39-631b523ed40b
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5435704286177591948
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 50B0
Redirect Chain

https://rtb.gumgum.com/getuid/d1ba4609?gdpr=1&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_4b15469e-3b9f-4430-b79b-ead79b83ca19

42 B
790 B

1133ms
13ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_4b15469e-3b9f-4430-b79b-ead79b83ca19
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 02:08:51 GMT
X-lat: amspug019:0:405
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_4b15469e-3b9f-4430-b79b-ead79b83ca19
date: Wed, 12 May 2021 02:08:51 GMT
p3p: CP="This is not a P3P policy"
server: nginx
timing-allow-origin: *
content-length: 0
content-language: en-US

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame 5004 0
119 B 2149ms
10ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=120&adFormat=2&adslotId=&siteId=94859637&bannerId=146056&e=3&p=YJs4rgAEJ38K4DYSAAdTFcRAC8iMWRdRf38m4A&penc=&bp=38462&a=609b38ae-0004-d37e-0a77-8b197d07aa5e&n=1&geo=412122&rawURL=https%3A%2F%2Fpastebin.com%2FFMmQ5FdC&rawReferrerURL=&uid=ff60c67f-6142-4e7a-bd36-bbce98a85107&euid=&encn=N4IgXglgDiBcIgDQgMYHsCuA7ALgJwE84QARAUSRAEMc4BGZAGywHM4BOAOjoA4BmPshQQcReJQDOOGgFNiAISoATGVgC0AdQA-eHDhkBbAEYy8bJjTgAWHpwDsANgd2AvkA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCU9iKrjibYP_OEJLsgAeVpp3AA-b-o_dcjsqU12nAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItOTAzNTA4Nzc5MjY5Mjc3NcgBCakCNPy-p7hhtD7gAgCoAwGqBO4BT9Aj_FO6rx--Wd6-wKVk_QHgWb6qNw-m3Y9iZ7EA04uVwt27R-QzLbxpB63MD2RPYTc-k04BAwIPfbNRmXqu7W1KZlUkZ_zYMDQc8DMqxfp4TaXeULl01CtI7bRjz7c5lgYUgDwgIe2GKva8zgpqu0-mTd53Ntzf7HhxtZPmiJUlwBJovEv9CJu7gCWuK6Cx7-fCVe9_luJ4SriHZaTH14pONzplNukyVklZJWA73sEQqc1iZ3AEKCKtitMUlsp48arXv7gY_7OGDGQL59qa1ucBIlft9RKeLv060gwO8xCUuLBIltU5hl0aJCVP_uAEAYAG17OK4pyg7Y0RoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YBQEAHyCBthZHgtc3Vic3luLTc5MDQ5MDE4Njk5Nzc3NjX6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3lzqnVtqCuWcGpLDYdHBKEWxCwoA%26client%3Dca-pub-9035087792692775%26adurl%3D&gdpr=1&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Wed, 12 May 2021 02:08:53 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame EB36 0
119 B 2074ms
9ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=90&adWidth=728&adFormat=4&adslotId=&siteId=94859637&bannerId=146072&e=3&p=YJs4rgAFR94K3rqFAAav9FkYZQcYFJ5HEd1p1w&penc=&bp=38462&a=609b38ae-0005-e22b-0ae0-25ca59038aa8&n=1&geo=412122&rawURL=https%3A%2F%2Fpastebin.com%2FFMmQ5FdC&rawReferrerURL=&uid=ff60c67f-6142-4e7a-bd36-bbce98a85107&euid=&encn=N4IgXglgDiBcIgDQgMYHsCuA7ALgJwE84QARAUSRAEMc4BGZAGywHM4BOAOjoA4BmPshQQcReJQDOOGgFNiAISoATGVgC0AdQA-eHDhkBbAEYy8bJjTgAWHpwDsANgd2AvkA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJUROrjibYN6PFYX1-gb035qYD-b-o_dc7ousiF_AjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItOTAzNTA4Nzc5MjY5Mjc3NcgBCakCKsu9ywlitD7gAgCoAwGqBO4BT9ADU5AzNthOvMw2Es3jpsFQD0-wJZtsjm-Qk_Kunn48mjdnagmYB7DCC7Vcm9E79n2hk7NzlwRLyesKzpaMt6GcYZnkVgVPknUl7_EvIza6oPlPs1IrjmoSAvDWvqEfHC1oPsQEwFNGrsKUvUVHEIUnwPI7SwV5wBA7YbNm46prx-jTXVb2WL_cOlnns4jLFEVQx14uACX1tC_tNSVZmcbf7jKFjYB_zrN8HoVnrT4IvXvDWviaOdShhhHHBfaSDSG8S9V6zAiShG2C9kKspybNESyWCyCMyKV21LsOfpz4Gmi6Ce59ow_AjHR7_-AEAYAGnPah-N7y5czxAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIiOGAEBAB8ggbYWR4LXN1YnN5bi03OTA0OTAxODY5OTc3NzY1-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_021CBPoQadwF5MZZcOsjeb7Vf6jQ%26client%3Dca-pub-9035087792692775%26adurl%3D&gdpr=1&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Wed, 12 May 2021 02:08:53 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9FBC 42 B
501 B 541ms
39ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuGMxuUO8VgcZJWFyLMMk0nngaRwmwnF3D3JdwMJCTpfxq0oGQyoUtJeDZnJ4xCjtCsMk2vdra68dRmK1CE--8DoIJGcZdA&sig=Cg0ArKJSzLB2l2jeYoRcEAE&cid=CAASF-RoScWrf3NaaWRIGGbFTO7dpWzmGUIQ&id=lidar2&mcvt=1001&p=600,0,1200,160&mtos=853,1001,1001,1001,1001&tos=853,148,0,0,0&v=20210510&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2821627711&rs=4&met=ie&la=0&cr=0&osd=1&vs=4&rst=1620785329889&dlt=110&rpt=1&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://18f34aadf5b5bb994b05cb8f6a4026b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 02:08:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame 5004 0
119 B 1650ms
9ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=120&adFormat=2&adslotId=&siteId=94859637&bannerId=146056&e=3&p=YJs4rgAEJ38K4DYSAAdTFcRAC8iMWRdRf38m4A&penc=&bp=38462&a=609b38ae-0004-d37e-0a77-8b197d07aa5e&n=1&geo=412122&rawURL=https%3A%2F%2Fpastebin.com%2FFMmQ5FdC&rawReferrerURL=&uid=ff60c67f-6142-4e7a-bd36-bbce98a85107&euid=&encn=N4IgXglgDiBcIgDQgMYHsCuA7ALgJwE84QARAUSRAEMc4BGZAGywHM4BOAOjoA4BmPshQQcReJQDOOGgFNiAISoATGVgC0AdQA-eHDhkBbAEYy8bJjTgAWHpwDsANgd2AvkA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCU9iKrjibYP_OEJLsgAeVpp3AA-b-o_dcjsqU12nAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItOTAzNTA4Nzc5MjY5Mjc3NcgBCakCNPy-p7hhtD7gAgCoAwGqBO4BT9Aj_FO6rx--Wd6-wKVk_QHgWb6qNw-m3Y9iZ7EA04uVwt27R-QzLbxpB63MD2RPYTc-k04BAwIPfbNRmXqu7W1KZlUkZ_zYMDQc8DMqxfp4TaXeULl01CtI7bRjz7c5lgYUgDwgIe2GKva8zgpqu0-mTd53Ntzf7HhxtZPmiJUlwBJovEv9CJu7gCWuK6Cx7-fCVe9_luJ4SriHZaTH14pONzplNukyVklZJWA73sEQqc1iZ3AEKCKtitMUlsp48arXv7gY_7OGDGQL59qa1ucBIlft9RKeLv060gwO8xCUuLBIltU5hl0aJCVP_uAEAYAG17OK4pyg7Y0RoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YBQEAHyCBthZHgtc3Vic3luLTc5MDQ5MDE4Njk5Nzc3NjX6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3lzqnVtqCuWcGpLDYdHBKEWxCwoA%26client%3Dca-pub-9035087792692775%26adurl%3D&gdpr=1&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Wed, 12 May 2021 02:08:53 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

GET
H2 204 g_pbto
1x1.a-mo.net/hbx/ 0
89 B 4111ms
98ms Image
text/plain 18.232.220.108
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1x1.a-mo.net/hbx/g_pbto?A=undefined&bid=undefined&a=undefined&cn=undefined&aud=undefined&ts=1620785331596&eid=1865daa563621864
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.232.220.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-232-220-108.compute-1.amazonaws.com
Software: MonetEngine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:55 GMT
cache-control: max-age=0, private, must-revalidate
server: MonetEngine

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame EB36 0
119 B 1578ms
9ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=90&adWidth=728&adFormat=4&adslotId=&siteId=94859637&bannerId=146072&e=3&p=YJs4rgAFR94K3rqFAAav9FkYZQcYFJ5HEd1p1w&penc=&bp=38462&a=609b38ae-0005-e22b-0ae0-25ca59038aa8&n=1&geo=412122&rawURL=https%3A%2F%2Fpastebin.com%2FFMmQ5FdC&rawReferrerURL=&uid=ff60c67f-6142-4e7a-bd36-bbce98a85107&euid=&encn=N4IgXglgDiBcIgDQgMYHsCuA7ALgJwE84QARAUSRAEMc4BGZAGywHM4BOAOjoA4BmPshQQcReJQDOOGgFNiAISoATGVgC0AdQA-eHDhkBbAEYy8bJjTgAWHpwDsANgd2AvkA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJUROrjibYN6PFYX1-gb035qYD-b-o_dc7ousiF_AjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItOTAzNTA4Nzc5MjY5Mjc3NcgBCakCKsu9ywlitD7gAgCoAwGqBO4BT9ADU5AzNthOvMw2Es3jpsFQD0-wJZtsjm-Qk_Kunn48mjdnagmYB7DCC7Vcm9E79n2hk7NzlwRLyesKzpaMt6GcYZnkVgVPknUl7_EvIza6oPlPs1IrjmoSAvDWvqEfHC1oPsQEwFNGrsKUvUVHEIUnwPI7SwV5wBA7YbNm46prx-jTXVb2WL_cOlnns4jLFEVQx14uACX1tC_tNSVZmcbf7jKFjYB_zrN8HoVnrT4IvXvDWviaOdShhhHHBfaSDSG8S9V6zAiShG2C9kKspybNESyWCyCMyKV21LsOfpz4Gmi6Ce59ow_AjHR7_-AEAYAGnPah-N7y5czxAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIiOGAEBAB8ggbYWR4LXN1YnN5bi03OTA0OTAxODY5OTc3NzY1-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_021CBPoQadwF5MZZcOsjeb7Vf6jQ%26client%3Dca-pub-9035087792692775%26adurl%3D&gdpr=1&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Wed, 12 May 2021 02:08:53 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

