www.paymode.com Open in urlscan Pro
69.84.84.173  Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26

• https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_cm&google_hm=YAJjhlIuQQCvEZUaVX-dWA HTTP 302
• https://sync.mathtag.com/sync/img?mt_exid=4&mt_ec=64ws&mt_exuid=&google_gid=CAESEPu-89cdPorL4-1UQTa_RXQ&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=YAJjhlIuQQCvEZUaVX-dWA

Request Chain 27

• https://ib.adnxs.com/getuid?https://sync.mathtag.com/sync/img?mt_exid=13&mt_mminit=1&mt_exuid=$UID HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fmt_exid%3D13%26mt_mminit%3D1%26mt_exuid%3D%24UID HTTP 302
• https://sync.mathtag.com/sync/img?mt_exid=13&mt_mminit=1&mt_exuid=8371488936781314676

Request Chain 30

• https://ad.360yield.com/match?publisher_dsp_id=5&external_user_id=60026386-522e-4100-af11-951a557f9d58 HTTP 302
• https://ad.360yield.com/ul_cb/match?publisher_dsp_id=5&external_user_id=60026386-522e-4100-af11-951a557f9d58

Request Chain 31

• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=3&external_user_id=60026386-522e-4100-af11-951a557f9d58 HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=3&external_user_id=60026386-522e-4100-af11-951a557f9d58&C=1

Request Chain 32

• https://ups.analytics.yahoo.com/ups/55938/sync?uid=60026386-522e-4100-af11-951a557f9d58&_origin=1 HTTP 302
• https://ups.analytics.yahoo.com/ups/55938/sync?uid=60026386-522e-4100-af11-951a557f9d58&_origin=1&verify=true

Request Chain 34

• https://x.bidswitch.net/sync?dsp_id=80&user_id=60026386-522e-4100-af11-951a557f9d58&expires=30 HTTP 302
• https://crb.kargo.com/api/v1/bswsync?bsw_uuid=&dsp_uuid=60026386-522e-4100-af11-951a557f9d58&dsp_id=80&krg_ids=&gdpr=&gdpr_consent=&us_privacy=

Request Chain 37

• https://cm.g.doubleclick.net/pixel?google_nid=mediamath_dmp&google_cm HTTP 302
• https://pixel.mathtag.com/sync/img?mt_exid=10074&google_gid=CAESECOY3El5k0xtTcMx31YBkPg&google_cver=1

Request Chain 38

• https://pixel.tapad.com/idsync/ex/receive?partner_id=2989&partner_device_id=60026386-522e-4100-af11-951a557f9d58 HTTP 302
• https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2989&partner_device_id=60026386-522e-4100-af11-951a557f9d58

Request Chain 43

• https://uip.semasio.net/mediamath/1/info?sType=sync&sExtCookieId=60026386-522e-4100-af11-951a557f9d58&sInitiator=external HTTP 302
• https://uip.semasio.net/mediamath/1/info2?sType=sync&sExtCookieId=60026386-522e-4100-af11-951a557f9d58&sInitiator=external

Request Chain 44

• https://sync.search.spotxchange.com/partner?adv_id=6653&uid=60026386-522e-4100-af11-951a557f9d58 HTTP 302
• https://sync.search.spotxchange.com/partner?adv_id=6653&uid=60026386-522e-4100-af11-951a557f9d58&__user_check__=1&sync_id=5810fe13-7015-11ed-984f-13ae17dc0206

Request Chain 48

• https://ih.adscale.de/adscale-ih/tpui?tpid=39&tpuid=60026386-522e-4100-af11-951a557f9d58 HTTP 302
• https://ih.adscale.de/adscale-ih/tpui?tpid=39&tpuid=60026386-522e-4100-af11-951a557f9d58&nut&uu=3fdbc7d2d4e84976b923068abe16a751

Request Chain 49

• https://ad.sxp.smartclip.net/sync?type=host&dsp=40&dspuuid=60026386-522e-4100-af11-951a557f9d58 HTTP 302
• https://ad.sxp.smartclip.net/sync?type=host&dsp=40&dspuuid=60026386-522e-4100-af11-951a557f9d58&ang_testid=1

Request Chain 51

• https://usermatch.krxd.net/um/v2?partner=mediamath HTTP 302
• https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=mediamath

Request Chain 52

• https://i.liadm.com/s/37464?bidder_id=7156&bidder_uuid=60026386-522e-4100-af11-951a557f9d58 HTTP 303
• https://i.liadm.com/s/37464?bidder_id=7156&bidder_uuid=60026386-522e-4100-af11-951a557f9d58&_li_chk=true&previous_uuid=0c0048bd230c47b182ac14cbfadee727 HTTP 303
• https://i6.liadm.com/s/37464?bidder_id=7156&bidder_uuid=60026386-522e-4100-af11-951a557f9d58

Request Chain 53

• https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=60026386-522e-4100-af11-951a557f9d58 HTTP 302
• https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=60026386-522e-4100-af11-951a557f9d58&ct=y

Request Chain 54

• https://dpm.demdex.net/ibs:dpid=269&dpuuid=60026386-522e-4100-af11-951a557f9d58 HTTP 302
• https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=269&dpuuid=60026386-522e-4100-af11-951a557f9d58

Request Chain 55

• https://aa.agkn.com/adscores/g.pixel?sid=9211132948&mt=60026386-522e-4100-af11-951a557f9d58 HTTP 302
• https://d.agkn.com/pixel/10751/?che=1669747249410&ip=185.213.155.169&l1=https%3A%2F%2Fpixel.mathtag.com%2Fsync%2Fimg%2F%3Fmt_exid%3D10009%26mt_exuid%3D HTTP 302
• https://pixel.mathtag.com/sync/img/?mt_exid=10009&mt_exuid=

59 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request UMASS Show response www.paymode.com/	7 KB 7 KB	432ms 104ms	Document text/html	69.84.84.173 BT-ASN
General Check archive.org Show headers Download Go to Full URL https://www.paymode.com/UMASS Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 69.84.84.173 Portsmouth, United States, ASN46646 (BT-ASN, US), Reverse DNS Software istio-envoy / Resource Hash 24584cee42496fa540ef7fcf6d9cf2e14c88c493107d06128053693a00571be5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-language de-DE content-length 6673 content-type text/html;charset=UTF-8 date Tue, 29 Nov 2022 18:40:45 GMT server istio-envoy strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff x-envoy-upstream-service-time 4 x-frame-options SAMEORIGIN x-xss-protection 1; mode=block
GET H2	200	js Show response www.googletagmanager.com/gtag/	190 KB 69 KB	143ms 57ms	Script application/javascript	2a00:1450:4001:82b::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-940292856 Requested by Host: www.paymode.com URL: https://www.paymode.com/UMASS Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash b3c25a30f4845ed54d91c28ddaf880bc290492aa68643f627d061b23e47f7ea5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.paymode.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Tue, 29 Nov 2022 18:40:45 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 69885 x-xss-protection 0 last-modified Tue, 29 Nov 2022 18:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 29 Nov 2022 18:40:45 GMT
GET H/1.1	200 OK	js Show response pixel.mathtag.com/event/	1 KB 2 KB	235ms 54ms	Script text/javascript	88.221.168.207 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://pixel.mathtag.com/event/js?mt_id=1563635&mt_adid=248753&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3= Requested by Host: www.paymode.com URL: https://www.paymode.com/UMASS Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 88.221.168.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a88-221-168-207.deploy.static.akamaitechnologies.com Software MT3 169 32252b7 master zrh-pixel-x31 config:1.0.0 / Resource Hash 8993a6866d1186a5b2e9a5ff6654b31f267a4db9b42a8b5d9295aa076dab8b38 Request headers accept-language de-DE,de;q=0.9 Referer https://www.paymode.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers Date Tue, 29 Nov 2022 18:40:45 GMT Server MT3 169 32252b7 master zrh-pixel-x31 config:1.0.0 P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Access-Control-Allow-Origin * Content-Type text/javascript Cache-Control no-cache Connection keep-alive Content-Length 1493 Expires Tue, 29 Nov 2022 18:40:44 GMT
GET H/1.1	200 OK	styles_new.css;jsessionid=D5C2C0948B535B1D49D3703B52CB1629 www.paymode.com/css/	4 KB 5 KB	104ms 103ms	Stylesheet text/css	69.84.84.173 BT-ASN
General Check archive.org Show headers Download Go to Full URL https://www.paymode.com/css/styles_new.css;jsessionid=D5C2C0948B535B1D49D3703B52CB1629 Requested by Host: www.paymode.com URL: https://www.paymode.com/UMASS Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 69.84.84.173 Portsmouth, United States, ASN46646 (BT-ASN, US), Reverse DNS Software istio-envoy / Resource Hash 247026d70ad5b16d972e8206beb6df413895e7a6137daec1cc376ae7b25a5b2a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.paymode.com/UMASS User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Tue, 29 Nov 2022 18:40:45 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff last-modified Wed, 16 Nov 2022 17:54:30 GMT server istio-envoy vary Origin,Access-Control-Request-Method,Access-Control-Request-Headers x-frame-options SAMEORIGIN content-type text/css x-envoy-upstream-service-time 2 accept-ranges bytes content-length 4206 x-xss-protection 1; mode=block
GET H/1.1	200 OK	styles_glu.css;jsessionid=D5C2C0948B535B1D49D3703B52CB1629 www.paymode.com/css/	162 KB 163 KB	204ms 99ms	Stylesheet text/css	69.84.84.173 BT-ASN
General Check archive.org Show headers Download Go to Full URL https://www.paymode.com/css/styles_glu.css;jsessionid=D5C2C0948B535B1D49D3703B52CB1629 Requested by Host: www.paymode.com URL: https://www.paymode.com/UMASS Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 69.84.84.173 Portsmouth, United States, ASN46646 (BT-ASN, US), Reverse DNS Software istio-envoy / Resource Hash 3a63593279c3399db48f419c5ecca2f02d895ad10544970d443602afa676b500 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.paymode.com/UMASS User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Tue, 29 Nov 2022 18:40:45 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff last-modified Wed, 16 Nov 2022 17:54:30 GMT server istio-envoy vary Origin,Access-Control-Request-Method,Access-Control-Request-Headers x-frame-options SAMEORIGIN content-type text/css x-envoy-upstream-service-time 3 accept-ranges bytes content-length 165964 x-xss-protection 1; mode=block
GET H/1.1	200 OK	respond.min.js;jsessionid=D5C2C0948B535B1D49D3703B52CB1629 Show response www.paymode.com/js/	4 KB 5 KB	291ms 101ms	Script application/javascript	69.84.84.173 BT-ASN
General Check archive.org Show headers Download Go to Full URL https://www.paymode.com/js/respond.min.js;jsessionid=D5C2C0948B535B1D49D3703B52CB1629 Requested by Host: www.paymode.com URL: https://www.paymode.com/UMASS Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 69.84.84.173 Portsmouth, United States, ASN46646 (BT-ASN, US), Reverse DNS Software istio-envoy / Resource Hash 82069c15edd6943dfaa59f5ac3f6acc86fd44a28fe925e410ccdcadec194a8ba Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.paymode.com/UMASS User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Tue, 29 Nov 2022 18:40:45 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff last-modified Wed, 16 Nov 2022 17:54:30 GMT server istio-envoy vary Origin,Access-Control-Request-Method,Access-Control-Request-Headers x-frame-options SAMEORIGIN content-type application/javascript x-envoy-upstream-service-time 2 accept-ranges bytes content-length 4591 x-xss-protection 1; mode=block
GET H/1.1	200 OK	pmx_logo.jpg;jsessionid=D5C2C0948B535B1D49D3703B52CB1629 www.paymode.com/images/dividends/	3 KB 4 KB	99ms 98ms	Image image/jpeg	69.84.84.173 BT-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://www.paymode.com/images/dividends/pmx_logo.jpg;jsessionid=D5C2C0948B535B1D49D3703B52CB1629 Requested by Host: www.paymode.com URL: https://www.paymode.com/UMASS Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 69.84.84.173 Portsmouth, United States, ASN46646 (BT-ASN, US), Reverse DNS Software istio-envoy / Resource Hash 8c1d5e716c2ffc6a0ad845a41b1b8face01a878f50e72d56e2befe462c560d64 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.paymode.com/UMASS User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Tue, 29 Nov 2022 18:40:45 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff last-modified Wed, 16 Nov 2022 17:54:30 GMT server istio-envoy vary Origin,Access-Control-Request-Method,Access-Control-Request-Headers x-frame-options SAMEORIGIN content-type image/jpeg x-envoy-upstream-service-time 2 accept-ranges bytes content-length 3477 x-xss-protection 1; mode=block
GET H/1.1	200 OK	umass.bmp;jsessionid=D5C2C0948B535B1D49D3703B52CB1629 www.paymode.com/images/logos/	13 KB 13 KB	98ms 98ms	Image image/bmp	69.84.84.173 BT-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://www.paymode.com/images/logos/umass.bmp;jsessionid=D5C2C0948B535B1D49D3703B52CB1629 Requested by Host: www.paymode.com URL: https://www.paymode.com/UMASS Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 69.84.84.173 Portsmouth, United States, ASN46646 (BT-ASN, US), Reverse DNS Software istio-envoy / Resource Hash 0f84a95a3bdd5f477f82a7417ae0af500874f00f5e80cc957e3ae0c572f8f491 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.paymode.com/UMASS User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Tue, 29 Nov 2022 18:40:45 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff last-modified Wed, 16 Nov 2022 17:54:30 GMT server istio-envoy vary Origin,Access-Control-Request-Method,Access-Control-Request-Headers x-frame-options SAMEORIGIN content-type image/bmp x-envoy-upstream-service-time 2 accept-ranges bytes content-length 13302 x-xss-protection 1; mode=block
GET H/1.1	200 OK	benefit_1.jpg;jsessionid=D5C2C0948B535B1D49D3703B52CB1629 www.paymode.com/images/dividends/	3 KB 3 KB	98ms 98ms	Image image/jpeg	69.84.84.173 BT-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://www.paymode.com/images/dividends/benefit_1.jpg;jsessionid=D5C2C0948B535B1D49D3703B52CB1629 Requested by Host: www.paymode.com URL: https://www.paymode.com/UMASS Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 69.84.84.173 Portsmouth, United States, ASN46646 (BT-ASN, US), Reverse DNS Software istio-envoy / Resource Hash a05e844161b1a6e713432850f8f0580e28cddfb5a8c5e9b735e4c5c81cf15e12 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.paymode.com/UMASS User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Tue, 29 Nov 2022 18:40:45 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff last-modified Wed, 16 Nov 2022 17:54:30 GMT server istio-envoy vary Origin,Access-Control-Request-Method,Access-Control-Request-Headers x-frame-options SAMEORIGIN content-type image/jpeg x-envoy-upstream-service-time 2 accept-ranges bytes content-length 2961 x-xss-protection 1; mode=block