GET showad.js
ads.pubmatic.com/AdServer/js/ Frame EC3B 0
0

GET showad.js
ads.pubmatic.com/AdServer/js/ Frame 6E82 0
0

GET showad.js
ads.pubmatic.com/AdServer/js/ Frame DA13 0
0

GET
H/1.1 200
OK SPug Show response
simage4.pubmatic.com/AdServer/ Frame 50B0 0
297 B 56ms
13ms Script
text/plain 185.64.189.114
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=156212&gdpr=1&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 02:08:54 GMT
Cache-Control: no-store, no-cache, private
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK ads_view.js Show response
cdn.rvty.net/view/ Frame C536 3 KB
4 KB 3060ms
10ms Script
application/javascript 89.163.211.242
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rvty.net/view/ads_view.js
Requested by: Host: brain.rvty.net
URL: https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=94859637&bannerId=146060&e=3&p=YJs4sQAJEF4Ke4WYAAJxLUjnOX2KUtSRZ5LiZg&penc=&bp=38462&a=609b38b1-0009-ce5c-0ae0-338379011f85&n=1&geo=412122&rawURL=https%3A%2F%2Fpastebin.com%2FFMmQ5FdC&rawReferrerURL=&uid=4aba4bda-0a13-44b7-bb1e-ac05604d65ed&euid=CAESEGMj64v031Bt0oo0R_6b3qI&encn=N4IgXglgDiBcIgDQgMYHsCuA7ALgJwE84QARAUSRAEMc4BGZAGywHM4BOAOjoA4BmPshQQcReJQDOOGgFNiAISoATGVgC0AdQA-eHDhkBbAEYy8bJjTgAWHpwDsANgd2AvkA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIedJsTibYN6gJJiL7gOt4onIBeb-o_dc7s2U12nAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItOTAzNTA4Nzc5MjY5Mjc3NcgBCakCKsu9ywlitD7gAgCoAwGqBIACT9BhcK85DKNHSWA0lpxN-udx7tQwgqbRRiAzhTtybhAKqcnQVedAnY0pcIWXldI7zYwGq7B_W-KpDTYZQLZNzigugTVZNe6QdvcV96GelsKXvTSZe5w1UMrbjvjFZWB7D_jOa_K1iU1zXfdX_kmhZP-8J2xLF-LvH2CvNedwr2oo22CiwIHnJTi10b-iFiLHdKcA-CYLgLDGGXncRfqdNK8pER_lNa_864w1lV4G5T7wqroWAw-HCEQvOfFt-4qtpbonLrsqtiSyiCUNIfn3KMSr_VOfCxh-Zel0CbpmUf4DHjYMQA-FyCuqvQjdK6T8hTsr_iWqP8TlqvWskGF--OAEAYAGjs2xk9b3yuRJoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTc5MDQ5MDE4Njk5Nzc3NjX6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1zoaOZEDT6gMwa9vaq8FmJSovGaQ%26client%3Dca-pub-9035087792692775%26adurl%3D&gdpr=1&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.242 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: 00bb2f69ab06efff6555f6ccae10902e87bb6aea861e83de082a45a07e525054

Request headers

Referer: https://brain.rvty.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 02:08:56 GMT
Last-Modified: Fri, 20 Dec 2019 09:27:25 GMT
Server: nginx/1.13.4
ETag: "5dfc93fd-d40"
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3392

GET
H2

200

ROS Show response
ads.us.e-planning.net/hb/1/2c995/1/pastebin.com/
Redirect Chain

https://ads.us.e-planning.net/hb/1/2c995/1/pastebin.com/ROS?rnd=0.36434071773842525&e=160x600_0%3A160x600%2C120x600&ur=https%3A%2F%2Fpastebin.com%2FFMmQ5FdC&r=pbjs&pbv=4.36.0&ncb=1&vs=F&crs=UTF-8&f...
https://ads.us.e-planning.net/hb/1/2c995/1/pastebin.com/ROS?ct=1&rnd=0.36434071773842525&e=160x600_0%3A160x600%2C120x600&ur=https%3A%2F%2Fpastebin.com%2FFMmQ5FdC&r=pbjs&pbv=4.36.0&ncb=1&vs=F&crs=UT...

552 B
966 B

1144ms
23ms

XHR
application/json

5.178.65.246
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.us.e-planning.net/hb/1/2c995/1/pastebin.com/ROS?ct=1&rnd=0.36434071773842525&e=160x600_0%3A160x600%2C120x600&ur=https%3A%2F%2Fpastebin.com%2FFMmQ5FdC&r=pbjs&pbv=4.36.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fpastebin.com%2FFMmQ5FdC&gdpr=1&gdprcs=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.178.65.246 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: 65bb97d0658313ed692da84b158faced5857b2318d5fc1235fa2d1120828c8c1

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:54 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://pastebin.com
expires: Wed, 12 May 2021 02:08:54 GMT
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 552
x-sid: AMS-602

Redirect headers

date: Wed, 12 May 2021 02:08:53 GMT
server: openresty
access-control-allow-origin: https://pastebin.com
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location: /hb/1/2c995/1/pastebin.com/ROS?ct=1&rnd=0.36434071773842525&e=160x600_0%3A160x600%2C120x600&ur=https%3A%2F%2Fpastebin.com%2FFMmQ5FdC&r=pbjs&pbv=4.36.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fpastebin.com%2FFMmQ5FdC&gdpr=1&gdprcs=
access-control-allow-credentials: true
content-type: text/html; charset=iso-8859-1
x-sid: AMS-602

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ 96 B
732 B 1207ms
38ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%221908c513a4c6e847%22%3A%22d398e3afd25fd75bf33c%7C160x600%2C120x600%7Cf%3D0.01%22%7D&ref=https%3A%2F%2Fpastebin.com%2FFMmQ5FdC&s=dbd01b8f-df11-4d7b-9f8d-536e6a8bcc95&pv=f252d050-b2f2-41ec-8c2f-5996028d051e&vp=desktop&lib_name=prebid&lib_v=4.36.0&us=0&ius=1&gdpr=true&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22interdogmedia.com%22%2C%22sid%22%3A%224734%22%2C%22hp%22%3A1%7D%5D%7D

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

Software

sonobi-go /

Resource Hash

675b4ab0b6d8c759b112de66d4d17636acd4b0e0812f48d493cfbd3bf0bbd07e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 02:08:54 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-132
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://pastebin.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 121
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST c
prebid.a-mo.net/a/ 0
0

POST
H2 204 quantumdex Show response
useast.quantumdex.io/auction/ 0
624 B 728ms
284ms XHR
text/plain 2606:4700:20::ac43:47f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://useast.quantumdex.io/auction/quantumdex
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 12 May 2021 02:08:54 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST, GET
access-control-allow-origin: https://pastebin.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=YManrokPw7peBI2uMr1X9RFFxpJHZ7uQnQsRKih77H3ew2kRP9hZRgvcFQ7bBPMHtBTQ0Cpbd0f0uLIUQUE9OXc1%2B%2BoljTalXdCxH%2FUu86onvitmyK2aHVDKurC8tDb%2BDA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 64e01a10981ac2b8-FRA
cf-request-id: 09ffee9e5d0000c2b87e2fc000000001

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
174 B 251ms
15ms XHR
text/plain 185.184.8.30
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.30 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://pastebin.com
date: Wed, 12 May 2021 02:08:53 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
744 B 156ms
13ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96957d01727298b51a9a3aed860067&pos=8a96957d01727298b51a9a3ee5990072&cmd=bid&secure=1&gdpr=1
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.128 /
Resource Hash: 9a57719b78d5eab8eab465a9c817ba245a960e9ed4ad08d0d0bff3f2b2849e9f

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 12 May 2021 02:08:53 GMT
Server: ATS/7.1.2.128
Age: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://pastebin.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 140 B
835 B 1197ms
8ms XHR
application/json 37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

5213e5f0a9e8bb9f4e8aa5914ad65244fea696351fd5927aa4437a105389ae31

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 02:08:54 GMT
X-Proxy-Origin: 159.48.53.198; 159.48.53.198; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.238:80
AN-X-Request-Uuid: aea8a8ac-0aab-44e1-a185-0e44b6921507
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://pastebin.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 140
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 146 B
841 B 1209ms
12ms XHR
application/json 37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

388ac3ebd19381907e54cab15f90c17ff3eda13258cba9be7649d1862cf1061f

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 02:08:54 GMT
X-Proxy-Origin: 159.48.53.198; 159.48.53.198; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.249:80
AN-X-Request-Uuid: 3cdc6914-5f1b-4638-ad6f-60f3809f261d
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://pastebin.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 146
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 95 B
3 KB 1198ms
34ms XHR
application/json 72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.36.0
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: 41e4d5ec177ee3c5d8f8236ae0d1d761b4a8d54ca12fe41ce9fe144bd62debfa

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 12 May 2021 02:08:54 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://pastebin.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 98

POST
H2 200 adreq Show response
ads.servenobid.com/ 301 B
542 B 206ms
80ms XHR
application/json 52.48.100.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servenobid.com/adreq?cb=6887
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.100.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-100-152.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 3bf2cdef54772b1204773e9534ce2ba2cfd29a55f65e10587a590bed98b5ca17

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 12 May 2021 02:08:53 GMT
content-encoding: gzip
amp-access-control-allow-source-origin: *
vary: accept-encoding
content-type: application/json
access-control-allow-origin: https://pastebin.com
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
access-control-allow-credentials: true

POST prebid
prebid.ad.smaato.net/oapi/ 0
0

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
368 B 8116ms
65ms XHR
text/javascript 65.9.95.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fpastebin.com%2FFMmQ5FdC&pr=https%3A%2F%2Ft.co%2F&pid=jVLFtIbQ28tvR&cb=5&ws=1600x1200&v=7.64.00&t=2000&slots=%5B%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22Amazon%22%7D%5D&cfgv=0&schain=1.0%2C1!interdogmedia.com%2C4734%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 111041158b9290ae7cc0c6da69d7c4f5600e8a73b4c7399d675df7f15ba7b063

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:09:01 GMT
via: 1.1 97101640da3dcba7a2d4a3d67a31b115.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: PRG50-C1
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://pastebin.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: XqQAD3ctVeOkIH9zhE2SdAv6eP2wpwXlIx3yIxN5bwtS3BsaXbPzLg==

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame 5004 0
119 B 3044ms
9ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=120&adFormat=2&adslotId=&siteId=94859637&bannerId=146056&e=3&p=YJs4rgAEJ38K4DYSAAdTFcRAC8iMWRdRf38m4A&penc=&bp=38462&a=609b38ae-0004-d37e-0a77-8b197d07aa5e&n=1&geo=412122&rawURL=https%3A%2F%2Fpastebin.com%2FFMmQ5FdC&rawReferrerURL=&uid=ff60c67f-6142-4e7a-bd36-bbce98a85107&euid=&encn=N4IgXglgDiBcIgDQgMYHsCuA7ALgJwE84QARAUSRAEMc4BGZAGywHM4BOAOjoA4BmPshQQcReJQDOOGgFNiAISoATGVgC0AdQA-eHDhkBbAEYy8bJjTgAWHpwDsANgd2AvkA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCU9iKrjibYP_OEJLsgAeVpp3AA-b-o_dcjsqU12nAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItOTAzNTA4Nzc5MjY5Mjc3NcgBCakCNPy-p7hhtD7gAgCoAwGqBO4BT9Aj_FO6rx--Wd6-wKVk_QHgWb6qNw-m3Y9iZ7EA04uVwt27R-QzLbxpB63MD2RPYTc-k04BAwIPfbNRmXqu7W1KZlUkZ_zYMDQc8DMqxfp4TaXeULl01CtI7bRjz7c5lgYUgDwgIe2GKva8zgpqu0-mTd53Ntzf7HhxtZPmiJUlwBJovEv9CJu7gCWuK6Cx7-fCVe9_luJ4SriHZaTH14pONzplNukyVklZJWA73sEQqc1iZ3AEKCKtitMUlsp48arXv7gY_7OGDGQL59qa1ucBIlft9RKeLv060gwO8xCUuLBIltU5hl0aJCVP_uAEAYAG17OK4pyg7Y0RoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YBQEAHyCBthZHgtc3Vic3luLTc5MDQ5MDE4Njk5Nzc3NjX6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3lzqnVtqCuWcGpLDYdHBKEWxCwoA%26client%3Dca-pub-9035087792692775%26adurl%3D&gdpr=1&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Wed, 12 May 2021 02:08:57 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame EB36 0
119 B 2970ms
9ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=90&adWidth=728&adFormat=4&adslotId=&siteId=94859637&bannerId=146072&e=3&p=YJs4rgAFR94K3rqFAAav9FkYZQcYFJ5HEd1p1w&penc=&bp=38462&a=609b38ae-0005-e22b-0ae0-25ca59038aa8&n=1&geo=412122&rawURL=https%3A%2F%2Fpastebin.com%2FFMmQ5FdC&rawReferrerURL=&uid=ff60c67f-6142-4e7a-bd36-bbce98a85107&euid=&encn=N4IgXglgDiBcIgDQgMYHsCuA7ALgJwE84QARAUSRAEMc4BGZAGywHM4BOAOjoA4BmPshQQcReJQDOOGgFNiAISoATGVgC0AdQA-eHDhkBbAEYy8bJjTgAWHpwDsANgd2AvkA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJUROrjibYN6PFYX1-gb035qYD-b-o_dc7ousiF_AjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItOTAzNTA4Nzc5MjY5Mjc3NcgBCakCKsu9ywlitD7gAgCoAwGqBO4BT9ADU5AzNthOvMw2Es3jpsFQD0-wJZtsjm-Qk_Kunn48mjdnagmYB7DCC7Vcm9E79n2hk7NzlwRLyesKzpaMt6GcYZnkVgVPknUl7_EvIza6oPlPs1IrjmoSAvDWvqEfHC1oPsQEwFNGrsKUvUVHEIUnwPI7SwV5wBA7YbNm46prx-jTXVb2WL_cOlnns4jLFEVQx14uACX1tC_tNSVZmcbf7jKFjYB_zrN8HoVnrT4IvXvDWviaOdShhhHHBfaSDSG8S9V6zAiShG2C9kKspybNESyWCyCMyKV21LsOfpz4Gmi6Ce59ow_AjHR7_-AEAYAGnPah-N7y5czxAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIiOGAEBAB8ggbYWR4LXN1YnN5bi03OTA0OTAxODY5OTc3NzY1-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_021CBPoQadwF5MZZcOsjeb7Vf6jQ%26client%3Dca-pub-9035087792692775%26adurl%3D&gdpr=1&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Wed, 12 May 2021 02:08:57 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

GET
H2 204 g_pbto
1x1.a-mo.net/hbx/ 0
88 B 299ms
99ms Image
text/plain 18.232.220.108
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1x1.a-mo.net/hbx/g_pbto?A=undefined&bid=undefined&a=undefined&cn=undefined&aud=undefined&ts=1620785335409&eid=210cb1527a54fdc
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.232.220.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-232-220-108.compute-1.amazonaws.com
Software: MonetEngine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:08:55 GMT
cache-control: max-age=0, private, must-revalidate
server: MonetEngine

GET
H/1.1 200
OK 4sxtd47yng2k Show response
ad.ad-srv.net/zone/ Frame C536 11 KB
4 KB 535ms
12ms Script
text/html 46.4.10.47
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.ad-srv.net/zone/4sxtd47yng2k?subid=&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&redirectClick=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCIedJsTibYN6gJJiL7gOt4onIBeb-o_dc7s2U12nAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItOTAzNTA4Nzc5MjY5Mjc3NcgBCakCKsu9ywlitD7gAgCoAwGqBIACT9BhcK85DKNHSWA0lpxN-udx7tQwgqbRRiAzhTtybhAKqcnQVedAnY0pcIWXldI7zYwGq7B_W-KpDTYZQLZNzigugTVZNe6QdvcV96GelsKXvTSZe5w1UMrbjvjFZWB7D_jOa_K1iU1zXfdX_kmhZP-8J2xLF-LvH2CvNedwr2oo22CiwIHnJTi10b-iFiLHdKcA-CYLgLDGGXncRfqdNK8pER_lNa_864w1lV4G5T7wqroWAw-HCEQvOfFt-4qtpbonLrsqtiSyiCUNIfn3KMSr_VOfCxh-Zel0CbpmUf4DHjYMQA-FyCuqvQjdK6T8hTsr_iWqP8TlqvWskGF--OAEAYAGjs2xk9b3yuRJoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTc5MDQ5MDE4Njk5Nzc3NjX6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1zoaOZEDT6gMwa9vaq8FmJSovGaQ%26client%3Dca-pub-9035087792692775%26adurl%3Dhttp%253A%252F%252Fbrain.rvty.net%252FRTB%252FClick%253Fx%253DEASY-X-COORDINATE%2526y%253DEASY-Y-COORDINATE%2526s%253D94859637%2526a%253D146060%2526t%253D1620785333105%2526l%253D412122%2526p%253D3%2526appid%253D%2526aa%253D609b38b1-0009-ce5c-0ae0-338379011f85%2526gdpr%253D1%2526gdpr_consent%253D%2526dest%253D
Requested by: Host: brain.rvty.net
URL: https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=94859637&bannerId=146060&e=3&p=YJs4sQAJEF4Ke4WYAAJxLUjnOX2KUtSRZ5LiZg&penc=&bp=38462&a=609b38b1-0009-ce5c-0ae0-338379011f85&n=1&geo=412122&rawURL=https%3A%2F%2Fpastebin.com%2FFMmQ5FdC&rawReferrerURL=&uid=4aba4bda-0a13-44b7-bb1e-ac05604d65ed&euid=CAESEGMj64v031Bt0oo0R_6b3qI&encn=N4IgXglgDiBcIgDQgMYHsCuA7ALgJwE84QARAUSRAEMc4BGZAGywHM4BOAOjoA4BmPshQQcReJQDOOGgFNiAISoATGVgC0AdQA-eHDhkBbAEYy8bJjTgAWHpwDsANgd2AvkA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIedJsTibYN6gJJiL7gOt4onIBeb-o_dc7s2U12nAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItOTAzNTA4Nzc5MjY5Mjc3NcgBCakCKsu9ywlitD7gAgCoAwGqBIACT9BhcK85DKNHSWA0lpxN-udx7tQwgqbRRiAzhTtybhAKqcnQVedAnY0pcIWXldI7zYwGq7B_W-KpDTYZQLZNzigugTVZNe6QdvcV96GelsKXvTSZe5w1UMrbjvjFZWB7D_jOa_K1iU1zXfdX_kmhZP-8J2xLF-LvH2CvNedwr2oo22CiwIHnJTi10b-iFiLHdKcA-CYLgLDGGXncRfqdNK8pER_lNa_864w1lV4G5T7wqroWAw-HCEQvOfFt-4qtpbonLrsqtiSyiCUNIfn3KMSr_VOfCxh-Zel0CbpmUf4DHjYMQA-FyCuqvQjdK6T8hTsr_iWqP8TlqvWskGF--OAEAYAGjs2xk9b3yuRJoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTc5MDQ5MDE4Njk5Nzc3NjX6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1zoaOZEDT6gMwa9vaq8FmJSovGaQ%26client%3Dca-pub-9035087792692775%26adurl%3D&gdpr=1&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: eb807e4f5d03eb7e2ae0959664a8a0df693280fc4406f5334cb285960a3d2007

Request headers

Referer: https://brain.rvty.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 02:08:56 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3517
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1

200
OK

request.php Show response
ad6.ad-srv.net/ Frame C536
Redirect Chain

https://ad6.ad-srv.net/request.php?zone=4sxtd47yng2k&nw=14&renderingType=javascript&namespace=1e98f31c24&subid=&uid=805f419e091b5947&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x60...
https://ad6.ad-srv.net/request.php?zone=4sxtd47yng2k&nw=14&renderingType=javascript&namespace=1e98f31c24&subid=&uid=805f419e091b5947&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x60...

0
548 B

58ms
36ms

Script
application/x-javascript

138.201.63.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad6.ad-srv.net/request.php?zone=4sxtd47yng2k&nw=14&renderingType=javascript&namespace=1e98f31c24&subid=&uid=805f419e091b5947&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=ANIM_AFTER_30S%3A0&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCIedJsTibYN6gJJiL7gOt4onIBeb-o_dc7s2U12nAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItOTAzNTA4Nzc5MjY5Mjc3NcgBCakCKsu9ywlitD7gAgCoAwGqBIACT9BhcK85DKNHSWA0lpxN-udx7tQwgqbRRiAzhTtybhAKqcnQVedAnY0pcIWXldI7zYwGq7B_W-KpDTYZQLZNzigugTVZNe6QdvcV96GelsKXvTSZe5w1UMrbjvjFZWB7D_jOa_K1iU1zXfdX_kmhZP-8J2xLF-LvH2CvNedwr2oo22CiwIHnJTi10b-iFiLHdKcA-CYLgLDGGXncRfqdNK8pER_lNa_864w1lV4G5T7wqroWAw-HCEQvOfFt-4qtpbonLrsqtiSyiCUNIfn3KMSr_VOfCxh-Zel0CbpmUf4DHjYMQA-FyCuqvQjdK6T8hTsr_iWqP8TlqvWskGF--OAEAYAGjs2xk9b3yuRJoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTc5MDQ5MDE4Njk5Nzc3NjX6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1zoaOZEDT6gMwa9vaq8FmJSovGaQ%26client%3Dca-pub-9035087792692775%26adurl%3Dhttp%253A%252F%252Fbrain.rvty.net%252FRTB%252FClick%253Fx%253DEASY-X-COORDINATE%2526y%253DEASY-Y-COORDINATE%2526s%253D94859637%2526a%253D146060%2526t%253D1620785333105%2526l%253D412122%2526p%253D3%2526appid%253D%2526aa%253D609b38b1-0009-ce5c-0ae0-338379011f85%2526gdpr%253D1%2526gdpr_consent%253D%2526dest%253D&documentReferer=https%3A%2F%2F18f34aadf5b5bb994b05cb8f6a4026b6.safeframe.googlesyndication.com%2F&ancestorOrigins=https%3A%2F%2F18f34aadf5b5bb994b05cb8f6a4026b6.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fpastebin.com&random=4041128565486&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: brain.rvty.net
URL: https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=94859637&bannerId=146060&e=3&p=YJs4sQAJEF4Ke4WYAAJxLUjnOX2KUtSRZ5LiZg&penc=&bp=38462&a=609b38b1-0009-ce5c-0ae0-338379011f85&n=1&geo=412122&rawURL=https%3A%2F%2Fpastebin.com%2FFMmQ5FdC&rawReferrerURL=&uid=4aba4bda-0a13-44b7-bb1e-ac05604d65ed&euid=CAESEGMj64v031Bt0oo0R_6b3qI&encn=N4IgXglgDiBcIgDQgMYHsCuA7ALgJwE84QARAUSRAEMc4BGZAGywHM4BOAOjoA4BmPshQQcReJQDOOGgFNiAISoATGVgC0AdQA-eHDhkBbAEYy8bJjTgAWHpwDsANgd2AvkA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIedJsTibYN6gJJiL7gOt4onIBeb-o_dc7s2U12nAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItOTAzNTA4Nzc5MjY5Mjc3NcgBCakCKsu9ywlitD7gAgCoAwGqBIACT9BhcK85DKNHSWA0lpxN-udx7tQwgqbRRiAzhTtybhAKqcnQVedAnY0pcIWXldI7zYwGq7B_W-KpDTYZQLZNzigugTVZNe6QdvcV96GelsKXvTSZe5w1UMrbjvjFZWB7D_jOa_K1iU1zXfdX_kmhZP-8J2xLF-LvH2CvNedwr2oo22CiwIHnJTi10b-iFiLHdKcA-CYLgLDGGXncRfqdNK8pER_lNa_864w1lV4G5T7wqroWAw-HCEQvOfFt-4qtpbonLrsqtiSyiCUNIfn3KMSr_VOfCxh-Zel0CbpmUf4DHjYMQA-FyCuqvQjdK6T8hTsr_iWqP8TlqvWskGF--OAEAYAGjs2xk9b3yuRJoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTc5MDQ5MDE4Njk5Nzc3NjX6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1zoaOZEDT6gMwa9vaq8FmJSovGaQ%26client%3Dca-pub-9035087792692775%26adurl%3D&gdpr=1&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.164 Lingenfeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://brain.rvty.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 02:08:57 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 37456600012550501324219011592006
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 0
Expires: Wed, 12 May 2021 03:08:57 +0200