GET H/1.1	200 OK	benefit_2.jpg;jsessionid=D5C2C0948B535B1D49D3703B52CB1629 www.paymode.com/images/dividends/	3 KB 3 KB	108ms 108ms	Image image/jpeg	69.84.84.173 BT-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://www.paymode.com/images/dividends/benefit_2.jpg;jsessionid=D5C2C0948B535B1D49D3703B52CB1629 Requested by Host: www.paymode.com URL: https://www.paymode.com/UMASS Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 69.84.84.173 Portsmouth, United States, ASN46646 (BT-ASN, US), Reverse DNS Software istio-envoy / Resource Hash cbc0b6069b47e003d89b6c962718176793d065dd396f530ee874c8b403a14f2c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.paymode.com/UMASS User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Tue, 29 Nov 2022 18:40:45 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff last-modified Wed, 16 Nov 2022 17:54:30 GMT server istio-envoy vary Origin,Access-Control-Request-Method,Access-Control-Request-Headers x-frame-options SAMEORIGIN content-type image/jpeg x-envoy-upstream-service-time 2 accept-ranges bytes content-length 2888 x-xss-protection 1; mode=block
GET H/1.1	200 OK	benefit_3.jpg;jsessionid=D5C2C0948B535B1D49D3703B52CB1629 www.paymode.com/images/dividends/	3 KB 3 KB	117ms 116ms	Image image/jpeg	69.84.84.173 BT-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://www.paymode.com/images/dividends/benefit_3.jpg;jsessionid=D5C2C0948B535B1D49D3703B52CB1629 Requested by Host: www.paymode.com URL: https://www.paymode.com/UMASS Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 69.84.84.173 Portsmouth, United States, ASN46646 (BT-ASN, US), Reverse DNS Software istio-envoy / Resource Hash 0162130303a513ee83b9e945aba7fc56649ea4dd112dd75936b5a9788ab568d9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.paymode.com/UMASS User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Tue, 29 Nov 2022 18:40:45 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff last-modified Wed, 16 Nov 2022 17:54:30 GMT server istio-envoy vary Origin,Access-Control-Request-Method,Access-Control-Request-Headers x-frame-options SAMEORIGIN content-type image/jpeg x-envoy-upstream-service-time 4 accept-ranges bytes content-length 2822 x-xss-protection 1; mode=block
GET H/1.1	200 OK	screenshots.jpg;jsessionid=D5C2C0948B535B1D49D3703B52CB1629 www.paymode.com/images/dividends/	52 KB 53 KB	116ms 108ms	Image image/jpeg	69.84.84.173 BT-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://www.paymode.com/images/dividends/screenshots.jpg;jsessionid=D5C2C0948B535B1D49D3703B52CB1629 Requested by Host: www.paymode.com URL: https://www.paymode.com/UMASS Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 69.84.84.173 Portsmouth, United States, ASN46646 (BT-ASN, US), Reverse DNS Software istio-envoy / Resource Hash 8d9ce1eeaa9350acd97c590cb86e2a10a39f8bf297ac6ebd4ea9c53cb446a4bf Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.paymode.com/UMASS User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Tue, 29 Nov 2022 18:40:45 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff last-modified Wed, 16 Nov 2022 17:54:30 GMT server istio-envoy vary Origin,Access-Control-Request-Method,Access-Control-Request-Headers x-frame-options SAMEORIGIN content-type image/jpeg x-envoy-upstream-service-time 2 accept-ranges bytes content-length 53639 x-xss-protection 1; mode=block
GET H/1.1	200 OK	phone_icon.jpg;jsessionid=D5C2C0948B535B1D49D3703B52CB1629 www.paymode.com/images/dividends/	2 KB 2 KB	299ms 100ms	Image image/jpeg	69.84.84.173 BT-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://www.paymode.com/images/dividends/phone_icon.jpg;jsessionid=D5C2C0948B535B1D49D3703B52CB1629 Requested by Host: www.paymode.com URL: https://www.paymode.com/UMASS Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 69.84.84.173 Portsmouth, United States, ASN46646 (BT-ASN, US), Reverse DNS Software istio-envoy / Resource Hash 44d23855ba7f7b0f44497f6f77999aa6cecc915c48d119c358ca2d35fca41816 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.paymode.com/UMASS User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Tue, 29 Nov 2022 18:40:45 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff last-modified Wed, 16 Nov 2022 17:54:30 GMT server istio-envoy vary Origin,Access-Control-Request-Method,Access-Control-Request-Headers x-frame-options SAMEORIGIN content-type image/jpeg x-envoy-upstream-service-time 2 accept-ranges bytes content-length 1611 x-xss-protection 1; mode=block
GET H/1.1	200 OK	email_icon.jpg;jsessionid=D5C2C0948B535B1D49D3703B52CB1629 www.paymode.com/images/dividends/	2 KB 2 KB	300ms 99ms	Image image/jpeg	69.84.84.173 BT-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://www.paymode.com/images/dividends/email_icon.jpg;jsessionid=D5C2C0948B535B1D49D3703B52CB1629 Requested by Host: www.paymode.com URL: https://www.paymode.com/UMASS Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 69.84.84.173 Portsmouth, United States, ASN46646 (BT-ASN, US), Reverse DNS Software istio-envoy / Resource Hash 9e3d71f904e1f9d90381ac5a5f0518eb1e0e4b72506e71e152a76fb7c838aa16 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.paymode.com/UMASS User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Tue, 29 Nov 2022 18:40:45 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff last-modified Wed, 16 Nov 2022 17:54:30 GMT server istio-envoy vary Origin,Access-Control-Request-Method,Access-Control-Request-Headers x-frame-options SAMEORIGIN content-type image/jpeg x-envoy-upstream-service-time 2 accept-ranges bytes content-length 1743 x-xss-protection 1; mode=block
GET H/1.1	200 OK	address_icon.jpg;jsessionid=D5C2C0948B535B1D49D3703B52CB1629 www.paymode.com/images/dividends/	1 KB 2 KB	305ms 98ms	Image image/jpeg	69.84.84.173 BT-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://www.paymode.com/images/dividends/address_icon.jpg;jsessionid=D5C2C0948B535B1D49D3703B52CB1629 Requested by Host: www.paymode.com URL: https://www.paymode.com/UMASS Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 69.84.84.173 Portsmouth, United States, ASN46646 (BT-ASN, US), Reverse DNS Software istio-envoy / Resource Hash 4ffa5aec81c7c7d666ed6b08c96199411eba8e16330be5e2184f2c823a17db1b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.paymode.com/UMASS User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Tue, 29 Nov 2022 18:40:45 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff last-modified Wed, 16 Nov 2022 17:54:30 GMT server istio-envoy vary Origin,Access-Control-Request-Method,Access-Control-Request-Headers x-frame-options SAMEORIGIN content-type image/jpeg x-envoy-upstream-service-time 1 accept-ranges bytes content-length 1533 x-xss-protection 1; mode=block
GET H/1.1	200 OK	search_icon.jpg;jsessionid=D5C2C0948B535B1D49D3703B52CB1629 www.paymode.com/images/dividends/	2 KB 2 KB	280ms 101ms	Image image/jpeg	69.84.84.173 BT-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://www.paymode.com/images/dividends/search_icon.jpg;jsessionid=D5C2C0948B535B1D49D3703B52CB1629 Requested by Host: www.paymode.com URL: https://www.paymode.com/UMASS Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 69.84.84.173 Portsmouth, United States, ASN46646 (BT-ASN, US), Reverse DNS Software istio-envoy / Resource Hash de400ac561de8dc674de033f70dae30f7268f9e6ccdc383f42ca471c63d14f60 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.paymode.com/UMASS User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Tue, 29 Nov 2022 18:40:45 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff last-modified Wed, 16 Nov 2022 17:54:30 GMT server istio-envoy vary Origin,Access-Control-Request-Method,Access-Control-Request-Headers x-frame-options SAMEORIGIN content-type image/jpeg x-envoy-upstream-service-time 2 accept-ranges bytes content-length 1755 x-xss-protection 1; mode=block
GET H/1.1	200 OK	powered_bt.jpg;jsessionid=D5C2C0948B535B1D49D3703B52CB1629 www.paymode.com/images/dividends/	3 KB 4 KB	281ms 102ms	Image image/jpeg	69.84.84.173 BT-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://www.paymode.com/images/dividends/powered_bt.jpg;jsessionid=D5C2C0948B535B1D49D3703B52CB1629 Requested by Host: www.paymode.com URL: https://www.paymode.com/UMASS Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 69.84.84.173 Portsmouth, United States, ASN46646 (BT-ASN, US), Reverse DNS Software istio-envoy / Resource Hash 128d582ce1db492a0a3c459b3083416fa06edc70df95cd1f7d0bf7ae35a09568 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.paymode.com/UMASS User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Tue, 29 Nov 2022 18:40:45 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff last-modified Wed, 16 Nov 2022 17:54:30 GMT server istio-envoy vary Origin,Access-Control-Request-Method,Access-Control-Request-Headers x-frame-options SAMEORIGIN content-type image/jpeg x-envoy-upstream-service-time 2 accept-ranges bytes content-length 3287 x-xss-protection 1; mode=block