Redirect headers

Pragma: no-cache
Date: Wed, 12 May 2021 02:08:56 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=4sxtd47yng2k&nw=14&renderingType=javascript&namespace=1e98f31c24&subid=&uid=805f419e091b5947&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=ANIM_AFTER_30S%3A0&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCIedJsTibYN6gJJiL7gOt4onIBeb-o_dc7s2U12nAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItOTAzNTA4Nzc5MjY5Mjc3NcgBCakCKsu9ywlitD7gAgCoAwGqBIACT9BhcK85DKNHSWA0lpxN-udx7tQwgqbRRiAzhTtybhAKqcnQVedAnY0pcIWXldI7zYwGq7B_W-KpDTYZQLZNzigugTVZNe6QdvcV96GelsKXvTSZe5w1UMrbjvjFZWB7D_jOa_K1iU1zXfdX_kmhZP-8J2xLF-LvH2CvNedwr2oo22CiwIHnJTi10b-iFiLHdKcA-CYLgLDGGXncRfqdNK8pER_lNa_864w1lV4G5T7wqroWAw-HCEQvOfFt-4qtpbonLrsqtiSyiCUNIfn3KMSr_VOfCxh-Zel0CbpmUf4DHjYMQA-FyCuqvQjdK6T8hTsr_iWqP8TlqvWskGF--OAEAYAGjs2xk9b3yuRJoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTc5MDQ5MDE4Njk5Nzc3NjX6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1zoaOZEDT6gMwa9vaq8FmJSovGaQ%26client%3Dca-pub-9035087792692775%26adurl%3Dhttp%253A%252F%252Fbrain.rvty.net%252FRTB%252FClick%253Fx%253DEASY-X-COORDINATE%2526y%253DEASY-Y-COORDINATE%2526s%253D94859637%2526a%253D146060%2526t%253D1620785333105%2526l%253D412122%2526p%253D3%2526appid%253D%2526aa%253D609b38b1-0009-ce5c-0ae0-338379011f85%2526gdpr%253D1%2526gdpr_consent%253D%2526dest%253D&documentReferer=https%3A%2F%2F18f34aadf5b5bb994b05cb8f6a4026b6.safeframe.googlesyndication.com%2F&ancestorOrigins=https%3A%2F%2F18f34aadf5b5bb994b05cb8f6a4026b6.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fpastebin.com&random=4041128565486&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Wed, 12 May 2021 03:08:56 +0200

GET
H/1.1 200
OK jquery-1.10.2.min.js Show response
cdn.rvty.net/_files/js/ Frame BB2F 91 KB
91 KB 33ms
15ms Script
application/javascript 89.163.211.242
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/view/ads_view.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.242 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: 0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988

Request headers

Referer: https://brain.rvty.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 02:08:57 GMT
Last-Modified: Wed, 08 Jan 2020 08:13:37 GMT
Server: nginx/1.13.4
ETag: "5e158f31-16bb3"
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 93107

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame BB2F 0
119 B 499ms
9ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=94859637&bannerId=146060&e=3&p=YJs4sQAJEF4Ke4WYAAJxLUjnOX2KUtSRZ5LiZg&penc=&bp=38462&a=609b38b1-0009-ce5c-0ae0-338379011f85&n=1&geo=412122&rawURL=https%3A%2F%2Fpastebin.com%2FFMmQ5FdC&rawReferrerURL=&uid=4aba4bda-0a13-44b7-bb1e-ac05604d65ed&euid=CAESEGMj64v031Bt0oo0R_6b3qI&encn=N4IgXglgDiBcIgDQgMYHsCuA7ALgJwE84QARAUSRAEMc4BGZAGywHM4BOAOjoA4BmPshQQcReJQDOOGgFNiAISoATGVgC0AdQA-eHDhkBbAEYy8bJjTgAWHpwDsANgd2AvkA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIedJsTibYN6gJJiL7gOt4onIBeb-o_dc7s2U12nAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItOTAzNTA4Nzc5MjY5Mjc3NcgBCakCKsu9ywlitD7gAgCoAwGqBIACT9BhcK85DKNHSWA0lpxN-udx7tQwgqbRRiAzhTtybhAKqcnQVedAnY0pcIWXldI7zYwGq7B_W-KpDTYZQLZNzigugTVZNe6QdvcV96GelsKXvTSZe5w1UMrbjvjFZWB7D_jOa_K1iU1zXfdX_kmhZP-8J2xLF-LvH2CvNedwr2oo22CiwIHnJTi10b-iFiLHdKcA-CYLgLDGGXncRfqdNK8pER_lNa_864w1lV4G5T7wqroWAw-HCEQvOfFt-4qtpbonLrsqtiSyiCUNIfn3KMSr_VOfCxh-Zel0CbpmUf4DHjYMQA-FyCuqvQjdK6T8hTsr_iWqP8TlqvWskGF--OAEAYAGjs2xk9b3yuRJoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTc5MDQ5MDE4Njk5Nzc3NjX6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1zoaOZEDT6gMwa9vaq8FmJSovGaQ%26client%3Dca-pub-9035087792692775%26adurl%3D&gdpr=1&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Wed, 12 May 2021 02:08:57 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 95 B
1 KB 65ms
38ms XHR
application/json 72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.36.0
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: d092c1395486776825a8b903e77d11e5c5c1859ba86fb60922e94ad18e7bdf48

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 12 May 2021 02:08:57 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://pastebin.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 100

POST prebid
ib.adnxs.com/ut/v3/ 0
0

GET bidRequest
c2shb.ssp.yahoo.com/ 0
0

POST prebid
ib.adnxs.com/ut/v3/ 0
0

GET
H2 200 ROS Show response
ads.us.e-planning.net/hb/1/2c995/1/pastebin.com/ 552 B
872 B 1078ms
23ms XHR
application/json 5.178.65.246
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.us.e-planning.net/hb/1/2c995/1/pastebin.com/ROS?rnd=0.36434071773842525&e=160x600_0%3A160x600%2C120x600&ur=https%3A%2F%2Fpastebin.com%2FFMmQ5FdC&r=pbjs&pbv=4.36.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fpastebin.com%2FFMmQ5FdC&gdpr=1&gdprcs=
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.178.65.246 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: 134ea7ec89671010853b3b9ea8fe10e17a8b3557ad439a71bf99c72772cb336a

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 12 May 2021 02:08:58 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://pastebin.com
expires: Wed, 12 May 2021 02:08:58 GMT
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 552
x-sid: AMS-602

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ 96 B
732 B 1330ms
38ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22222fc45c3031e312%22%3A%22d398e3afd25fd75bf33c%7C160x600%2C120x600%7Cf%3D0.01%22%7D&ref=https%3A%2F%2Fpastebin.com%2FFMmQ5FdC&s=09eddee4-4e86-449d-b9e2-6d56d1ba33f1&pv=f252d050-b2f2-41ec-8c2f-5996028d051e&vp=desktop&lib_name=prebid&lib_v=4.36.0&us=0&ius=1&gdpr=true&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22interdogmedia.com%22%2C%22sid%22%3A%224734%22%2C%22hp%22%3A1%7D%5D%7D

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

Software

sonobi-go /

Resource Hash

22baff0536075ebb1965cfde0fe08125d746cb5a30f620c75dea2a50dee9e446

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 02:08:58 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-132
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://pastebin.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 121
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 204 quantumdex Show response
useast.quantumdex.io/auction/ 0
628 B 267ms
254ms XHR
text/plain 2606:4700:20::ac43:47f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://useast.quantumdex.io/auction/quantumdex
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 12 May 2021 02:08:57 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST, GET
access-control-allow-origin: https://pastebin.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Gak8IKue%2BQTYZmEBzZeVZRQvBh%2FTsUq7qw%2FExY6DyqJwavjzkZUxaaSyupZ5vPwHZEIhvkHHKpPi%2BkJJzSydlOs9K20Q8ZIGle2GuLksmOLBY4SSAlaCIe2czHT5yGtRlg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 64e01a26e9244de2-FRA
cf-request-id: 09ffeeac5000004de20b35e000000001

POST
H2 200 adreq Show response
ads.servenobid.com/ 301 B
551 B 1396ms
75ms XHR
application/json 52.48.100.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servenobid.com/adreq?cb=2724
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.100.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-100-152.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 3bf2cdef54772b1204773e9534ce2ba2cfd29a55f65e10587a590bed98b5ca17

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 12 May 2021 02:08:58 GMT
content-encoding: gzip
amp-access-control-allow-source-origin: *
vary: accept-encoding
content-type: application/json
access-control-allow-origin: https://pastebin.com
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
access-control-allow-credentials: true

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
174 B 1050ms
13ms XHR
text/plain 185.184.8.30
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.30 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://pastebin.com
date: Wed, 12 May 2021 02:08:58 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H/1.1 204 prebid Show response
prebid.ad.smaato.net/oapi/ 0
339 B 591ms
31ms XHR
text/plain 54.216.200.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.ad.smaato.net/oapi/prebid
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.216.200.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-216-200-99.eu-west-1.compute.amazonaws.com
Software: SOMA /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://pastebin.com
Access-Control-Expose-Headers: X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
Access-Control-Allow-Credentials: true
Server: SOMA
Connection: keep-alive
Date: Wed, 12 May 2021 02:08:57 GMT
X-SMT-SessionId: 2cac66b6-0138-4afe-99d0-8baee26d836e

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
362 B 1794ms
93ms XHR
text/plain 136.144.59.88
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://pastebin.com
date: Wed, 12 May 2021 02:08:58 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 4
vary: origin

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
368 B 4115ms
66ms XHR
text/javascript 65.9.95.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fpastebin.com%2FFMmQ5FdC&pr=https%3A%2F%2Ft.co%2F&pid=jVLFtIbQ28tvR&cb=6&ws=1600x1200&v=7.64.00&t=2000&slots=%5B%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22Amazon%22%7D%5D&cfgv=0&schain=1.0%2C1!interdogmedia.com%2C4734%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 0cff03129f16a73a8ff89d06578b0b1a1127bddb582fd05f0ab62f8ccc6b62f7

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:09:01 GMT
via: 1.1 97101640da3dcba7a2d4a3d67a31b115.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: PRG50-C1
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://pastebin.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: Le_L_9tmvoByWZrqKXIkS2D2gm5ZSCZtV05IdGQ6qWqvd8oYpcOoBw==

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame 5004 0
119 B 56ms
9ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=120&adFormat=2&adslotId=&siteId=94859637&bannerId=146056&e=3&p=YJs4rgAEJ38K4DYSAAdTFcRAC8iMWRdRf38m4A&penc=&bp=38462&a=609b38ae-0004-d37e-0a77-8b197d07aa5e&n=1&geo=412122&rawURL=https%3A%2F%2Fpastebin.com%2FFMmQ5FdC&rawReferrerURL=&uid=ff60c67f-6142-4e7a-bd36-bbce98a85107&euid=&encn=N4IgXglgDiBcIgDQgMYHsCuA7ALgJwE84QARAUSRAEMc4BGZAGywHM4BOAOjoA4BmPshQQcReJQDOOGgFNiAISoATGVgC0AdQA-eHDhkBbAEYy8bJjTgAWHpwDsANgd2AvkA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCU9iKrjibYP_OEJLsgAeVpp3AA-b-o_dcjsqU12nAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItOTAzNTA4Nzc5MjY5Mjc3NcgBCakCNPy-p7hhtD7gAgCoAwGqBO4BT9Aj_FO6rx--Wd6-wKVk_QHgWb6qNw-m3Y9iZ7EA04uVwt27R-QzLbxpB63MD2RPYTc-k04BAwIPfbNRmXqu7W1KZlUkZ_zYMDQc8DMqxfp4TaXeULl01CtI7bRjz7c5lgYUgDwgIe2GKva8zgpqu0-mTd53Ntzf7HhxtZPmiJUlwBJovEv9CJu7gCWuK6Cx7-fCVe9_luJ4SriHZaTH14pONzplNukyVklZJWA73sEQqc1iZ3AEKCKtitMUlsp48arXv7gY_7OGDGQL59qa1ucBIlft9RKeLv060gwO8xCUuLBIltU5hl0aJCVP_uAEAYAG17OK4pyg7Y0RoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YBQEAHyCBthZHgtc3Vic3luLTc5MDQ5MDE4Njk5Nzc3NjX6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3lzqnVtqCuWcGpLDYdHBKEWxCwoA%26client%3Dca-pub-9035087792692775%26adurl%3D&gdpr=1&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Wed, 12 May 2021 02:08:57 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame BB2F 0
119 B 65ms
9ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=94859637&bannerId=146060&e=3&p=YJs4sQAJEF4Ke4WYAAJxLUjnOX2KUtSRZ5LiZg&penc=&bp=38462&a=609b38b1-0009-ce5c-0ae0-338379011f85&n=1&geo=412122&rawURL=https%3A%2F%2Fpastebin.com%2FFMmQ5FdC&rawReferrerURL=&uid=4aba4bda-0a13-44b7-bb1e-ac05604d65ed&euid=CAESEGMj64v031Bt0oo0R_6b3qI&encn=N4IgXglgDiBcIgDQgMYHsCuA7ALgJwE84QARAUSRAEMc4BGZAGywHM4BOAOjoA4BmPshQQcReJQDOOGgFNiAISoATGVgC0AdQA-eHDhkBbAEYy8bJjTgAWHpwDsANgd2AvkA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIedJsTibYN6gJJiL7gOt4onIBeb-o_dc7s2U12nAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItOTAzNTA4Nzc5MjY5Mjc3NcgBCakCKsu9ywlitD7gAgCoAwGqBIACT9BhcK85DKNHSWA0lpxN-udx7tQwgqbRRiAzhTtybhAKqcnQVedAnY0pcIWXldI7zYwGq7B_W-KpDTYZQLZNzigugTVZNe6QdvcV96GelsKXvTSZe5w1UMrbjvjFZWB7D_jOa_K1iU1zXfdX_kmhZP-8J2xLF-LvH2CvNedwr2oo22CiwIHnJTi10b-iFiLHdKcA-CYLgLDGGXncRfqdNK8pER_lNa_864w1lV4G5T7wqroWAw-HCEQvOfFt-4qtpbonLrsqtiSyiCUNIfn3KMSr_VOfCxh-Zel0CbpmUf4DHjYMQA-FyCuqvQjdK6T8hTsr_iWqP8TlqvWskGF--OAEAYAGjs2xk9b3yuRJoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTc5MDQ5MDE4Njk5Nzc3NjX6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1zoaOZEDT6gMwa9vaq8FmJSovGaQ%26client%3Dca-pub-9035087792692775%26adurl%3D&gdpr=1&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Wed, 12 May 2021 02:08:57 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame EB36 0
119 B 9ms
9ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=90&adWidth=728&adFormat=4&adslotId=&siteId=94859637&bannerId=146072&e=3&p=YJs4rgAFR94K3rqFAAav9FkYZQcYFJ5HEd1p1w&penc=&bp=38462&a=609b38ae-0005-e22b-0ae0-25ca59038aa8&n=1&geo=412122&rawURL=https%3A%2F%2Fpastebin.com%2FFMmQ5FdC&rawReferrerURL=&uid=ff60c67f-6142-4e7a-bd36-bbce98a85107&euid=&encn=N4IgXglgDiBcIgDQgMYHsCuA7ALgJwE84QARAUSRAEMc4BGZAGywHM4BOAOjoA4BmPshQQcReJQDOOGgFNiAISoATGVgC0AdQA-eHDhkBbAEYy8bJjTgAWHpwDsANgd2AvkA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJUROrjibYN6PFYX1-gb035qYD-b-o_dc7ousiF_AjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItOTAzNTA4Nzc5MjY5Mjc3NcgBCakCKsu9ywlitD7gAgCoAwGqBO4BT9ADU5AzNthOvMw2Es3jpsFQD0-wJZtsjm-Qk_Kunn48mjdnagmYB7DCC7Vcm9E79n2hk7NzlwRLyesKzpaMt6GcYZnkVgVPknUl7_EvIza6oPlPs1IrjmoSAvDWvqEfHC1oPsQEwFNGrsKUvUVHEIUnwPI7SwV5wBA7YbNm46prx-jTXVb2WL_cOlnns4jLFEVQx14uACX1tC_tNSVZmcbf7jKFjYB_zrN8HoVnrT4IvXvDWviaOdShhhHHBfaSDSG8S9V6zAiShG2C9kKspybNESyWCyCMyKV21LsOfpz4Gmi6Ce59ow_AjHR7_-AEAYAGnPah-N7y5czxAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIiOGAEBAB8ggbYWR4LXN1YnN5bi03OTA0OTAxODY5OTc3NzY1-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_021CBPoQadwF5MZZcOsjeb7Vf6jQ%26client%3Dca-pub-9035087792692775%26adurl%3D&gdpr=1&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Wed, 12 May 2021 02:08:57 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame BB2F 0
119 B 10ms
10ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=94859637&bannerId=146060&e=3&p=YJs4sQAJEF4Ke4WYAAJxLUjnOX2KUtSRZ5LiZg&penc=&bp=38462&a=609b38b1-0009-ce5c-0ae0-338379011f85&n=1&geo=412122&rawURL=https%3A%2F%2Fpastebin.com%2FFMmQ5FdC&rawReferrerURL=&uid=4aba4bda-0a13-44b7-bb1e-ac05604d65ed&euid=CAESEGMj64v031Bt0oo0R_6b3qI&encn=N4IgXglgDiBcIgDQgMYHsCuA7ALgJwE84QARAUSRAEMc4BGZAGywHM4BOAOjoA4BmPshQQcReJQDOOGgFNiAISoATGVgC0AdQA-eHDhkBbAEYy8bJjTgAWHpwDsANgd2AvkA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIedJsTibYN6gJJiL7gOt4onIBeb-o_dc7s2U12nAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItOTAzNTA4Nzc5MjY5Mjc3NcgBCakCKsu9ywlitD7gAgCoAwGqBIACT9BhcK85DKNHSWA0lpxN-udx7tQwgqbRRiAzhTtybhAKqcnQVedAnY0pcIWXldI7zYwGq7B_W-KpDTYZQLZNzigugTVZNe6QdvcV96GelsKXvTSZe5w1UMrbjvjFZWB7D_jOa_K1iU1zXfdX_kmhZP-8J2xLF-LvH2CvNedwr2oo22CiwIHnJTi10b-iFiLHdKcA-CYLgLDGGXncRfqdNK8pER_lNa_864w1lV4G5T7wqroWAw-HCEQvOfFt-4qtpbonLrsqtiSyiCUNIfn3KMSr_VOfCxh-Zel0CbpmUf4DHjYMQA-FyCuqvQjdK6T8hTsr_iWqP8TlqvWskGF--OAEAYAGjs2xk9b3yuRJoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTc5MDQ5MDE4Njk5Nzc3NjX6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1zoaOZEDT6gMwa9vaq8FmJSovGaQ%26client%3Dca-pub-9035087792692775%26adurl%3D&gdpr=1&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Wed, 12 May 2021 02:08:58 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame BB2F 0
119 B 10ms
9ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=94859637&bannerId=146060&e=3&p=YJs4sQAJEF4Ke4WYAAJxLUjnOX2KUtSRZ5LiZg&penc=&bp=38462&a=609b38b1-0009-ce5c-0ae0-338379011f85&n=1&geo=412122&rawURL=https%3A%2F%2Fpastebin.com%2FFMmQ5FdC&rawReferrerURL=&uid=4aba4bda-0a13-44b7-bb1e-ac05604d65ed&euid=CAESEGMj64v031Bt0oo0R_6b3qI&encn=N4IgXglgDiBcIgDQgMYHsCuA7ALgJwE84QARAUSRAEMc4BGZAGywHM4BOAOjoA4BmPshQQcReJQDOOGgFNiAISoATGVgC0AdQA-eHDhkBbAEYy8bJjTgAWHpwDsANgd2AvkA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIedJsTibYN6gJJiL7gOt4onIBeb-o_dc7s2U12nAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItOTAzNTA4Nzc5MjY5Mjc3NcgBCakCKsu9ywlitD7gAgCoAwGqBIACT9BhcK85DKNHSWA0lpxN-udx7tQwgqbRRiAzhTtybhAKqcnQVedAnY0pcIWXldI7zYwGq7B_W-KpDTYZQLZNzigugTVZNe6QdvcV96GelsKXvTSZe5w1UMrbjvjFZWB7D_jOa_K1iU1zXfdX_kmhZP-8J2xLF-LvH2CvNedwr2oo22CiwIHnJTi10b-iFiLHdKcA-CYLgLDGGXncRfqdNK8pER_lNa_864w1lV4G5T7wqroWAw-HCEQvOfFt-4qtpbonLrsqtiSyiCUNIfn3KMSr_VOfCxh-Zel0CbpmUf4DHjYMQA-FyCuqvQjdK6T8hTsr_iWqP8TlqvWskGF--OAEAYAGjs2xk9b3yuRJoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTc5MDQ5MDE4Njk5Nzc3NjX6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1zoaOZEDT6gMwa9vaq8FmJSovGaQ%26client%3Dca-pub-9035087792692775%26adurl%3D&gdpr=1&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Wed, 12 May 2021 02:08:58 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame BB2F 0
119 B 27ms
9ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=94859637&bannerId=146060&e=3&p=YJs4sQAJEF4Ke4WYAAJxLUjnOX2KUtSRZ5LiZg&penc=&bp=38462&a=609b38b1-0009-ce5c-0ae0-338379011f85&n=1&geo=412122&rawURL=https%3A%2F%2Fpastebin.com%2FFMmQ5FdC&rawReferrerURL=&uid=4aba4bda-0a13-44b7-bb1e-ac05604d65ed&euid=CAESEGMj64v031Bt0oo0R_6b3qI&encn=N4IgXglgDiBcIgDQgMYHsCuA7ALgJwE84QARAUSRAEMc4BGZAGywHM4BOAOjoA4BmPshQQcReJQDOOGgFNiAISoATGVgC0AdQA-eHDhkBbAEYy8bJjTgAWHpwDsANgd2AvkA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIedJsTibYN6gJJiL7gOt4onIBeb-o_dc7s2U12nAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItOTAzNTA4Nzc5MjY5Mjc3NcgBCakCKsu9ywlitD7gAgCoAwGqBIACT9BhcK85DKNHSWA0lpxN-udx7tQwgqbRRiAzhTtybhAKqcnQVedAnY0pcIWXldI7zYwGq7B_W-KpDTYZQLZNzigugTVZNe6QdvcV96GelsKXvTSZe5w1UMrbjvjFZWB7D_jOa_K1iU1zXfdX_kmhZP-8J2xLF-LvH2CvNedwr2oo22CiwIHnJTi10b-iFiLHdKcA-CYLgLDGGXncRfqdNK8pER_lNa_864w1lV4G5T7wqroWAw-HCEQvOfFt-4qtpbonLrsqtiSyiCUNIfn3KMSr_VOfCxh-Zel0CbpmUf4DHjYMQA-FyCuqvQjdK6T8hTsr_iWqP8TlqvWskGF--OAEAYAGjs2xk9b3yuRJoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTc5MDQ5MDE4Njk5Nzc3NjX6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1zoaOZEDT6gMwa9vaq8FmJSovGaQ%26client%3Dca-pub-9035087792692775%26adurl%3D&gdpr=1&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Wed, 12 May 2021 02:08:59 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame BB2F 0
119 B 27ms
9ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=94859637&bannerId=146060&e=3&p=YJs4sQAJEF4Ke4WYAAJxLUjnOX2KUtSRZ5LiZg&penc=&bp=38462&a=609b38b1-0009-ce5c-0ae0-338379011f85&n=1&geo=412122&rawURL=https%3A%2F%2Fpastebin.com%2FFMmQ5FdC&rawReferrerURL=&uid=4aba4bda-0a13-44b7-bb1e-ac05604d65ed&euid=CAESEGMj64v031Bt0oo0R_6b3qI&encn=N4IgXglgDiBcIgDQgMYHsCuA7ALgJwE84QARAUSRAEMc4BGZAGywHM4BOAOjoA4BmPshQQcReJQDOOGgFNiAISoATGVgC0AdQA-eHDhkBbAEYy8bJjTgAWHpwDsANgd2AvkA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIedJsTibYN6gJJiL7gOt4onIBeb-o_dc7s2U12nAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItOTAzNTA4Nzc5MjY5Mjc3NcgBCakCKsu9ywlitD7gAgCoAwGqBIACT9BhcK85DKNHSWA0lpxN-udx7tQwgqbRRiAzhTtybhAKqcnQVedAnY0pcIWXldI7zYwGq7B_W-KpDTYZQLZNzigugTVZNe6QdvcV96GelsKXvTSZe5w1UMrbjvjFZWB7D_jOa_K1iU1zXfdX_kmhZP-8J2xLF-LvH2CvNedwr2oo22CiwIHnJTi10b-iFiLHdKcA-CYLgLDGGXncRfqdNK8pER_lNa_864w1lV4G5T7wqroWAw-HCEQvOfFt-4qtpbonLrsqtiSyiCUNIfn3KMSr_VOfCxh-Zel0CbpmUf4DHjYMQA-FyCuqvQjdK6T8hTsr_iWqP8TlqvWskGF--OAEAYAGjs2xk9b3yuRJoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTc5MDQ5MDE4Njk5Nzc3NjX6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1zoaOZEDT6gMwa9vaq8FmJSovGaQ%26client%3Dca-pub-9035087792692775%26adurl%3D&gdpr=1&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Wed, 12 May 2021 02:08:59 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame BB2F 0
119 B 9ms
9ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=94859637&bannerId=146060&e=3&p=YJs4sQAJEF4Ke4WYAAJxLUjnOX2KUtSRZ5LiZg&penc=&bp=38462&a=609b38b1-0009-ce5c-0ae0-338379011f85&n=1&geo=412122&rawURL=https%3A%2F%2Fpastebin.com%2FFMmQ5FdC&rawReferrerURL=&uid=4aba4bda-0a13-44b7-bb1e-ac05604d65ed&euid=CAESEGMj64v031Bt0oo0R_6b3qI&encn=N4IgXglgDiBcIgDQgMYHsCuA7ALgJwE84QARAUSRAEMc4BGZAGywHM4BOAOjoA4BmPshQQcReJQDOOGgFNiAISoATGVgC0AdQA-eHDhkBbAEYy8bJjTgAWHpwDsANgd2AvkA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIedJsTibYN6gJJiL7gOt4onIBeb-o_dc7s2U12nAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItOTAzNTA4Nzc5MjY5Mjc3NcgBCakCKsu9ywlitD7gAgCoAwGqBIACT9BhcK85DKNHSWA0lpxN-udx7tQwgqbRRiAzhTtybhAKqcnQVedAnY0pcIWXldI7zYwGq7B_W-KpDTYZQLZNzigugTVZNe6QdvcV96GelsKXvTSZe5w1UMrbjvjFZWB7D_jOa_K1iU1zXfdX_kmhZP-8J2xLF-LvH2CvNedwr2oo22CiwIHnJTi10b-iFiLHdKcA-CYLgLDGGXncRfqdNK8pER_lNa_864w1lV4G5T7wqroWAw-HCEQvOfFt-4qtpbonLrsqtiSyiCUNIfn3KMSr_VOfCxh-Zel0CbpmUf4DHjYMQA-FyCuqvQjdK6T8hTsr_iWqP8TlqvWskGF--OAEAYAGjs2xk9b3yuRJoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTc5MDQ5MDE4Njk5Nzc3NjX6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1zoaOZEDT6gMwa9vaq8FmJSovGaQ%26client%3Dca-pub-9035087792692775%26adurl%3D&gdpr=1&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Wed, 12 May 2021 02:09:00 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame 5004 0
119 B 10ms
9ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=120&adFormat=2&adslotId=&siteId=94859637&bannerId=146056&e=3&p=YJs4rgAEJ38K4DYSAAdTFcRAC8iMWRdRf38m4A&penc=&bp=38462&a=609b38ae-0004-d37e-0a77-8b197d07aa5e&n=1&geo=412122&rawURL=https%3A%2F%2Fpastebin.com%2FFMmQ5FdC&rawReferrerURL=&uid=ff60c67f-6142-4e7a-bd36-bbce98a85107&euid=&encn=N4IgXglgDiBcIgDQgMYHsCuA7ALgJwE84QARAUSRAEMc4BGZAGywHM4BOAOjoA4BmPshQQcReJQDOOGgFNiAISoATGVgC0AdQA-eHDhkBbAEYy8bJjTgAWHpwDsANgd2AvkA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCU9iKrjibYP_OEJLsgAeVpp3AA-b-o_dcjsqU12nAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItOTAzNTA4Nzc5MjY5Mjc3NcgBCakCNPy-p7hhtD7gAgCoAwGqBO4BT9Aj_FO6rx--Wd6-wKVk_QHgWb6qNw-m3Y9iZ7EA04uVwt27R-QzLbxpB63MD2RPYTc-k04BAwIPfbNRmXqu7W1KZlUkZ_zYMDQc8DMqxfp4TaXeULl01CtI7bRjz7c5lgYUgDwgIe2GKva8zgpqu0-mTd53Ntzf7HhxtZPmiJUlwBJovEv9CJu7gCWuK6Cx7-fCVe9_luJ4SriHZaTH14pONzplNukyVklZJWA73sEQqc1iZ3AEKCKtitMUlsp48arXv7gY_7OGDGQL59qa1ucBIlft9RKeLv060gwO8xCUuLBIltU5hl0aJCVP_uAEAYAG17OK4pyg7Y0RoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YBQEAHyCBthZHgtc3Vic3luLTc5MDQ5MDE4Njk5Nzc3NjX6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3lzqnVtqCuWcGpLDYdHBKEWxCwoA%26client%3Dca-pub-9035087792692775%26adurl%3D&gdpr=1&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Wed, 12 May 2021 02:09:00 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame EB36 0
119 B 9ms
9ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=90&adWidth=728&adFormat=4&adslotId=&siteId=94859637&bannerId=146072&e=3&p=YJs4rgAFR94K3rqFAAav9FkYZQcYFJ5HEd1p1w&penc=&bp=38462&a=609b38ae-0005-e22b-0ae0-25ca59038aa8&n=1&geo=412122&rawURL=https%3A%2F%2Fpastebin.com%2FFMmQ5FdC&rawReferrerURL=&uid=ff60c67f-6142-4e7a-bd36-bbce98a85107&euid=&encn=N4IgXglgDiBcIgDQgMYHsCuA7ALgJwE84QARAUSRAEMc4BGZAGywHM4BOAOjoA4BmPshQQcReJQDOOGgFNiAISoATGVgC0AdQA-eHDhkBbAEYy8bJjTgAWHpwDsANgd2AvkA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJUROrjibYN6PFYX1-gb035qYD-b-o_dc7ousiF_AjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItOTAzNTA4Nzc5MjY5Mjc3NcgBCakCKsu9ywlitD7gAgCoAwGqBO4BT9ADU5AzNthOvMw2Es3jpsFQD0-wJZtsjm-Qk_Kunn48mjdnagmYB7DCC7Vcm9E79n2hk7NzlwRLyesKzpaMt6GcYZnkVgVPknUl7_EvIza6oPlPs1IrjmoSAvDWvqEfHC1oPsQEwFNGrsKUvUVHEIUnwPI7SwV5wBA7YbNm46prx-jTXVb2WL_cOlnns4jLFEVQx14uACX1tC_tNSVZmcbf7jKFjYB_zrN8HoVnrT4IvXvDWviaOdShhhHHBfaSDSG8S9V6zAiShG2C9kKspybNESyWCyCMyKV21LsOfpz4Gmi6Ce59ow_AjHR7_-AEAYAGnPah-N7y5czxAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIiOGAEBAB8ggbYWR4LXN1YnN5bi03OTA0OTAxODY5OTc3NzY1-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_021CBPoQadwF5MZZcOsjeb7Vf6jQ%26client%3Dca-pub-9035087792692775%26adurl%3D&gdpr=1&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Wed, 12 May 2021 02:09:00 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame BB2F 0
119 B 15ms
14ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=94859637&bannerId=146060&e=3&p=YJs4sQAJEF4Ke4WYAAJxLUjnOX2KUtSRZ5LiZg&penc=&bp=38462&a=609b38b1-0009-ce5c-0ae0-338379011f85&n=1&geo=412122&rawURL=https%3A%2F%2Fpastebin.com%2FFMmQ5FdC&rawReferrerURL=&uid=4aba4bda-0a13-44b7-bb1e-ac05604d65ed&euid=CAESEGMj64v031Bt0oo0R_6b3qI&encn=N4IgXglgDiBcIgDQgMYHsCuA7ALgJwE84QARAUSRAEMc4BGZAGywHM4BOAOjoA4BmPshQQcReJQDOOGgFNiAISoATGVgC0AdQA-eHDhkBbAEYy8bJjTgAWHpwDsANgd2AvkA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIedJsTibYN6gJJiL7gOt4onIBeb-o_dc7s2U12nAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItOTAzNTA4Nzc5MjY5Mjc3NcgBCakCKsu9ywlitD7gAgCoAwGqBIACT9BhcK85DKNHSWA0lpxN-udx7tQwgqbRRiAzhTtybhAKqcnQVedAnY0pcIWXldI7zYwGq7B_W-KpDTYZQLZNzigugTVZNe6QdvcV96GelsKXvTSZe5w1UMrbjvjFZWB7D_jOa_K1iU1zXfdX_kmhZP-8J2xLF-LvH2CvNedwr2oo22CiwIHnJTi10b-iFiLHdKcA-CYLgLDGGXncRfqdNK8pER_lNa_864w1lV4G5T7wqroWAw-HCEQvOfFt-4qtpbonLrsqtiSyiCUNIfn3KMSr_VOfCxh-Zel0CbpmUf4DHjYMQA-FyCuqvQjdK6T8hTsr_iWqP8TlqvWskGF--OAEAYAGjs2xk9b3yuRJoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTc5MDQ5MDE4Njk5Nzc3NjX6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1zoaOZEDT6gMwa9vaq8FmJSovGaQ%26client%3Dca-pub-9035087792692775%26adurl%3D&gdpr=1&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Wed, 12 May 2021 02:09:00 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame BB2F 0
119 B 10ms
9ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=94859637&bannerId=146060&e=3&p=YJs4sQAJEF4Ke4WYAAJxLUjnOX2KUtSRZ5LiZg&penc=&bp=38462&a=609b38b1-0009-ce5c-0ae0-338379011f85&n=1&geo=412122&rawURL=https%3A%2F%2Fpastebin.com%2FFMmQ5FdC&rawReferrerURL=&uid=4aba4bda-0a13-44b7-bb1e-ac05604d65ed&euid=CAESEGMj64v031Bt0oo0R_6b3qI&encn=N4IgXglgDiBcIgDQgMYHsCuA7ALgJwE84QARAUSRAEMc4BGZAGywHM4BOAOjoA4BmPshQQcReJQDOOGgFNiAISoATGVgC0AdQA-eHDhkBbAEYy8bJjTgAWHpwDsANgd2AvkA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIedJsTibYN6gJJiL7gOt4onIBeb-o_dc7s2U12nAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItOTAzNTA4Nzc5MjY5Mjc3NcgBCakCKsu9ywlitD7gAgCoAwGqBIACT9BhcK85DKNHSWA0lpxN-udx7tQwgqbRRiAzhTtybhAKqcnQVedAnY0pcIWXldI7zYwGq7B_W-KpDTYZQLZNzigugTVZNe6QdvcV96GelsKXvTSZe5w1UMrbjvjFZWB7D_jOa_K1iU1zXfdX_kmhZP-8J2xLF-LvH2CvNedwr2oo22CiwIHnJTi10b-iFiLHdKcA-CYLgLDGGXncRfqdNK8pER_lNa_864w1lV4G5T7wqroWAw-HCEQvOfFt-4qtpbonLrsqtiSyiCUNIfn3KMSr_VOfCxh-Zel0CbpmUf4DHjYMQA-FyCuqvQjdK6T8hTsr_iWqP8TlqvWskGF--OAEAYAGjs2xk9b3yuRJoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTc5MDQ5MDE4Njk5Nzc3NjX6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1zoaOZEDT6gMwa9vaq8FmJSovGaQ%26client%3Dca-pub-9035087792692775%26adurl%3D&gdpr=1&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Wed, 12 May 2021 02:09:01 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
174 B 14ms
14ms XHR
text/plain 185.184.8.30
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.30 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://pastebin.com
date: Wed, 12 May 2021 02:09:01 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 95 B
755 B 64ms
38ms XHR
application/json 72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.36.0
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: 6b326da73a94b59a33992bebdcc49a7ebc59c73942fc2f9952a612ed2bfcf4a1