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/940292856/	2 KB 1 KB	138ms 53ms	Script text/javascript	2a00:1450:4001:801::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/940292856/?random=1669747245597&cv=11&fst=1669747245597&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.paymode.com%2FUMASS&tiba=The%20University%20of%20Massachusetts%20Chooses%20Paymode-X&auid=1648450009.1669747246&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=AW-940292856 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ced9306ced63e445a6fa4a6b12e617d7297da8324080b264c1c95d6ad59e0b14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.paymode.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers pragma no-cache date Tue, 29 Nov 2022 18:40:46 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 898 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	iframe Show response pixel.mathtag.com/sync/ Frame 3C3F	7 KB 2 KB	58ms 57ms	Document text/html	88.221.168.207 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://pixel.mathtag.com/sync/iframe?mt_uuid=60026386-522e-4100-af11-951a557f9d58&no_iframe=1&mt_adid=248753&source=mathtag Requested by Host: pixel.mathtag.com URL: https://pixel.mathtag.com/event/js?mt_id=1563635&mt_adid=248753&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 88.221.168.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a88-221-168-207.deploy.static.akamaitechnologies.com Software MT3 169 32252b7 master cdg-pixel-x25 config:1.0.0 / Resource Hash dfec16edfc31be91ac1a3964873f15fe47296740a9ddb3754b8b17e65853c62d Request headers Referer https://www.paymode.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Access-Control-Allow-Origin * Cache-Control no-cache Connection keep-alive Content-Encoding gzip Content-Length 2135 Content-Type text/html Date Tue, 29 Nov 2022 18:40:45 GMT Expires Tue, 29 Nov 2022 18:40:44 GMT P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Server MT3 169 32252b7 master cdg-pixel-x25 config:1.0.0 Vary Accept-Encoding
GET H/1.1	200 OK	img pixel.mathtag.com/comp/	0 480 B	28ms 28ms	Image image/gif	88.221.168.207 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0 Requested by Host: www.paymode.com URL: https://www.paymode.com/UMASS Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 88.221.168.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a88-221-168-207.deploy.static.akamaitechnologies.com Software MT3 169 32252b7 master cdg-pixel-x30 config:1.0.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.paymode.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers Date Tue, 29 Nov 2022 18:40:45 GMT Server MT3 169 32252b7 master cdg-pixel-x30 config:1.0.0 P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Access-Control-Allow-Origin * Content-Type image/gif Cache-Control no-cache Connection keep-alive Content-Length 0 Expires Tue, 29 Nov 2022 18:40:44 GMT
GET H/1.1	200 OK	img pixel.mathtag.com/misc/ Frame 3C3F	43 B 516 B	222ms 222ms	Image image/gif	88.221.168.207 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.mathtag.com/misc/img?mop_seq=0:30&mt_cb=291166&mop_top= Requested by Host: pixel.mathtag.com URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=60026386-522e-4100-af11-951a557f9d58&no_iframe=1&mt_adid=248753&source=mathtag Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 88.221.168.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a88-221-168-207.deploy.static.akamaitechnologies.com Software MT3 169 32252b7 master cdg-pixel-x30 config:1.0.0 / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://pixel.mathtag.com/sync/iframe?mt_uuid=60026386-522e-4100-af11-951a557f9d58&no_iframe=1&mt_adid=248753&source=mathtag User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers Date Tue, 29 Nov 2022 18:40:45 GMT Server MT3 169 32252b7 master cdg-pixel-x30 config:1.0.0 P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Access-Control-Allow-Origin * Content-Type image/gif Cache-Control no-cache Connection keep-alive Content-Length 43 Expires Tue, 29 Nov 2022 18:40:44 GMT
GET H/1.1	200 OK	img pixel.mathtag.com/comp/ Frame 3C3F	0 480 B	38ms 26ms	Image image/gif	88.221.168.207 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0 Requested by Host: pixel.mathtag.com URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=60026386-522e-4100-af11-951a557f9d58&no_iframe=1&mt_adid=248753&source=mathtag Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 88.221.168.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a88-221-168-207.deploy.static.akamaitechnologies.com Software MT3 169 32252b7 master cdg-pixel-x33 config:1.0.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://pixel.mathtag.com/sync/iframe?mt_uuid=60026386-522e-4100-af11-951a557f9d58&no_iframe=1&mt_adid=248753&source=mathtag User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers Date Tue, 29 Nov 2022 18:40:45 GMT Server MT3 169 32252b7 master cdg-pixel-x33 config:1.0.0 P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Access-Control-Allow-Origin * Content-Type image/gif Cache-Control no-cache Connection keep-alive Content-Length 0 Expires Tue, 29 Nov 2022 18:40:44 GMT
GET H/1.1	200 OK	bg_graphic.jpg www.paymode.com/images/dividends/	3 KB 3 KB	194ms 96ms	Image image/jpeg	69.84.84.173 BT-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://www.paymode.com/images/dividends/bg_graphic.jpg Requested by Host: www.paymode.com URL: https://www.paymode.com/css/styles_new.css;jsessionid=D5C2C0948B535B1D49D3703B52CB1629 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 69.84.84.173 Portsmouth, United States, ASN46646 (BT-ASN, US), Reverse DNS Software istio-envoy / Resource Hash 9d022d715f5ec4e3189bf0498874aacdb938ee093ffde11a691c376c0133f877 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.paymode.com/css/styles_new.css;jsessionid=D5C2C0948B535B1D49D3703B52CB1629 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Tue, 29 Nov 2022 18:40:45 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff last-modified Wed, 16 Nov 2022 17:54:30 GMT server istio-envoy vary Origin,Access-Control-Request-Method,Access-Control-Request-Headers x-frame-options SAMEORIGIN content-type image/jpeg x-envoy-upstream-service-time 1 accept-ranges bytes content-length 2614 x-xss-protection 1; mode=block
GET H/1.1	200 OK	white_check.png www.paymode.com/images/dividends/	1 KB 2 KB	181ms 97ms	Image image/png	69.84.84.173 BT-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://www.paymode.com/images/dividends/white_check.png Requested by Host: www.paymode.com URL: https://www.paymode.com/css/styles_new.css;jsessionid=D5C2C0948B535B1D49D3703B52CB1629 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 69.84.84.173 Portsmouth, United States, ASN46646 (BT-ASN, US), Reverse DNS Software istio-envoy / Resource Hash 5babe4273475b3ddeab0fbc9458d66b83e7224d4c2628ccb31a8fc087c3b7896 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.paymode.com/css/styles_new.css;jsessionid=D5C2C0948B535B1D49D3703B52CB1629 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Tue, 29 Nov 2022 18:40:45 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff last-modified Wed, 16 Nov 2022 17:54:30 GMT server istio-envoy vary Origin,Access-Control-Request-Method,Access-Control-Request-Headers x-frame-options SAMEORIGIN content-type image/png x-envoy-upstream-service-time 2 accept-ranges bytes content-length 1224 x-xss-protection 1; mode=block
GET H2	200	/ www.google.com/pagead/1p-user-list/940292856/	42 B 548 B	141ms 53ms	Image image/gif	2a00:1450:4001:810::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/940292856/?random=1669747245597&cv=11&fst=1669744800000&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.paymode.com%2FUMASS&tiba=The%20University%20of%20Massachusetts%20Chooses%20Paymode-X&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2164262205&rmt_tld=0&ipr=y Requested by Host: www.paymode.com URL: https://www.paymode.com/UMASS Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.paymode.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers pragma no-cache date Tue, 29 Nov 2022 18:40:46 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.de/pagead/1p-user-list/940292856/	42 B 548 B	134ms 51ms	Image image/gif	2a00:1450:4001:806::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-user-list/940292856/?random=1669747245597&cv=11&fst=1669744800000&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.paymode.com%2FUMASS&tiba=The%20University%20of%20Massachusetts%20Chooses%20Paymode-X&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2164262205&rmt_tld=1&ipr=y Requested by Host: www.paymode.com URL: https://www.paymode.com/UMASS Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.paymode.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers pragma no-cache date Tue, 29 Nov 2022 18:40:46 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	204 No Content	tap.php pixel.rubiconproject.com/ Frame 3C3F	0 239 B	54ms 8ms	Image image/gif	69.173.144.165 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=60026386-522e-4100-af11-951a557f9d58&expires=28 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://pixel.mathtag.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers Content-Type image/gif Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate X-RPHost 8f052d4f888ae4e0626c5f819879cacd P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H2	200	pixel cm.g.doubleclick.net/ Frame 3C3F Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_cm&google_hm=YAJjhlIuQQCvEZUaVX-dWA https://sync.mathtag.com/sync/img?mt_exid=4&mt_ec=64ws&mt_exuid=&google_gid=CAESEPu-89cdPorL4-1UQTa_RXQ&google_cver=1 https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=YAJjhlIuQQCvEZUaVX-dWA	170 B 243 B	51ms 50ms	Image image/png	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=YAJjhlIuQQCvEZUaVX-dWA Protocol H2 Server 216.58.212.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pixel.mathtag.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers pragma no-cache date Tue, 29 Nov 2022 18:40:46 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Date Tue, 29 Nov 2022 18:40:46 GMT Server MT3 169 32252b7 master cdg-pixel-x16 config:1.0.0 Content-Type image/gif Access-Control-Allow-Origin * location https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=YAJjhlIuQQCvEZUaVX-dWA P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Cache-Control no-cache Connection keep-alive Keep-Alive timeout=360 Content-Length 0 Expires Tue, 29 Nov 2022 18:40:45 GMT
GET H/1.1	200 OK	img sync.mathtag.com/sync/ Frame 3C3F Redirect Chain https://ib.adnxs.com/getuid?https://sync.mathtag.com/sync/img?mt_exid=13&mt_mminit=1&mt_exuid=$UID https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fmt_exid%3D13%26mt_mminit%3D1%26mt_exuid%3D%24UID https://sync.mathtag.com/sync/img?mt_exid=13&mt_mminit=1&mt_exuid=8371488936781314676	43 B 429 B	21ms 21ms	Image image/gif	185.29.134.244 MEDIAMATH-INC
General Check archive.org Show headers Download Go to Show image Full URL https://sync.mathtag.com/sync/img?mt_exid=13&mt_mminit=1&mt_exuid=8371488936781314676 Protocol HTTP/1.1 Server 185.29.134.244 , United Kingdom, ASN30419 (MEDIAMATH-INC, US), Reverse DNS Software MT3 169 32252b7 master cdg-pixel-x30 config:1.0.0 / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://pixel.mathtag.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers Date Tue, 29 Nov 2022 18:40:49 GMT Server MT3 169 32252b7 master cdg-pixel-x30 config:1.0.0 Content-Type image/gif Access-Control-Allow-Origin * P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Cache-Control no-cache Connection keep-alive Keep-Alive timeout=360 Content-Length 43 Expires Tue, 29 Nov 2022 18:40:48 GMT Redirect headers Pragma no-cache Date Tue, 29 Nov 2022 18:40:49 GMT AN-X-Request-Uuid c7cf0341-3ab8-487d-af1b-0a29d40df0ac Server nginx/1.21.3 Content-Type text/html; charset=utf-8 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin * Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Location https://sync.mathtag.com/sync/img?mt_exid=13&mt_mminit=1&mt_exuid=8371488936781314676 Connection keep-alive X-Proxy-Origin 185.213.155.169; 185.213.155.169; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	Pug image2.pubmatic.com/AdServer/ Frame 3C3F	42 B 553 B	402ms 17ms	Image image/gif	185.64.190.80 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA=&piggybackCookie=uid:60026386-522e-4100-af11-951a557f9d58 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language de-DE,de;q=0.9 Referer https://pixel.mathtag.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers content-type image/gif; charset=utf-8 date Tue, 29 Nov 2022 18:40:49 GMT cache-control no-store, no-cache, private server nginx content-length 42 p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
GET H2	200	sd eu-u.openx.net/w/1.0/ Frame 3C3F	43 B 273 B	429ms 42ms	Image image/gif	35.244.159.8 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://eu-u.openx.net/w/1.0/sd?id=536872786&val=60026386-522e-4100-af11-951a557f9d58 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 8.159.244.35.bc.googleusercontent.com Software OXGW/0.0.0 / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers accept-language de-DE,de;q=0.9 Referer https://pixel.mathtag.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers pragma no-cache date Tue, 29 Nov 2022 18:40:49 GMT via 1.1 google server OXGW/0.0.0 vary Accept content-type image/gif p3p CP="CUR ADM OUR NOR STA NID" cache-control private, max-age=0, no-cache alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 43 expires Mon, 26 Jul 1997 05:00:00 GMT
GET H2	200	match ad.360yield.com/ul_cb/ Frame 3C3F Redirect Chain https://ad.360yield.com/match?publisher_dsp_id=5&external_user_id=60026386-522e-4100-af11-951a557f9d58 https://ad.360yield.com/ul_cb/match?publisher_dsp_id=5&external_user_id=60026386-522e-4100-af11-951a557f9d58	43 B 443 B	33ms 32ms	Image image/gif	54.220.31.180 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ad.360yield.com/ul_cb/match?publisher_dsp_id=5&external_user_id=60026386-522e-4100-af11-951a557f9d58 Protocol H2 Server 54.220.31.180 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-220-31-180.eu-west-1.compute.amazonaws.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers accept-language de-DE,de;q=0.9 Referer https://pixel.mathtag.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers access-control-allow-origin * date Tue, 29 Nov 2022 18:40:49 GMT content-type image/gif content-length 43 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Redirect headers location https://ad.360yield.com/ul_cb/match?publisher_dsp_id=5&external_user_id=60026386-522e-4100-af11-951a557f9d58 date Tue, 29 Nov 2022 18:40:49 GMT content-type text/plain content-length 0 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame 3C3F Redirect Chain https://dsum-sec.casalemedia.com/rum?cm_dsp_id=3&external_user_id=60026386-522e-4100-af11-951a557f9d58 https://dsum-sec.casalemedia.com/rum?cm_dsp_id=3&external_user_id=60026386-522e-4100-af11-951a557f9d58&C=1	43 B 766 B	7ms 7ms	Image image/gif	185.80.39.216 CASALE-MEDIA
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=3&external_user_id=60026386-522e-4100-af11-951a557f9d58&C=1 Protocol HTTP/1.1 Server 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA), Reverse DNS Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://pixel.mathtag.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers Pragma no-cache Date Tue, 29 Nov 2022 18:40:49 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Content-Type image/gif Cache-Control no-cache Connection Keep-Alive Keep-Alive timeout=1, max=499 Content-Length 43 Expires 0 Redirect headers Pragma no-cache Date Tue, 29 Nov 2022 18:40:49 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Location /rum?cm_dsp_id=3&external_user_id=60026386-522e-4100-af11-951a557f9d58&C=1 Cache-Control no-cache Connection Keep-Alive Keep-Alive timeout=1, max=500 Content-Length 0 Expires 0
GET H2	204	sync ups.analytics.yahoo.com/ups/55938/ Frame 3C3F Redirect Chain https://ups.analytics.yahoo.com/ups/55938/sync?uid=60026386-522e-4100-af11-951a557f9d58&_origin=1 https://ups.analytics.yahoo.com/ups/55938/sync?uid=60026386-522e-4100-af11-951a557f9d58&_origin=1&verify=true	0 121 B	11ms 11ms	Image text/plain	18.156.0.31 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ups.analytics.yahoo.com/ups/55938/sync?uid=60026386-522e-4100-af11-951a557f9d58&_origin=1&verify=true Protocol H2 Server 18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-0-31.eu-central-1.compute.amazonaws.com Software ATS/9.1.10.25 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://pixel.mathtag.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Tue, 29 Nov 2022 18:40:49 GMT strict-transport-security max-age=31536000 server ATS/9.1.10.25 age 0 p3p CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV Redirect headers location https://ups.analytics.yahoo.com/ups/55938/sync?uid=60026386-522e-4100-af11-951a557f9d58&_origin=1&verify=true date Tue, 29 Nov 2022 18:40:49 GMT strict-transport-security max-age=31536000 server ATS/9.1.10.25 age 0 content-length 0 p3p CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
GET H2	200	4448 stags.bluekai.com/site/ Frame 3C3F	62 B 459 B	759ms 371ms	Image image/gif	104.76.200.221 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://stags.bluekai.com/site/4448?id=60026386-522e-4100-af11-951a557f9d58 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.76.200.221 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-76-200-221.deploy.static.akamaitechnologies.com Software / Resource Hash 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80 Request headers accept-language de-DE,de;q=0.9 Referer https://pixel.mathtag.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml" date Tue, 29 Nov 2022 18:40:49 GMT content-length 62 content-type image/gif
GET H/1.1	200 OK	bswsync crb.kargo.com/api/v1/ Frame 3C3F Redirect Chain https://x.bidswitch.net/sync?dsp_id=80&user_id=60026386-522e-4100-af11-951a557f9d58&expires=30 https://crb.kargo.com/api/v1/bswsync?bsw_uuid=&dsp_uuid=60026386-522e-4100-af11-951a557f9d58&dsp_id=80&krg_ids=&gdpr=&gdpr_consent=&us_privacy=	43 B 360 B	54ms 8ms	Image image/gif	18.158.116.121 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://crb.kargo.com/api/v1/bswsync?bsw_uuid=&dsp_uuid=60026386-522e-4100-af11-951a557f9d58&dsp_id=80&krg_ids=&gdpr=&gdpr_consent=&us_privacy= Protocol HTTP/1.1 Server 18.158.116.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-116-121.eu-central-1.compute.amazonaws.com Software / Resource Hash 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363 Request headers accept-language de-DE,de;q=0.9 Referer https://pixel.mathtag.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers Pragma no-cache Date Tue, 29 Nov 2022 18:40:49 GMT X-Accel-Expires 0 Vary Origin Content-Type image/gif Cache-Control no-cache, no-store, must-revalidate, private, max-age=0 Connection keep-alive Krk-Reject-Reason consent Content-Length 43 Expires Thu, 01 Jan 1970 00:00:00 UTC Redirect headers location //crb.kargo.com/api/v1/bswsync?bsw_uuid=&dsp_uuid=60026386-522e-4100-af11-951a557f9d58&dsp_id=80&krg_ids=&gdpr=&gdpr_consent=&us_privacy= date Tue, 29 Nov 2022 18:40:49 GMT cache-control no-cache, no-store, must-revalidate content-length 0
GET H/1.1	200 OK	img pixel.mathtag.com/misc/ Frame 3C3F	43 B 655 B	23ms 19ms	Image image/gif	88.221.168.207 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.mathtag.com/misc/img?mop_seq=10:30&mt_cb=809896&mop_top=9:1669745785|4:1669745785|13:1669745785|3:1669745785|5:1669745785|276:1669745785|15:1669745785|21:1669745785|10010:1669745785|46:1669745785| Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 88.221.168.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a88-221-168-207.deploy.static.akamaitechnologies.com Software MT3 169 32252b7 master cdg-pixel-x16 config:1.0.0 / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://pixel.mathtag.com/sync/iframe?mt_uuid=60026386-522e-4100-af11-951a557f9d58&no_iframe=1&mt_adid=248753&source=mathtag User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers Date Tue, 29 Nov 2022 18:40:48 GMT Server MT3 169 32252b7 master cdg-pixel-x16 config:1.0.0 P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Access-Control-Allow-Origin * Content-Type image/gif Cache-Control no-cache Connection keep-alive Content-Length 43 Expires Tue, 29 Nov 2022 18:40:47 GMT
GET H2	451	361087.gif idsync.rlcdn.com/ Frame 3C3F	0 98 B	428ms 41ms	Image text/plain	35.244.174.68 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://idsync.rlcdn.com/361087.gif?partner_uid=60026386-522e-4100-af11-951a557f9d58 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 68.174.244.35.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://pixel.mathtag.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Tue, 29 Nov 2022 18:40:49 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H/1.1	200 OK	img pixel.mathtag.com/sync/ Frame 3C3F Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=mediamath_dmp&google_cm https://pixel.mathtag.com/sync/img?mt_exid=10074&google_gid=CAESECOY3El5k0xtTcMx31YBkPg&google_cver=1	43 B 404 B	23ms 22ms	Image image/gif	88.221.168.207 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.mathtag.com/sync/img?mt_exid=10074&google_gid=CAESECOY3El5k0xtTcMx31YBkPg&google_cver=1 Protocol HTTP/1.1 Server 88.221.168.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a88-221-168-207.deploy.static.akamaitechnologies.com Software MT3 169 32252b7 master cdg-pixel-x35 config:1.0.0 / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://pixel.mathtag.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers Date Tue, 29 Nov 2022 18:40:48 GMT Server MT3 169 32252b7 master cdg-pixel-x35 config:1.0.0 P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Access-Control-Allow-Origin * Content-Type image/gif Cache-Control no-cache Connection keep-alive Content-Length 43 Expires Tue, 29 Nov 2022 18:40:47 GMT Redirect headers pragma no-cache date Tue, 29 Nov 2022 18:40:48 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://pixel.mathtag.com/sync/img?mt_exid=10074&google_gid=CAESECOY3El5k0xtTcMx31YBkPg&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 306 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	check pixel.tapad.com/idsync/ex/receive/ Frame 3C3F Redirect Chain https://pixel.tapad.com/idsync/ex/receive?partner_id=2989&partner_device_id=60026386-522e-4100-af11-951a557f9d58 https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2989&partner_device_id=60026386-522e-4100-af11-951a557f9d58	95 B 122 B	73ms 40ms	Image image/png	35.227.248.159 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2989&partner_device_id=60026386-522e-4100-af11-951a557f9d58 Protocol H3 Server 35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 159.248.227.35.bc.googleusercontent.com Software / Resource Hash 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://pixel.mathtag.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Tue, 29 Nov 2022 18:40:49 GMT strict-transport-security max-age=31536000 via 1.1 google accept-ch Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 content-type image/png p3p policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 95 Redirect headers date Tue, 29 Nov 2022 18:40:49 GMT strict-transport-security max-age=31536000 via 1.1 google accept-ch Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 p3p policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" location https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2989&partner_device_id=60026386-522e-4100-af11-951a557f9d58 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H/1.1	200 OK	us.gif sync.go.sonobi.com/ Frame 3C3F	49 B 535 B	433ms 104ms	Image image/gif	69.166.1.12 AS-XFERNET
General Check archive.org Show headers Download Go to Show image Full URL https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=60026386-522e-4100-af11-951a557f9d58 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 69.166.1.12 , United States, ASN27630 (AS-XFERNET, US), Reverse DNS Software sonobi-go / Resource Hash 8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pixel.mathtag.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers Pragma no-cache Date Tue, 29 Nov 2022 18:40:49 GMT Server sonobi-go Vary negotiate,Accept-Encoding X-Go-Server go-iad-2-5-152 Content-Type image/gif P3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Cache-Control no-cache, no-store, private Tcn Choice Content-Length 49 X-Xss-Protection 0 Expires Sat, 26 Jul 1997 05:00:00 GMT
GET H/1.1	200 OK	user-registering ads.stickyadstv.com/ Frame 3C3F	43 B 700 B	463ms 17ms	Image image/gif	2.21.20.202 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=60026386-522e-4100-af11-951a557f9d58&redirectId=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.21.20.202 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-21-20-202.deploy.static.akamaitechnologies.com Software nginx / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers accept-language de-DE,de;q=0.9 Referer https://pixel.mathtag.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers Pragma no-cache Date Tue, 29 Nov 2022 18:40:49 GMT Server nginx Content-Type image/gif Access-Control-Allow-Origin * Cache-Control max-age=0, no-cache, no-store Access-Control-Allow-Credentials true Connection keep-alive Content-Length 43 x-sticky-vk 1669747249542027-518 Expires Tue, 29 Nov 2022 18:40:49 GMT
GET H/1.1	204 No Content	merge ce.lijit.com/ Frame 3C3F	0 311 B	63ms 14ms	Image text/plain	216.52.2.19 SINGLEHOP-LLC
General Check archive.org Show headers Download Go to Show image Full URL https://ce.lijit.com/merge?pid=3&3pid=60026386-522e-4100-af11-951a557f9d58 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 216.52.2.19 , United States, ASN32475 (SINGLEHOP-LLC, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://pixel.mathtag.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers Expires Fri, 20 Mar 2009 00:00:00 GMT Pragma no-cache Date Tue, 29 Nov 2022 18:40:49 GMT X-MERGE GDPR Optout true Cache-Control private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0 X-Sovrn-Pod ad_ap4ams1 P3P CP="CUR ADM OUR NOR STA NID"
GET H/1.1	200 OK	/ rtb-csync.smartadserver.com/redir/ Frame 3C3F	43 B 163 B	57ms 17ms	Image image/gif	185.86.137.133 SMARTADSERVER
General Check archive.org Show headers Download Go to Show image Full URL https://rtb-csync.smartadserver.com/redir/?partnerid=25&partneruserid=60026386-522e-4100-af11-951a557f9d58 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.86.137.133 , France, ASN201081 (SMARTADSERVER, FR), Reverse DNS Software / Resource Hash 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7 Request headers accept-language de-DE,de;q=0.9 Referer https://pixel.mathtag.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Tue, 29 Nov 2022 18:40:48 GMT transfer-encoding chunked content-type image/gif
GET H/1.1	200 OK	info2 uip.semasio.net/mediamath/1/ Frame 3C3F Redirect Chain https://uip.semasio.net/mediamath/1/info?sType=sync&sExtCookieId=60026386-522e-4100-af11-951a557f9d58&sInitiator=external https://uip.semasio.net/mediamath/1/info2?sType=sync&sExtCookieId=60026386-522e-4100-af11-951a557f9d58&sInitiator=external	42 B 254 B	859ms 859ms	Image image/gif	77.243.60.138 NETIC-AS
General Check archive.org Show headers Download Go to Show image Full URL https://uip.semasio.net/mediamath/1/info2?sType=sync&sExtCookieId=60026386-522e-4100-af11-951a557f9d58&sInitiator=external Protocol HTTP/1.1 Server 77.243.60.138 , Denmark, ASN42697 (NETIC-AS, DK), Reverse DNS Software / Resource Hash 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12 Request headers accept-language de-DE,de;q=0.9 Referer https://pixel.mathtag.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers access-control-allow-origin * uip-response-status FallbackResponse date Tue, 29 Nov 2022 18:40:58 GMT frontend-id 15 content-length 42 routing-server-id -1 content-type image/gif Redirect headers pragma no-cache date Tue, 29 Nov 2022 18:40:57 GMT frontend-id 0 p3p policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT" location /mediamath/1/info2?sType=sync&sExtCookieId=60026386-522e-4100-af11-951a557f9d58&sInitiator=external uip-response-status Ok cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 access-control-allow-origin * content-length 0 routing-server-id -1 expires Sat, 01 Jan 2011 12:00:00 GMT
GET H/1.1	200	partner sync.search.spotxchange.com/ Frame 3C3F Redirect Chain https://sync.search.spotxchange.com/partner?adv_id=6653&uid=60026386-522e-4100-af11-951a557f9d58 https://sync.search.spotxchange.com/partner?adv_id=6653&uid=60026386-522e-4100-af11-951a557f9d58&__user_check__=1&sync_id=5810fe13-7015-11ed-984f-13ae17dc0206	43 B 549 B	17ms 17ms	Image image/gif	185.94.180.125 SPOTX-AMS
General Check archive.org Show headers Download Go to Show image Full URL https://sync.search.spotxchange.com/partner?adv_id=6653&uid=60026386-522e-4100-af11-951a557f9d58&__user_check__=1&sync_id=5810fe13-7015-11ed-984f-13ae17dc0206 Protocol HTTP/1.1 Server 185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US), Reverse DNS Software nginx / Resource Hash e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e Request headers accept-language de-DE,de;q=0.9 Referer https://pixel.mathtag.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers Date Tue, 29 Nov 2022 18:40:49 GMT Server nginx Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type image/gif Access-Control-Allow-Origin * Cache-Control no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 Access-Control-Allow-Credentials false X-fe 113 Connection keep-alive Content-Length 43 Redirect headers Date Tue, 29 Nov 2022 18:40:49 GMT Server nginx Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type text/plain Location /partner?adv_id=6653&uid=60026386-522e-4100-af11-951a557f9d58&__user_check__=1&sync_id=5810fe13-7015-11ed-984f-13ae17dc0206 Access-Control-Allow-Origin * Cache-Control no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 Access-Control-Allow-Credentials false X-fe 43 Connection keep-alive Content-Length 0
GET H2	200	mw mwzeom.zeotap.com/ Frame 3C3F	95 B 383 B	58ms 40ms	Image image/png	2606:4700:10::6816:1957 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://mwzeom.zeotap.com/mw?cid=60026386-522e-4100-af11-951a557f9d58&env=mWeb&zpartnerid=979&zdid=979 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517 Request headers accept-language de-DE,de;q=0.9 Referer https://pixel.mathtag.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Tue, 29 Nov 2022 18:40:49 GMT via 1.1 google cf-cache-status DYNAMIC server cloudflare vary Origin content-type image/png access-control-allow-origin https://pixel.mathtag.com access-control-allow-credentials true cf-ray 771d795359a8927f-FRA access-control-allow-headers * content-length 95
GET H/1.1	200 OK	img pixel.mathtag.com/misc/ Frame 3C3F	43 B 810 B	22ms 22ms	Image image/gif	88.221.168.207 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.mathtag.com/misc/img?mop_seq=20:30&mt_cb=311818&mop_top=9:1669745785|4:1669745785|13:1669745785|3:1669745785|5:1669745785|276:1669745785|15:1669745785|21:1669745785|10010:1669745785|46:1669745785|10017:1669745785|10074:1669745785|10072:1669745785|42:1669745785|44:1669745785|17:1669745785|39:1669745785|10041:1669745785|30:1669745785|10092:1669745785| Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 88.221.168.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a88-221-168-207.deploy.static.akamaitechnologies.com Software MT3 169 32252b7 master cdg-pixel-x10 config:1.0.0 / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://pixel.mathtag.com/sync/iframe?mt_uuid=60026386-522e-4100-af11-951a557f9d58&no_iframe=1&mt_adid=248753&source=mathtag User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers Date Tue, 29 Nov 2022 18:40:49 GMT Server MT3 169 32252b7 master cdg-pixel-x10 config:1.0.0 P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Access-Control-Allow-Origin * Content-Type image/gif Cache-Control no-cache Connection keep-alive Content-Length 43 Expires Tue, 29 Nov 2022 18:40:48 GMT
GET H2	204	/ loadm.exelator.com/load/ Frame 3C3F	0 324 B	191ms 70ms	Image text/plain	34.254.143.3 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://loadm.exelator.com/load/?p=204&g=101&buid=60026386-522e-4100-af11-951a557f9d58&j=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.254.143.3 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-254-143-3.eu-west-1.compute.amazonaws.com Software nginx / Undertow/1 Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://pixel.mathtag.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Tue, 29 Nov 2022 18:40:49 GMT cache-control no-cache access-control-allow-credentials true server nginx x-powered-by Undertow/1 p3p policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
GET H2	200	tpui ih.adscale.de/adscale-ih/ Frame 3C3F Redirect Chain https://ih.adscale.de/adscale-ih/tpui?tpid=39&tpuid=60026386-522e-4100-af11-951a557f9d58 https://ih.adscale.de/adscale-ih/tpui?tpid=39&tpuid=60026386-522e-4100-af11-951a557f9d58&nut&uu=3fdbc7d2d4e84976b923068abe16a751	49 B 332 B	8ms 8ms	Image image/gif	18.192.184.196 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ih.adscale.de/adscale-ih/tpui?tpid=39&tpuid=60026386-522e-4100-af11-951a557f9d58&nut&uu=3fdbc7d2d4e84976b923068abe16a751 Protocol H2 Server 18.192.184.196 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-192-184-196.eu-central-1.compute.amazonaws.com Software / Resource Hash 68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17 Request headers accept-language de-DE,de;q=0.9 Referer https://pixel.mathtag.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers p3p CP=NOI PSA OUR date Tue, 29 Nov 2022 18:40:49 GMT content-length 49 content-type image/gif Redirect headers location https://ih.adscale.de/adscale-ih/tpui?tpid=39&tpuid=60026386-522e-4100-af11-951a557f9d58&nut&uu=3fdbc7d2d4e84976b923068abe16a751 date Tue, 29 Nov 2022 18:40:49 GMT content-length 0
GET H3	200	sync ad.sxp.smartclip.net/ Frame 3C3F Redirect Chain https://ad.sxp.smartclip.net/sync?type=host&dsp=40&dspuuid=60026386-522e-4100-af11-951a557f9d58 https://ad.sxp.smartclip.net/sync?type=host&dsp=40&dspuuid=60026386-522e-4100-af11-951a557f9d58&ang_testid=1	42 B 60 B	56ms 22ms	Image image/gif	35.186.194.101 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ad.sxp.smartclip.net/sync?type=host&dsp=40&dspuuid=60026386-522e-4100-af11-951a557f9d58&ang_testid=1 Protocol H3 Server 35.186.194.101 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 101.194.186.35.bc.googleusercontent.com Software openresty/1.19.9.1 / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language de-DE,de;q=0.9 Referer https://pixel.mathtag.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Tue, 29 Nov 2022 18:40:49 GMT via 1.1 google server openresty/1.19.9.1 p3p CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" content-type image/gif access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 Redirect headers date Tue, 29 Nov 2022 18:40:49 GMT via 1.1 google server openresty/1.19.9.1 p3p CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://ad.sxp.smartclip.net/sync?type=host&dsp=40&dspuuid=60026386-522e-4100-af11-951a557f9d58&ang_testid=1 access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H2	204	usync su.addthis.com/red/ Frame 3C3F	0 95 B	1088ms 314ms	Image text/plain	23.35.236.122
General Check archive.org Show headers Download Go to Show image Full URL https://su.addthis.com/red/usync?pid=11112&puid=60026386-522e-4100-af11-951a557f9d58 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.35.236.122 -, , ASN (), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://pixel.mathtag.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers pragma no-cache date Tue, 29 Nov 2022 18:40:50 GMT cache-control max-age=0, no-cache, no-store, no-transform
GET H2	204	usermatch.gif beacon.krxd.net/ Frame 3C3F Redirect Chain https://usermatch.krxd.net/um/v2?partner=mediamath https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=mediamath	0 338 B	159ms 28ms	Image text/plain	34.248.152.66
General Check archive.org Show headers Download Go to Show image Full URL https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=mediamath Protocol H2 Server 34.248.152.66 -, , ASN (), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://pixel.mathtag.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers x-served-by beacon-n024-dub-prod.krxd.net date Tue, 29 Nov 2022 18:40:49 GMT cache-control private, no-cache, no-store x-request-time D=34 t=1669747249 p3p policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC" Redirect headers location https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=mediamath date Tue, 29 Nov 2022 18:40:49 GMT x-cache-hits 0 x-age 0 content-length 0 x-cache MISS x-served-by usermatch-a010-ash-prod.krxd.net
GET H/1.1	200 OK	37464 i6.liadm.com/s/ Frame 3C3F Redirect Chain https://i.liadm.com/s/37464?bidder_id=7156&bidder_uuid=60026386-522e-4100-af11-951a557f9d58 https://i.liadm.com/s/37464?bidder_id=7156&bidder_uuid=60026386-522e-4100-af11-951a557f9d58&_li_chk=true&previous_uuid=0c0048bd230c47b182ac14cbfadee727 https://i6.liadm.com/s/37464?bidder_id=7156&bidder_uuid=60026386-522e-4100-af11-951a557f9d58	43 B 436 B	324ms 107ms	Image image/gif	2600:1f18:ed:550e:f30a:a9f9:b22a:c32a
General Check archive.org Show headers Download Go to Show image Full URL https://i6.liadm.com/s/37464?bidder_id=7156&bidder_uuid=60026386-522e-4100-af11-951a557f9d58 Protocol HTTP/1.1 Server 2600:1f18:ed:550e:f30a:a9f9:b22a:c32a -, , ASN (), Reverse DNS Software / Resource Hash caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://pixel.mathtag.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers Date Tue, 29 Nov 2022 18:40:50 GMT Cache-Control no-store Strict-Transport-Security max-age=31536000; includeSubDomains Connection keep-alive Content-Length 43 Request-Time 0 Content-Type image/gif Redirect headers Location https://i6.liadm.com/s/37464?bidder_id=7156&bidder_uuid=60026386-522e-4100-af11-951a557f9d58 Date Tue, 29 Nov 2022 18:40:49 GMT Strict-Transport-Security max-age=31536000; includeSubDomains Connection keep-alive Content-Length 0 Request-Time 5
GET H2	200	qmap sync.crwdcntrl.net/ Frame 3C3F Redirect Chain https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=60026386-522e-4100-af11-951a557f9d58 https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=60026386-522e-4100-af11-951a557f9d58&ct=y	49 B 542 B	37ms 37ms	Image image/gif	3.248.128.187 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=60026386-522e-4100-af11-951a557f9d58&ct=y Protocol H2 Server 3.248.128.187 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-248-128-187.eu-west-1.compute.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef Request headers accept-language de-DE,de;q=0.9 Referer https://pixel.mathtag.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers pragma no-cache date Tue, 29 Nov 2022 18:40:49 GMT server Jetty(9.4.38.v20210224) content-type image/gif p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV access-control-allow-origin * cache-control no-cache x-server 10.45.17.94 content-length 49 expires 0 Redirect headers pragma no-cache date Tue, 29 Nov 2022 18:40:49 GMT server Jetty(9.4.38.v20210224) p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV location https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=60026386-522e-4100-af11-951a557f9d58&ct=y cache-control no-cache x-server 10.45.22.51 content-length 0 expires 0
GET H/1.1	200 OK	demconf.jpg dpm.demdex.net/ Frame 3C3F Redirect Chain https://dpm.demdex.net/ibs:dpid=269&dpuuid=60026386-522e-4100-af11-951a557f9d58 https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=269&dpuuid=60026386-522e-4100-af11-951a557f9d58	42 B 940 B	111ms 111ms	Image image/gif	3.94.223.166
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=269&dpuuid=60026386-522e-4100-af11-951a557f9d58 Protocol HTTP/1.1 Server 3.94.223.166 -, , ASN (), Reverse DNS Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://pixel.mathtag.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers DCS dcs-prod-va6-1-v044-040e48efa.edge-va6.demdex.com 1 ms Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains content-encoding gzip X-Content-Type-Options nosniff X-TID vYj1++wFRJI= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Content-Type image/gif Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Length 59 Expires Thu, 01 Jan 1970 00:00:00 UTC Redirect headers DCS dcs-prod-va6-1-v044-08a182b63.edge-va6.demdex.com 0 ms Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains X-TID k1NN3pnsSiw= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Location https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=269&dpuuid=60026386-522e-4100-af11-951a557f9d58 Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Length 0 Expires Thu, 01 Jan 1970 00:00:00 UTC
GET H/1.1	200 OK	/ pixel.mathtag.com/sync/img/ Frame 3C3F Redirect Chain https://aa.agkn.com/adscores/g.pixel?sid=9211132948&mt=60026386-522e-4100-af11-951a557f9d58 https://d.agkn.com/pixel/10751/?che=1669747249410&ip=185.213.155.169&l1=https%3A%2F%2Fpixel.mathtag.com%2Fsync%2Fimg%2F%3Fmt_exid%3D10009%26mt_exuid%3D https://pixel.mathtag.com/sync/img/?mt_exid=10009&mt_exuid=	43 B 404 B	18ms 18ms	Image image/gif	88.221.168.207 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.mathtag.com/sync/img/?mt_exid=10009&mt_exuid= Protocol HTTP/1.1 Server 88.221.168.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a88-221-168-207.deploy.static.akamaitechnologies.com Software MT3 169 32252b7 master cdg-pixel-x34 config:1.0.0 / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://pixel.mathtag.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers Date Tue, 29 Nov 2022 18:40:49 GMT Server MT3 169 32252b7 master cdg-pixel-x34 config:1.0.0 P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Access-Control-Allow-Origin * Content-Type image/gif Cache-Control no-cache Connection keep-alive Content-Length 43 Expires Tue, 29 Nov 2022 18:40:48 GMT Redirect headers Pragma no-cache Date Tue, 29 Nov 2022 18:40:49 GMT Server Apache-Coyote/1.1 P3P CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Location https://pixel.mathtag.com/sync/img/?mt_exid=10009&mt_exuid= Cache-Control no-cache, must-revalidate Connection keep-alive Content-Length 0 Expires Sat, 01 Jan 2000 00:00:00 GMT
GET H/1.1	200	9.gif id5-sync.com/s/3/ Frame 3C3F	43 B 1 KB	33ms 9ms	Image image/gif	162.19.138.82 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://id5-sync.com/s/3/9.gif?puid=60026386-522e-4100-af11-951a557f9d58 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.19.138.82 , France, ASN16276 (OVH, FR), Reverse DNS ns31532337.ip-162-19-138.eu Software / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://pixel.mathtag.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers content-type image/gif;charset=UTF-8 date Tue, 29 Nov 2022 18:40:48 GMT strict-transport-security max-age=63072000; includeSubDomains; preload vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers transfer-encoding chunked p3p CP="CAO PSA OUR"
GET H/1.1	200 OK	img pixel.mathtag.com/misc/ Frame 3C3F	43 B 971 B	20ms 20ms	Image image/gif	88.221.168.207 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.mathtag.com/misc/img?mop_seq=30:30&mt_cb=648665&check=60026386-522e-4100-af11-951a557f9d58&mop_top=9:1669745785|4:1669745785|13:1669745785|3:1669745785|5:1669745785|276:1669745785|15:1669745785|21:1669745785|10010:1669745785|46:1669745785|10017:1669745785|10074:1669745785|10072:1669745785|42:1669745785|44:1669745785|17:1669745785|39:1669745785|10041:1669745785|30:1669745785|10092:1669745785|10008:1669745785|26:1669745785|50:1669745785|10025:1669745785|10031:1669745785|36:1669745785|10040:1669745785|10004:1669745785|10009:1669745785|10089:1669745785| Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 88.221.168.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a88-221-168-207.deploy.static.akamaitechnologies.com Software MT3 169 32252b7 master cdg-pixel-x32 config:1.0.0 / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://pixel.mathtag.com/sync/iframe?mt_uuid=60026386-522e-4100-af11-951a557f9d58&no_iframe=1&mt_adid=248753&source=mathtag User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers Date Tue, 29 Nov 2022 18:40:49 GMT Server MT3 169 32252b7 master cdg-pixel-x32 config:1.0.0 P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Access-Control-Allow-Origin * Content-Type image/gif Cache-Control no-cache Connection keep-alive Content-Length 43 Expires Tue, 29 Nov 2022 18:40:48 GMT