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 12 May 2021 02:09:01 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://pastebin.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 99

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 145 B
840 B 24ms
11ms XHR
application/json 37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

a8141df82207a29b265ad53f721d99b07c0aacdfc8c4d8574eaedac6741a3132

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 02:09:01 GMT
X-Proxy-Origin: 159.48.53.198; 159.48.53.198; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.203:80
AN-X-Request-Uuid: e857b5e6-fd07-471e-a1de-1c695e2f4e5b
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://pastebin.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ 96 B
730 B 36ms
36ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22241e84c2d4e28fe1%22%3A%22d398e3afd25fd75bf33c%7C160x600%2C120x600%7Cf%3D0.01%22%7D&ref=https%3A%2F%2Fpastebin.com%2FFMmQ5FdC&s=7875bca3-023e-4cae-a830-c2018b52cc6c&pv=f252d050-b2f2-41ec-8c2f-5996028d051e&vp=desktop&lib_name=prebid&lib_v=4.36.0&us=0&ius=1&gdpr=true&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22interdogmedia.com%22%2C%22sid%22%3A%224734%22%2C%22hp%22%3A1%7D%5D%7D

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

Software

sonobi-go /

Resource Hash

3ebe93ad70b4b586eb736c0203d7fce582262c418ac6880a0c2a782399f24f8b

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 02:09:01 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-10
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://pastebin.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 121
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 140 B
835 B 19ms
7ms XHR
application/json 37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

fec64af88fc7bcc16bcf6905ce63755161a1ed39c6dae54cbce46adbb601df21

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 02:09:01 GMT
X-Proxy-Origin: 159.48.53.198; 159.48.53.198; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.230:80
AN-X-Request-Uuid: 361e2636-7128-4912-97c4-86972b8f6a0a
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://pastebin.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 140
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
258 B 99ms
99ms XHR
text/plain 136.144.59.88
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://pastebin.com
date: Wed, 12 May 2021 02:09:01 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 10
vary: origin

POST
H2 204 quantumdex Show response
useast.quantumdex.io/auction/ 0
390 B 212ms
212ms XHR
text/plain 2606:4700:20::ac43:47f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://useast.quantumdex.io/auction/quantumdex
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 12 May 2021 02:09:01 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST, GET
access-control-allow-origin: https://pastebin.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8jujVhNBnwKvR9TQqiypNkih%2F8MYhX7k0PdLkNliFVgr4mRQDjGtJ5ahV34LgPzXeRcc4ILaT0eI6W1jFt2diCE5%2BN%2FTu0IIgjKvaM3nJVojZ5op4th63R62oOZ0Z6ExeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 64e01a3fdd854de2-FRA
cf-request-id: 09ffeebbe500004de21f9fa000000001

POST
H2 200 adreq Show response
ads.servenobid.com/ 301 B
550 B 58ms
58ms XHR
application/json 52.48.100.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servenobid.com/adreq?cb=2337
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.100.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-100-152.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 3bf2cdef54772b1204773e9534ce2ba2cfd29a55f65e10587a590bed98b5ca17

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 12 May 2021 02:09:01 GMT
content-encoding: gzip
amp-access-control-allow-source-origin: *
vary: accept-encoding
content-type: application/json
access-control-allow-origin: https://pastebin.com
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
access-control-allow-credentials: true

POST
H/1.1 204 prebid Show response
prebid.ad.smaato.net/oapi/ 0
339 B 32ms
32ms XHR
text/plain 54.216.200.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.ad.smaato.net/oapi/prebid
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.216.200.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-216-200-99.eu-west-1.compute.amazonaws.com
Software: SOMA /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://pastebin.com
Access-Control-Expose-Headers: X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
Access-Control-Allow-Credentials: true
Server: SOMA
Connection: keep-alive
Date: Wed, 12 May 2021 02:09:00 GMT
X-SMT-SessionId: 3e2ca650-5242-44f4-8063-d920d5f6e9b1

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
744 B 13ms
13ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96957d01727298b51a9a3aed860067&pos=8a96957d01727298b51a9a3ee5990072&cmd=bid&secure=1&gdpr=1
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.128 /
Resource Hash: 0ab758d6645a00d5f3daf548c46ae08f045ee31cf98fad0f8c1a6f6633283b76

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 12 May 2021 02:09:01 GMT
Server: ATS/7.1.2.128
Age: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://pastebin.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

GET
H2

200

ROS Show response
ads.us.e-planning.net/hb/1/2c995/1/pastebin.com/
Redirect Chain

https://ads.us.e-planning.net/hb/1/2c995/1/pastebin.com/ROS?rnd=0.36434071773842525&e=160x600_0%3A160x600%2C120x600&ur=https%3A%2F%2Fpastebin.com%2FFMmQ5FdC&r=pbjs&pbv=4.36.0&ncb=1&vs=F&crs=UTF-8&f...
https://ads.us.e-planning.net/hb/1/2c995/1/pastebin.com/ROS?ct=1&rnd=0.36434071773842525&e=160x600_0%3A160x600%2C120x600&ur=https%3A%2F%2Fpastebin.com%2FFMmQ5FdC&r=pbjs&pbv=4.36.0&ncb=1&vs=F&crs=UT...

552 B
964 B

25ms
25ms

XHR
application/json

5.178.65.246
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.us.e-planning.net/hb/1/2c995/1/pastebin.com/ROS?ct=1&rnd=0.36434071773842525&e=160x600_0%3A160x600%2C120x600&ur=https%3A%2F%2Fpastebin.com%2FFMmQ5FdC&r=pbjs&pbv=4.36.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fpastebin.com%2FFMmQ5FdC&gdpr=1&gdprcs=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.178.65.246 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: 77bbe1ef00ef4a745d2eb1987fb3214dcc30c0a06b1081f08de8edb64b3f804a

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:09:01 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://pastebin.com
expires: Wed, 12 May 2021 02:09:01 GMT
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 552
x-sid: AMS-602

Redirect headers

date: Wed, 12 May 2021 02:09:01 GMT
server: openresty
access-control-allow-origin: https://pastebin.com
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location: /hb/1/2c995/1/pastebin.com/ROS?ct=1&rnd=0.36434071773842525&e=160x600_0%3A160x600%2C120x600&ur=https%3A%2F%2Fpastebin.com%2FFMmQ5FdC&r=pbjs&pbv=4.36.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fpastebin.com%2FFMmQ5FdC&gdpr=1&gdprcs=
access-control-allow-credentials: true
content-type: text/html; charset=iso-8859-1
x-sid: AMS-602

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
368 B 113ms
65ms XHR
text/javascript 65.9.95.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fpastebin.com%2FFMmQ5FdC&pr=https%3A%2F%2Ft.co%2F&pid=jVLFtIbQ28tvR&cb=7&ws=1600x1200&v=7.64.00&t=2000&slots=%5B%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22Amazon%22%7D%5D&cfgv=0&schain=1.0%2C1!interdogmedia.com%2C4734%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 8ec3cdfcdc79223ee04ed060812314854cb3b3d9d1914390c755934366fc3693

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:09:01 GMT
via: 1.1 97101640da3dcba7a2d4a3d67a31b115.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: PRG50-C1
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://pastebin.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: vufyt7a-ro3bZs_ciR5HmjDILS7TqZfaL2CJahoNaPyxWtkP5VzAEw==

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame BB2F 0
119 B 10ms
9ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=94859637&bannerId=146060&e=3&p=YJs4sQAJEF4Ke4WYAAJxLUjnOX2KUtSRZ5LiZg&penc=&bp=38462&a=609b38b1-0009-ce5c-0ae0-338379011f85&n=1&geo=412122&rawURL=https%3A%2F%2Fpastebin.com%2FFMmQ5FdC&rawReferrerURL=&uid=4aba4bda-0a13-44b7-bb1e-ac05604d65ed&euid=CAESEGMj64v031Bt0oo0R_6b3qI&encn=N4IgXglgDiBcIgDQgMYHsCuA7ALgJwE84QARAUSRAEMc4BGZAGywHM4BOAOjoA4BmPshQQcReJQDOOGgFNiAISoATGVgC0AdQA-eHDhkBbAEYy8bJjTgAWHpwDsANgd2AvkA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIedJsTibYN6gJJiL7gOt4onIBeb-o_dc7s2U12nAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItOTAzNTA4Nzc5MjY5Mjc3NcgBCakCKsu9ywlitD7gAgCoAwGqBIACT9BhcK85DKNHSWA0lpxN-udx7tQwgqbRRiAzhTtybhAKqcnQVedAnY0pcIWXldI7zYwGq7B_W-KpDTYZQLZNzigugTVZNe6QdvcV96GelsKXvTSZe5w1UMrbjvjFZWB7D_jOa_K1iU1zXfdX_kmhZP-8J2xLF-LvH2CvNedwr2oo22CiwIHnJTi10b-iFiLHdKcA-CYLgLDGGXncRfqdNK8pER_lNa_864w1lV4G5T7wqroWAw-HCEQvOfFt-4qtpbonLrsqtiSyiCUNIfn3KMSr_VOfCxh-Zel0CbpmUf4DHjYMQA-FyCuqvQjdK6T8hTsr_iWqP8TlqvWskGF--OAEAYAGjs2xk9b3yuRJoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTc5MDQ5MDE4Njk5Nzc3NjX6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1zoaOZEDT6gMwa9vaq8FmJSovGaQ%26client%3Dca-pub-9035087792692775%26adurl%3D&gdpr=1&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Wed, 12 May 2021 02:09:01 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ 96 B
643 B 36ms
36ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2225877f66745a73e2%22%3A%22d398e3afd25fd75bf33c%7C728x90%2C970x250%2C970x90%2C468x60%2C970x66%2C930x180%2C950x90%2C960x90%2C750x100%7Cf%3D0.01%22%7D&ref=https%3A%2F%2Fpastebin.com%2FFMmQ5FdC&s=301c2c58-d972-47c2-bb1a-be5bcc32b296&pv=f252d050-b2f2-41ec-8c2f-5996028d051e&vp=desktop&lib_name=prebid&lib_v=4.36.0&us=0&ius=1&gdpr=true&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22interdogmedia.com%22%2C%22sid%22%3A%224734%22%2C%22hp%22%3A1%7D%5D%7D

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

Software

sonobi-go /

Resource Hash

6bbb529278781f3accbb0609d331762dc8c365883a3ba99fb42a0f4ef3affc10

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 02:09:02 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-10
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://pastebin.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 121
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST quantumdex
useast.quantumdex.io/auction/ 0
0

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
744 B 14ms
14ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96957d01727298b51a9a3aed860067&pos=8a96957d01727298b51a9a43018b007d&cmd=bid&secure=1&gdpr=1
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.128 /
Resource Hash: deda5e5bc98f75d21c605f1a33c3aea632a30bc8789a84adeeb75163cae86ed5

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 12 May 2021 02:09:02 GMT
Server: ATS/7.1.2.128
Age: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://pastebin.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
744 B 28ms
13ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96957d01727298b51a9a3aed860067&pos=8a96957d01727298b51a9a3db518006f&cmd=bid&secure=1&gdpr=1
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.128 /
Resource Hash: d0a1deda9d132ab5bfc03e9577118c8e20548ca61477e25310d3619927a28a80

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 12 May 2021 02:09:02 GMT
Server: ATS/7.1.2.128
Age: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://pastebin.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
174 B 14ms
14ms XHR
text/plain 185.184.8.30
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.30 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://pastebin.com
date: Wed, 12 May 2021 02:09:02 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

GET
H2 200 ROS Show response
ads.us.e-planning.net/hb/1/2c995/1/pastebin.com/ 551 B
870 B 21ms
21ms XHR
application/json 5.178.65.246
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.us.e-planning.net/hb/1/2c995/1/pastebin.com/ROS?rnd=0.36434071773842525&e=728x90_0%3A728x90%2C970x250%2C970x90%2C468x60%2C970x66%2C930x180%2C950x90%2C960x90%2C750x100&ur=https%3A%2F%2Fpastebin.com%2FFMmQ5FdC&r=pbjs&pbv=4.36.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fpastebin.com%2FFMmQ5FdC&gdpr=1&gdprcs=
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.178.65.246 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: 8ad29cae1b5f42a2eeac6db7e53af4efede3e4ab72aa423158a0937653431048

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 12 May 2021 02:09:02 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://pastebin.com
expires: Wed, 12 May 2021 02:09:02 GMT
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 551
x-sid: AMS-602

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 139 B
834 B 7ms
7ms XHR
application/json 37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

14b36fbbf969be12200341c9ade54d5e4b34f41ee8f1b04cbdd3d38018634405

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 02:09:02 GMT
X-Proxy-Origin: 159.48.53.198; 159.48.53.198; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.105:80
AN-X-Request-Uuid: a5cbcb85-91a4-4f17-affb-9496708b2df4
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://pastebin.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 139
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 adreq Show response
ads.servenobid.com/ 301 B
541 B 86ms
86ms XHR
application/json 52.48.100.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servenobid.com/adreq?cb=4574
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.100.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-100-152.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 3bf2cdef54772b1204773e9534ce2ba2cfd29a55f65e10587a590bed98b5ca17

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 12 May 2021 02:09:02 GMT
content-encoding: gzip
amp-access-control-allow-source-origin: *
vary: accept-encoding
content-type: application/json
access-control-allow-origin: https://pastebin.com
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
access-control-allow-credentials: true

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
139 B 94ms
93ms XHR
text/plain 136.144.59.88
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://pastebin.com
date: Wed, 12 May 2021 02:09:02 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 5
vary: origin

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 95 B
757 B 40ms
40ms XHR
application/json 72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.36.0
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: c9a4f68c179702e1e1cc54007633dfb293a96875b1db3c47a27f2013a3a79598

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 12 May 2021 02:09:01 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://pastebin.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 100

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 146 B
841 B 12ms
12ms XHR
application/json 37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

c27db163d547811b78f1e4c5643e814cb4fdc87e6202214f803fc082c915d84a

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 02:09:02 GMT
X-Proxy-Origin: 159.48.53.198; 159.48.53.198; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.153:80
AN-X-Request-Uuid: 7b1cf6e4-9aac-4d10-aad5-027fa674db87
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://pastebin.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 146
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 204 prebid Show response
prebid.ad.smaato.net/oapi/ 0
339 B 31ms
31ms XHR
text/plain 54.216.200.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.ad.smaato.net/oapi/prebid
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.216.200.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-216-200-99.eu-west-1.compute.amazonaws.com
Software: SOMA /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://pastebin.com
Access-Control-Expose-Headers: X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
Access-Control-Allow-Credentials: true
Server: SOMA
Connection: keep-alive
Date: Wed, 12 May 2021 02:09:01 GMT
X-SMT-SessionId: 5a1a27a0-ed7c-4437-9f11-c9e053864d95

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 58 B
403 B 71ms
70ms XHR
text/javascript 65.9.95.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fpastebin.com%2FFMmQ5FdC&pr=https%3A%2F%2Ft.co%2F&pid=jVLFtIbQ28tvR&cb=8&ws=1600x1200&v=7.64.00&t=2000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22Amazon%22%7D%5D&cfgv=0&schain=1.0%2C1!interdogmedia.com%2C4734%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: e1fb10d90113ff29ff9d0bc6babc2011fd95c267e0508b1d9c4ce1da683dc526

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 02:09:02 GMT
via: 1.1 97101640da3dcba7a2d4a3d67a31b115.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: PRG50-C1
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://pastebin.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 58
x-amz-cf-id: q40bQwEg5K0LgfnmymwVxyURe2-bqxYht9nreYoeIAOt7JHFKqgzBg==

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 146 B
840 B 31ms
31ms XHR
application/json 37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

f76b52eddc45d172a94c63c7953c57e051e4518aeebb8da787cd634f8836d551

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 02:09:02 GMT
X-Proxy-Origin: 159.48.53.198; 159.48.53.198; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.48:80
AN-X-Request-Uuid: 6078b56c-b52f-48aa-9cf2-132b29e7c62a
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://pastebin.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 146
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 adreq Show response
ads.servenobid.com/ 301 B
541 B 74ms
74ms XHR
application/json 52.48.100.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servenobid.com/adreq?cb=5060
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.100.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-100-152.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 3bf2cdef54772b1204773e9534ce2ba2cfd29a55f65e10587a590bed98b5ca17

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 12 May 2021 02:09:02 GMT
content-encoding: gzip
amp-access-control-allow-source-origin: *
vary: accept-encoding
content-type: application/json
access-control-allow-origin: https://pastebin.com
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
access-control-allow-credentials: true

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
744 B 13ms
12ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96957d01727298b51a9a3aed860067&pos=8a96957d01727298b51a9a3ee5990072&cmd=bid&secure=1&gdpr=1
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.128 /
Resource Hash: d31cfade69fcb4652c08469a860e67ddd0d0a0a0f2ddfcb6671ab0eddeaf4ea9

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 12 May 2021 02:09:02 GMT
Server: ATS/7.1.2.128
Age: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://pastebin.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 140 B
835 B 7ms
7ms XHR
application/json 37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

590c6aa1cde77d98e873944f0cf57478e258b0378dd6b8b964dc6508b16fffaf

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 02:09:02 GMT
X-Proxy-Origin: 159.48.53.198; 159.48.53.198; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.154:80
AN-X-Request-Uuid: 2f9b2af0-5989-4244-bbf3-0ab13d17b3a9
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://pastebin.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 140
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST quantumdex
useast.quantumdex.io/auction/ 0
0

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 95 B
757 B 35ms
35ms XHR
application/json 72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.36.0
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: 94201a7e5fc16516d40a88e5cdbe9a88eb7c0fe1a523231c920529f4d664583d

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 12 May 2021 02:09:02 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://pastebin.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 100

POST
H/1.1 204 prebid Show response
prebid.ad.smaato.net/oapi/ 0
339 B 33ms
33ms XHR
text/plain 54.216.200.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.ad.smaato.net/oapi/prebid
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.216.200.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-216-200-99.eu-west-1.compute.amazonaws.com
Software: SOMA /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://pastebin.com
Access-Control-Expose-Headers: X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
Access-Control-Allow-Credentials: true
Server: SOMA
Connection: keep-alive
Date: Wed, 12 May 2021 02:09:01 GMT
X-SMT-SessionId: 5cdbf757-6162-4920-962f-493efbd58584

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
115 B 92ms
92ms XHR
text/plain 136.144.59.88
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://pastebin.com
date: Wed, 12 May 2021 02:09:01 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 3
vary: origin

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
174 B 13ms
13ms XHR
text/plain 185.184.8.30
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.30 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://pastebin.com
date: Wed, 12 May 2021 02:09:02 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

GET
H2 200 ROS Show response
ads.us.e-planning.net/hb/1/2c995/1/pastebin.com/ 552 B
871 B 28ms
27ms XHR
application/json 5.178.65.246
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.us.e-planning.net/hb/1/2c995/1/pastebin.com/ROS?rnd=0.36434071773842525&e=160x600_0%3A160x600%2C120x600&ur=https%3A%2F%2Fpastebin.com%2FFMmQ5FdC&r=pbjs&pbv=4.36.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fpastebin.com%2FFMmQ5FdC&gdpr=1&gdprcs=
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.178.65.246 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: 8809d88486447e17da8c83adaeb1c78ebbfd65ab02ce4eaa450eda65cf58ccaa

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 12 May 2021 02:09:02 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://pastebin.com
expires: Wed, 12 May 2021 02:09:02 GMT
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 552
x-sid: AMS-602

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ 96 B
643 B 35ms
35ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%223050baa51209a59f%22%3A%22d398e3afd25fd75bf33c%7C160x600%2C120x600%7Cf%3D0.01%22%7D&ref=https%3A%2F%2Fpastebin.com%2FFMmQ5FdC&s=e041d3c9-1b26-4d56-871a-486be17e8c06&pv=f252d050-b2f2-41ec-8c2f-5996028d051e&vp=desktop&lib_name=prebid&lib_v=4.36.0&us=0&ius=1&gdpr=true&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22interdogmedia.com%22%2C%22sid%22%3A%224734%22%2C%22hp%22%3A1%7D%5D%7D

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/pastebin.com/prebid-new.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS