testadvertiser002.com Open in urlscan Pro
213.186.33.17 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://testadvertiser002.com/
Submission: On October 20 via api (October 20th 2022, 5:44:30 am UTC) from US — Scanned from FR

Summary HTTP 33 Redirects Behaviour Indicators

Summary

This website contacted 29 IPs in 8 countries across 29 domains to perform 33 HTTP transactions. The main IP is 213.186.33.17, located in France and belongs to OVH, FR. The main domain is testadvertiser002.com.

This is the only time testadvertiser002.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	213.186.33.17 213.186.33.17	16276 (OVH) (OVH)
1	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4 5	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	3.124.0.46 3.124.0.46	16509 (AMAZON-02) (AMAZON-02)
2 2	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
2 2	185.89.210.90 185.89.210.90	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1 2	52.212.100.153 52.212.100.153	16509 (AMAZON-02) (AMAZON-02)
1	2.18.235.93 2.18.235.93	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.158.247.186 18.158.247.186	16509 (AMAZON-02) (AMAZON-02)
1	70.42.32.159 70.42.32.159	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	3.65.142.183 3.65.142.183	16509 (AMAZON-02) (AMAZON-02)
1	185.86.139.114 185.86.139.114	201081 (SMARTADSE...) (SMARTADSERVER)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	23.11.239.181 23.11.239.181	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1 2	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
1	37.157.4.28 37.157.4.28	198622 (ADFORM) (ADFORM)
1	185.255.84.152 185.255.84.152	200271 (IGUANE-) (IGUANE-)
1 2	34.242.116.160 34.242.116.160	16509 (AMAZON-02) (AMAZON-02)
1	141.95.98.65 141.95.98.65	16276 (OVH) (OVH)
1	34.117.157.22 34.117.157.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:1f18:612... 2600:1f18:612b:4232:2c9c:1ca6:2cc6:969c	14618 (AMAZON-AES) (AMAZON-AES)
1	96.16.132.239 96.16.132.239	16625 (AKAMAI-AS) (AKAMAI-AS)
1	99.80.140.177 99.80.140.177	16509 (AMAZON-02) (AMAZON-02)
1	18.202.59.106 18.202.59.106	16509 (AMAZON-02) (AMAZON-02)
1	18.219.150.27 18.219.150.27	16509 (AMAZON-02) (AMAZON-02)
33	29

3 213.186.33.17 (France)

ASN16276 (OVH, FR)
PTR: cluster006.ovh.net

testadvertiser002.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:2638::1c (France) 4 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.124.0.46 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-0-46.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.194 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.210.90 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.80.39.216 (Canada) 1 redirects

ASN27381 (CASALE-MEDIA, CA)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.212.100.153 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-100-153.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.158.247.186 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-247-186.eu-central-1.compute.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 70.42.32.159 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.65.142.183 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-65-142-183.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.114 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.11.239.181 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-11-239-181.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.0.31 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.4.28 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.152 (France)

ASN200271 (IGUANE-, FR)

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.242.116.160 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-242-116-160.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com

matching.ivitrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4232:2c9c:1ca6:2cc6:969c (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

criteo-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 96.16.132.239 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-132-239.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.80.140.177 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-140-177.eu-west-1.compute.amazonaws.com

sync-criteo.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.202.59.106 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-202-59-106.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.219.150.27 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-219-150-27.us-east-2.compute.amazonaws.com

s.thebrighttag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	criteo.com 4 redirects gum.criteo.com — Cisco Umbrella Rank: 425 mug.criteo.com — Cisco Umbrella Rank: 2786 sslwidget.criteo.com — Cisco Umbrella Rank: 1809 dis.criteo.com — Cisco Umbrella Rank: 679	13 KB
3	testadvertiser002.com testadvertiser002.com	3 KB
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 214	2 KB
2	yahoo.com 1 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 294	508 B
2	360yield.com 1 redirects ad.360yield.com — Cisco Umbrella Rank: 681	852 B
2	casalemedia.com 1 redirects r.casalemedia.com — Cisco Umbrella Rank: 1351	2 KB
2	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 232	2 KB
2	doubleclick.net 2 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 215	881 B
2	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 303	1 KB
1	thebrighttag.com s.thebrighttag.com — Cisco Umbrella Rank: 1506	268 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 528	338 B
1	yieldmo.com sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 2114	220 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 4441	360 B
1	tremorhub.com criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2159	183 B
1	ivitrack.com matching.ivitrack.com — Cisco Umbrella Rank: 2682	274 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 471	1 KB
1	omnitagjs.com visitor.omnitagjs.com — Cisco Umbrella Rank: 1104	235 B
1	adform.net cm.adform.net — Cisco Umbrella Rank: 1496	162 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 373	140 B
1	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 1698	172 B
1	taboola.com sync-t1.taboola.com — Cisco Umbrella Rank: 1296	99 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 640	688 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 554	35 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 347	239 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 706	225 B
1	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 832	145 B
1	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1259	883 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 570	785 B
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 680	14 KB
33	29

	Domain	Requested by
5	gum.criteo.com	4 redirects static.criteo.net
3	testadvertiser002.com	testadvertiser002.com
2	dpm.demdex.net	1 redirects
2	ups.analytics.yahoo.com	1 redirects
2	ad.360yield.com	1 redirects
2	r.casalemedia.com	1 redirects
2	ib.adnxs.com	2 redirects
2	dis.criteo.com
2	cm.g.doubleclick.net	2 redirects
2	x.bidswitch.net	1 redirects
1	s.thebrighttag.com
1	beacon.krxd.net
1	sync-criteo.ads.yieldmo.com
1	ad.yieldlab.net
1	criteo-partners.tremorhub.com
1	matching.ivitrack.com
1	id5-sync.com
1	visitor.omnitagjs.com
1	cm.adform.net
1	eb2.3lift.com
1	criteo-sync.teads.tv
1	sync-t1.taboola.com
1	rtb-csync.smartadserver.com
1	match.sharethrough.com
1	pixel.rubiconproject.com
1	simage2.pubmatic.com
1	sync.outbrain.com
1	exchange.mediavine.com
1	contextual.media.net
1	sslwidget.criteo.com	static.criteo.net
1	mug.criteo.com
1	static.criteo.net	testadvertiser002.com
33	32

This site contains no links.

Subject Issuer	Validity	Valid
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-27` - `2022-11-22`	3 months	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2022-02-20` - `2023-02-22`	a year	crt.sh
exchange.mediavine.com Amazon	`2022-07-06` - `2023-08-04`	a year	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2021-10-24` - `2022-11-24`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.sharethrough.com Amazon	`2022-07-14` - `2023-08-12`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
*.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
teads.tv R3	`2022-08-17` - `2022-11-15`	3 months	crt.sh
*.3lift.com Amazon	`2022-05-13` - `2023-06-11`	a year	crt.sh
*.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-05-18` - `2023-06-16`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-21` - `2023-07-21`	a year	crt.sh
*.id5-sync.com R3	`2022-08-18` - `2022-11-16`	3 months	crt.sh
itm.ivitrack.com R3	`2022-10-06` - `2023-01-04`	3 months	crt.sh
*.tremorhub.com Amazon	`2022-03-24` - `2023-04-22`	a year	crt.sh
*.yieldlab.net DigiCert SHA2 Secure Server CA	`2022-01-14` - `2023-01-13`	a year	crt.sh
*.ads.yieldmo.com Amazon	`2022-06-02` - `2023-07-01`	a year	crt.sh

This page contains 3 frames:

Primary Page: http://testadvertiser002.com/
Frame ID: 6492FCC2F23F3D8E4226CA7CCA4EA6C3
Requests: 5 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=testadvertiser002.com&origin=onetag
Frame ID: ED80B07A8577E12BB7C59CF08894AE6A
Requests: 2 HTTP requests in this frame

Frame: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-kgnEA_Strj2MZPRBxhnedXB6krvGP9-OT7cuig&expires=30
Frame ID: 914480344A83330FD7E45EB0BCF51FC9
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

advertiser002

Detected technologies

Criteo (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

//static\.criteo\.net/js/ld/ld\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

33
Requests

58 %
HTTPS

10 %
IPv6

29
Domains

32
Subdomains

29
IPs

8
Countries

37 kB
Transfer

69 kB
Size

37
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://gum.criteo.com/sid/json?origin=onetag&domain=testadvertiser002.com&sn=ChromeSyncframe&so=0&topUrl=testadvertiser002.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=mGX4C3x1aENzMC9DbjZFQ3BvSUdwTVJ5QzVHZFpWZFEySEVVOEFyZjlTU2hNTTcreTAzZW1JdWNPUnllS01FQzZibW9UbHhwWGVNcndBRXJCblFMR2FqQ0M1S0VBNmNzM0pINERJcHpLUUZGSW1RcnVwNGxIelc3blFCZ3RvU3B5RGwxRDFmSW1EazEyUWg5NEp1VW9SMmoxbzF4MlJoNU9wcTV4Tklvb1NVa3U3alRtUzR6M1pMUUZvVjhmbWJHMVltNTBVdU9QNjZ2WXVuam9EcGxnL3VsT3E3M1FNRXliYlRaeXdUNC9WY0gvbEhoRnVhOGpXOHVJRkZ3S1JDU1RLZGhyVWxybUp4cnRJUXVKcHVoZisxOHFiN3ZqNlJqWEg3azFnajJXcjJFUzlCTT18&cppv=2

Request Chain 6

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-kgnEA_Strj2MZPRBxhnedXB6krvGP9-OT7cuig&expires=30 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-kgnEA_Strj2MZPRBxhnedXB6krvGP9-OT7cuig&expires=30

Request Chain 7

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-vALIk_Strj2MZPRBxhnedXB6krs9TP5QLjoaLQ&google_cm&google_hm=ay12QUxJa19TdHJqMk1aUFJCeGhuZWRYQjZrcnM5VFA1UUxqb2FMUQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-vALIk_Strj2MZPRBxhnedXB6krs9TP5QLjoaLQ&google_cm=&google_hm=ay12QUxJa19TdHJqMk1aUFJCeGhuZWRYQjZrcnM5VFA1UUxqb2FMUQ&google_tc= HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-vALIk_Strj2MZPRBxhnedXB6krs9TP5QLjoaLQ&google_error=15

Request Chain 8

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=7265484713487815321

Request Chain 9

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-wlB6I_Strj2MZPRBxhnedXB6krtA-Gacaiaoxg HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-wlB6I_Strj2MZPRBxhnedXB6krtA-Gacaiaoxg&C=1

Request Chain 10

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-lIU2M_Strj2MZPRBxhnedXB6krsth6AcL6ES1A HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-lIU2M_Strj2MZPRBxhnedXB6krsth6AcL6ES1A

Request Chain 21

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-ilWv2_Strj2MZPRBxhnedXB6krv7l7OBpOmg3w HTTP 302
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-ilWv2_Strj2MZPRBxhnedXB6krv7l7OBpOmg3w&verify=true

Request Chain 24

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=hEDsLUG_FxDwWmIyCYzE9ffe3xBQ9Qje HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=hEDsLUG_FxDwWmIyCYzE9ffe3xBQ9Qje

Request Chain 30

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=wrVwl0Dc-WNEsda5xvORfon0vD2zjYsf

Request Chain 31

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=b-LTOaU8ZNz76Eqe5DeNI-R4nX9ia7Rq

33 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
testadvertiser002.com/ 1 KB
1 KB 91ms
41ms Document
text/html 213.186.33.17
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://testadvertiser002.com/
Protocol: HTTP/1.1
Server: 213.186.33.17 , France, ASN16276 (OVH, FR),
Reverse DNS: cluster006.ovh.net
Software: Apache / PHP/5.6
Resource Hash: 820972ca42ab0089fbf0babfc1a388c96770e6581eb28fd4e5f570a2e84e40fa

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 20 Oct 2022 05:44:25 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: Apache
transfer-encoding: chunked
vary: Accept-Encoding
x-iplb-instance: 31521
x-iplb-request-id: B22190B2:94DE_D5BA2111:0050_6350E039_49AD:2A36B
x-powered-by: PHP/5.6

GET
H/1.1 200
OK style.php
testadvertiser002.com/ 915 B
749 B 22ms
22ms Stylesheet
text/css 213.186.33.17
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://testadvertiser002.com/style.php
Requested by: Host: testadvertiser002.com
URL: http://testadvertiser002.com/
Protocol: HTTP/1.1
Server: 213.186.33.17 , France, ASN16276 (OVH, FR),
Reverse DNS: cluster006.ovh.net
Software: Apache / PHP/5.6
Resource Hash: 3b4ea6ffcecb10ca443fd3ab2ec667c9efc6968639e476bb51223e31423a0aa6

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://testadvertiser002.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 05:44:25 GMT
content-encoding: gzip
server: Apache
x-iplb-request-id: B22190B2:94DE_D5BA2111:0050_6350E039_49AF:2A36B
x-powered-by: PHP/5.6
x-iplb-instance: 31521
transfer-encoding: chunked
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
cache-control: max-age=900
expires: Thu, 20 Oct 2022 05:59:25 GMT

GET
H/1.1 200
OK logo.php
testadvertiser002.com/ 457 B
846 B 40ms
26ms Image
image/png 213.186.33.17
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://testadvertiser002.com/logo.php
Requested by: Host: testadvertiser002.com
URL: http://testadvertiser002.com/
Protocol: HTTP/1.1
Server: 213.186.33.17 , France, ASN16276 (OVH, FR),
Reverse DNS: cluster006.ovh.net
Software: Apache / PHP/5.6
Resource Hash: fa921061d77aae0f4c32892d507f08edea666b08ddc67ede51b75d5706b4bf75

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://testadvertiser002.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Oct 2022 05:44:25 GMT
server: Apache
x-iplb-request-id: B22190B2:94E8_D5BA2111:0050_6350E039_12D1:24511
x-powered-by: PHP/5.6
x-iplb-instance: 31558
transfer-encoding: chunked
content-type: image/png
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK ld.js Show response
static.criteo.net/js/ld/ 42 KB
14 KB 43ms
22ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

http://static.criteo.net/js/ld/ld.js

Requested by

Host: testadvertiser002.com
URL: http://testadvertiser002.com/

Protocol

HTTP/1.1

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

561c579d66ced3002754404f18100a5b84c2b6fb62ad20dbc9d0c290a65ac712

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://testadvertiser002.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 05:44:25 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 25 Aug 2022 11:02:07 GMT
server: nginx
etag: W/"630756af-a8d9"
transfer-encoding: chunked
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 21 Oct 2022 05:44:25 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame ED80 15 KB
6 KB 345ms
22ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=testadvertiser002.com&origin=onetag

Requested by

Host: static.criteo.net
URL: http://static.criteo.net/js/ld/ld.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e00397129d5c9f4de2565731d60bc0120d1fe4dc78bf0b5cc9ea8c6571e27052

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: http://testadvertiser002.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 20 Oct 2022 05:44:25 GMT
server: Kestrel
server-processing-duration-in-ticks: 763866
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/ Frame ED80
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=testadvertiser002.com&sn=ChromeSyncframe&so=0&topUrl=testadvertiser002.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=mGX4C3x1aENzMC9DbjZFQ3BvSUdwTVJ5QzVHZFpWZFEySEVVOEFyZjlTU2hNTTcreTAzZW1JdWNPUnllS01FQzZibW9UbHhwWGVNcndBRXJCblFMR2FqQ0M1S0VBNmNzM0pINERJcHpLUUZGSW1RcnVwNGxIelc3blFCZ3...

478 B
697 B

366ms
24ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=mGX4C3x1aENzMC9DbjZFQ3BvSUdwTVJ5QzVHZFpWZFEySEVVOEFyZjlTU2hNTTcreTAzZW1JdWNPUnllS01FQzZibW9UbHhwWGVNcndBRXJCblFMR2FqQ0M1S0VBNmNzM0pINERJcHpLUUZGSW1RcnVwNGxIelc3blFCZ3RvU3B5RGwxRDFmSW1EazEyUWg5NEp1VW9SMmoxbzF4MlJoNU9wcTV4Tklvb1NVa3U3alRtUzR6M1pMUUZvVjhmbWJHMVltNTBVdU9QNjZ2WXVuam9EcGxnL3VsT3E3M1FNRXliYlRaeXdUNC9WY0gvbEhoRnVhOGpXOHVJRkZ3S1JDU1RLZGhyVWxybUp4cnRJUXVKcHVoZisxOHFiN3ZqNlJqWEg3azFnajJXcjJFUzlCTT18&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e16a3820d5af98f42c91e29a124586ad60e179f591c1f943256ab6af7918c722

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Oct 2022 05:44:25 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2475729
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 20 Oct 2022 05:44:25 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=mGX4C3x1aENzMC9DbjZFQ3BvSUdwTVJ5QzVHZFpWZFEySEVVOEFyZjlTU2hNTTcreTAzZW1JdWNPUnllS01FQzZibW9UbHhwWGVNcndBRXJCblFMR2FqQ0M1S0VBNmNzM0pINERJcHpLUUZGSW1RcnVwNGxIelc3blFCZ3RvU3B5RGwxRDFmSW1EazEyUWg5NEp1VW9SMmoxbzF4MlJoNU9wcTV4Tklvb1NVa3U3alRtUzR6M1pMUUZvVjhmbWJHMVltNTBVdU9QNjZ2WXVuam9EcGxnL3VsT3E3M1FNRXliYlRaeXdUNC9WY0gvbEhoRnVhOGpXOHVJRkZ3S1JDU1RLZGhyVWxybUp4cnRJUXVKcHVoZisxOHFiN3ZqNlJqWEg3azFnajJXcjJFUzlCTT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 540568
content-length: 0
expires: 0

GET
H2 200 event Show response
sslwidget.criteo.com/ 8 KB
4 KB 112ms
50ms Script
application/x-javascript 178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://sslwidget.criteo.com/event?a=5851&v=5.12.1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&bundle=9n_wzl8lMkYxNCUyQk1DJTJCJTJCRU1JbTBTdTlZaTFQSjdIbURWNDl5S0tscHFlVlFzS0s3QXhmWnhNZE5YJTJGcmRDV1dVNnVqTTJSUVNQb1U0c0syRkducHpVdlA2SFd4RWFKJTJGZjJuMWRUOHFWJTJCVkZETEo0cmV3SnRmUVMlMkJsb2w1enFJaFRHZlBnTm42MjRNbnQ4aElVQnVQdG5vekZ3dkVObndnTDFXaVU0bFJUR1dHU29mRlZJJTNE&tld=testadvertiser002.com&fu=http%253A%252F%252Ftestadvertiser002.com%252F&dtycbr=54663

Requested by

Host: static.criteo.net
URL: http://static.criteo.net/js/ld/ld.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

63e5199123854bab71cce8ba286ba527a638d3fd6f7b9263cbad1b8986ceb7d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://testadvertiser002.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Oct 2022 05:44:26 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
content-type: application/x-javascript
access-control-allow-origin: *
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 24322498
timing-allow-origin: *
expires: 0

GET
H/1.1

200
OK

sync
x.bidswitch.net/ul_cb/ Frame 9144
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-kgnEA_Strj2MZPRBxhnedXB6krvGP9-OT7cuig&expires=30
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-kgnEA_Strj2MZPRBxhnedXB6krvGP9-OT7cuig&expires=30

43 B
495 B

26ms
25ms

Image
image/gif

3.124.0.46
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-kgnEA_Strj2MZPRBxhnedXB6krvGP9-OT7cuig&expires=30
Protocol: HTTP/1.1
Server: 3.124.0.46 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-0-46.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 20 Oct 2022 05:44:26 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-kgnEA_Strj2MZPRBxhnedXB6krvGP9-OT7cuig&expires=30
Date: Thu, 20 Oct 2022 05:44:26 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 9144
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-vALIk_Strj2MZPRBxhnedXB6krs9TP5QLjoaLQ&google_cm&google_hm=ay12QUxJa19TdHJqMk1aUFJCeGhuZWRYQjZrcnM5VFA1U...
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-vALIk_Strj2MZPRBxhnedXB6krs9TP5QLjoaLQ&google_cm=&google_hm=ay12QUxJa19TdHJqMk1aUFJCeGhuZWRYQjZrcnM5VFA...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-vALIk_Strj2MZPRBxhnedXB6krs9TP5QLjoaLQ&google_error=15

43 B
369 B

26ms
26ms

Image
image/gif

178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-vALIk_Strj2MZPRBxhnedXB6krs9TP5QLjoaLQ&google_error=15

Protocol

Server

178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Oct 2022 05:44:25 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 261200
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 20 Oct 2022 05:44:26 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-vALIk_Strj2MZPRBxhnedXB6krs9TP5QLjoaLQ&google_error=15
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 333
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 9144
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=7265484713487815321

43 B
370 B

31ms
30ms

Image
image/gif

178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=7265484713487815321

Protocol

Server

178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Oct 2022 05:44:25 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1862109
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 20 Oct 2022 05:44:26 GMT
AN-X-Request-Uuid: d0969d06-9289-4ec1-ae3d-eec8dd411527
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=7265484713487815321
Connection: keep-alive
X-Proxy-Origin: 178.33.144.178; 178.33.144.178; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
r.casalemedia.com/ Frame 9144
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-wlB6I_Strj2MZPRBxhnedXB6krtA-Gacaiaoxg
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-wlB6I_Strj2MZPRBxhnedXB6krtA-Gacaiaoxg&C=1

43 B
766 B

25ms
24ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-wlB6I_Strj2MZPRBxhnedXB6krtA-Gacaiaoxg&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 20 Oct 2022 05:44:26 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Thu, 20 Oct 2022 05:44:26 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=20&external_user_id=k-wlB6I_Strj2MZPRBxhnedXB6krtA-Gacaiaoxg&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame 9144
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-lIU2M_Strj2MZPRBxhnedXB6krsth6AcL6ES1A
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-lIU2M_Strj2MZPRBxhnedXB6krsth6AcL6ES1A

43 B
445 B

32ms
31ms

Image
image/gif

52.212.100.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-lIU2M_Strj2MZPRBxhnedXB6krsth6AcL6ES1A
Protocol: H2
Server: 52.212.100.153 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-100-153.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 20 Oct 2022 05:44:26 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-lIU2M_Strj2MZPRBxhnedXB6krsth6AcL6ES1A
date: Thu, 20 Oct 2022 05:44:26 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 cksync.php
contextual.media.net/ Frame 9144 45 B
785 B 162ms
84ms Image
image/gif 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-SgpYCvStrj2MZPRBxhnedXB6krt1Iure-1r9nQ

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Thu, 20 Oct 2022 05:44:26 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 45
x-mnet-hl2: E
expires: Thu, 20 Oct 2022 05:44:26 GMT

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame 9144 0
883 B 92ms
27ms Image
text/html 18.158.247.186
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-ZSxh0_Strj2MZPRBxhnedXB6krvmVdjnER60lA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.247.186 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-247-186.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 05:44:26 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame 9144 0
145 B 508ms
99ms Image
text/plain 70.42.32.159
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-MKaiQPStrj2MZPRBxhnedXB6krtK9Rzt5gMOqw
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 20 Oct 2022 05:44:27 GMT
Cache-Control: no-cache
X-TraceId: 526b1ff8ed50e3234683e26d59370301
Content-Length: 0

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 9144 0
225 B 273ms
16ms Image
text/html 185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-py_FOPStrj2MZPRBxhnedXB6kruh1LqljGS6mQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Thu, 20 Oct 2022 05:44:26 GMT
cache-control: no-store, no-cache, private
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame 9144 0
239 B 122ms
27ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-uL-anvStrj2MZPRBxhnedXB6krvcvSaL5ZF37Q&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 204 v1
match.sharethrough.com/sync/ Frame 9144 0
35 B 114ms
25ms Image
text/plain 3.65.142.183
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-wVZfvPStrj2MZPRBxhnedXB6krsosk1qnanJww
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.65.142.183 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-65-142-183.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 05:44:26 GMT

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 9144 43 B
688 B 176ms
21ms Image
image/gif 185.86.139.114
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-MDp30_Strj2MZPRBxhnedXB6krt2DrB5HodVKQ
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 20 Oct 2022 05:44:26 GMT
cache-control: no-cache,no-store
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 9144 0
99 B 258ms
23ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k--7Vya_Strj2MZPRBxhnedXB6krtTSh8SD0TWNA
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 05:44:26 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 20785

GET
H2 200 um
criteo-sync.teads.tv/ Frame 9144 23 B
172 B 161ms
54ms Image
image/gif 23.11.239.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-rt6kE_Strj2MZPRBxhnedXB6krtgUk3BGNHmZw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.11.239.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-11-239-181.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires: Thu, 20 Oct 2022 05:44:26 GMT
pragma: no-cache
date: Thu, 20 Oct 2022 05:44:26 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

GET
H2 200 xuid
eb2.3lift.com/ Frame 9144 37 B
140 B 134ms
46ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-9pzgP_Strj2MZPRBxhnedXB6krsunYxjpSIK9w&dongle=013b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 05:44:26 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58301/ Frame 9144
Redirect Chain

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-ilWv2_Strj2MZPRBxhnedXB6krv7l7OBpOmg3w
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-ilWv2_Strj2MZPRBxhnedXB6krv7l7OBpOmg3w&verify=true

0
121 B

28ms
28ms

Image
text/plain

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-ilWv2_Strj2MZPRBxhnedXB6krv7l7OBpOmg3w&verify=true

Protocol

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 05:44:26 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-ilWv2_Strj2MZPRBxhnedXB6krv7l7OBpOmg3w&verify=true
date: Thu, 20 Oct 2022 05:44:26 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 pixel
cm.adform.net/ Frame 9144 43 B
162 B 156ms
40ms Image
image/gif 37.157.4.28
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-SYKQIvStrj2MZPRBxhnedXB6krvP2OXvKPP1kA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 05:44:26 GMT
last-modified: Wed, 10 Apr 2019 10:06:26 GMT
server: nginx
accept-ranges: bytes
etag: "5cadc022-2b"
content-length: 43
content-type: image/gif

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame 9144 49 B
235 B 68ms
22ms Image
image/gif 185.255.84.152
IGUANE-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-jVcpG_Strj2MZPRBxhnedXB6kruTJEXdMWbLUg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.152 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Oct 2022 05:44:26 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 1
content-length: 49
expires: 0

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame 9144
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=hEDsLUG_FxDwWmIyCYzE9ffe3xBQ9Qje
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=hEDsLUG_FxDwWmIyCYzE9ffe3xBQ9Qje

42 B
942 B

30ms
30ms

Image
image/gif

34.242.116.160
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=hEDsLUG_FxDwWmIyCYzE9ffe3xBQ9Qje

Protocol

HTTP/1.1

Server

34.242.116.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-116-160.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v044-0055adaf6.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: nsgX0JjeR3w=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v044-04882231d.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 2Y9ipNB6R+M=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=hEDsLUG_FxDwWmIyCYzE9ffe3xBQ9Qje
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200 9.gif
id5-sync.com/s/966/ Frame 9144 43 B
1 KB 84ms
24ms Image
image/gif 141.95.98.65
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/966/9.gif?puid=k-F9BqQPStrj2MZPRBxhnedXB6krs-8_P64iKr6A

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.65 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Thu, 20 Oct 2022 05:44:26 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

GET
H2 200 sync
matching.ivitrack.com/ Frame 9144 42 B
274 B 76ms
26ms Image
image/gif 34.117.157.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-SjmLsPStrj2MZPRBxhnedXB6krvPlpzBpGiM2g
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.157.117.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 05:44:26 GMT
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
server: istio-envoy
content-type: image/gif
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame 9144 43 B
183 B 294ms
91ms Image
image/gif 2600:1f18:612b:4232:2c9c:1ca6:2cc6:969c
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-KC9iHfStrj2MZPRBxhnedXB6kru6HWp4xQbUQg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4232:2c9c:1ca6:2cc6:969c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Thu, 20 Oct 2022 05:44:27 GMT
server: Apache-Coyote/1.1
content-type: image/gif

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame 9144 0
360 B 129ms
53ms Image
text/plain 96.16.132.239
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-ihs35vStrj2MZPRBxhnedXB6krsx66yVkiCapQ

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.16.132.239 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-132-239.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 20 Oct 2022 05:44:27 GMT
x-content-type-options: nosniff
x-frame-options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-application-context: application
Expires: Wed, 19 Oct 2022 05:44:26 GMT

GET
H2 200 sync
sync-criteo.ads.yieldmo.com/ Frame 9144 43 B
220 B 129ms
29ms Image
image/gif 99.80.140.177
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-VhcqHvStrj2MZPRBxhnedXB6krvGUtXwo4ubwA&pn_id=criteo&ext=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.140.177 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-140-177.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 20 Oct 2022 05:44:27 GMT
content-type: image/gif
content-length: 43
access-control-allow-methods: GET, OPTIONS
access-control-request-headers: Cache-Control, Pragma

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 9144
Redirect Chain

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=wrVwl0Dc-WNEsda5xvORfon0vD2zjYsf

0
338 B

135ms
30ms

Image
text/plain

18.202.59.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=wrVwl0Dc-WNEsda5xvORfon0vD2zjYsf
Protocol: H2
Server: 18.202.59.106 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-202-59-106.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-served-by: beacon-n024-dub-prod.krxd.net
date: Thu, 20 Oct 2022 05:44:26 GMT
cache-control: private, no-cache, no-store
x-request-time: D=28 t=1666244666
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=wrVwl0Dc-WNEsda5xvORfon0vD2zjYsf
date: Thu, 20 Oct 2022 05:44:26 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 1235237
content-length: 0

GET
H2

200

cs
s.thebrighttag.com/ Frame 9144
Redirect Chain

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=b-LTOaU8ZNz76Eqe5DeNI-R4nX9ia7Rq

35 B
268 B

363ms
111ms

Image
image/gif

18.219.150.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=b-LTOaU8ZNz76Eqe5DeNI-R4nX9ia7Rq
Protocol: H2
Server: 18.219.150.27 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-219-150-27.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Oct 2022 05:44:27 GMT
x-bt-requestid: 428ac7b0-503a-11ed-a603-0000ac1700b3
server: nginx
content-type: image/gif
access-control-allow-origin
p3p: CP=NOI DSP COR NID
cache-control: private, must-revalidate
content-length: 35
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=b-LTOaU8ZNz76Eqe5DeNI-R4nX9ia7Rq
date: Thu, 20 Oct 2022 05:44:26 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 1058692
content-length: 0

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

37 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
testadvertiser002.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 09cd75b49847662f3dc99f13a0a39e96
.criteo.com/	1970-01-20 16:12:20	Name: uid Value: 75f9e911-6078-431e-933b-aa587dd4732a
.testadvertiser002.com/	1970-01-20 16:20:08	Name: cto_bundle Value: 9n_wzl8lMkYxNCUyQk1DJTJCJTJCRU1JbTBTdTlZaTFQSjdIbURWNDl5S0tscHFlVlFzS0s3QXhmWnhNZE5YJTJGcmRDV1dVNnVqTTJSUVNQb1U0c0syRkducHpVdlA2SFd4RWFKJTJGZjJuMWRUOHFWJTJCVkZETEo0cmV3SnRmUVMlMkJsb2w1enFJaFRHZlBnTm42MjRNbnQ4aElVQnVQdG5vekZ3dkVObndnTDFXaVU0bFJUR1dHU29mRlZJJTNE
.adnxs.com/	1970-01-20 09:00:20	Name: uuid2 Value: 7265484713487815321
exchange.mediavine.com/	1970-01-20 07:10:54	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%224229e300-503a-11ed-a792-5b88c6d0a89c%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 07:10:54	Name: mv_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%224229e300-503a-11ed-a792-5b88c6d0a89c%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 07:10:54	Name: am_tokens Value: %7B%22mv_uuid%22%3A%224229e300-503a-11ed-a792-5b88c6d0a89c%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 07:10:54	Name: am_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%224229e300-503a-11ed-a792-5b88c6d0a89c%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 07:10:54	Name: criteo Value: %7B%22id%22%3A%22k-ZSxh0_Strj2MZPRBxhnedXB6krvmVdjnER60lA%22%2C%22version%22%3A%22criteo%22%7D
.doubleclick.net/	1970-01-20 06:50:45	Name: test_cookie Value: CheckForPermission
.360yield.com/	1970-01-20 09:00:20	Name: tuuid Value: 7b441372-a61b-470e-ae2c-88e13a37b792
.360yield.com/	1970-01-20 09:00:20	Name: tuuid_lu Value: 1666244666
.bidswitch.net/	1970-01-20 15:36:20	Name: tuuid Value: 1103d333-4851-4df3-bc4a-68a4ddd3d746
.bidswitch.net/	1970-01-20 15:36:20	Name: c Value: 1666244666
.bidswitch.net/	1970-01-20 15:36:20	Name: tuuid_lu Value: 1666244666
.casalemedia.com/	1970-01-20 15:36:20	Name: CMID Value: Y1DgOvhgHXKNmTMUJ8Hj4AAA
.casalemedia.com/	1970-01-20 09:00:20	Name: CMPS Value: 1184
.casalemedia.com/	1970-01-20 09:00:20	Name: CMPRO Value: 1184
.media.net/	1970-01-20 15:36:20	Name: visitor-id Value: 3092462664417897000V10
.media.net/	1970-01-20 07:33:56	Name: data-c-ts Value: 1666244666
.media.net/	1970-01-20 07:33:56	Name: data-c Value: k-SgpYCvStrj2MZPRBxhnedXB6krt1Iure-1r9nQ~~3
.360yield.com/	1970-01-20 09:00:20	Name: um Value: !38,78Uzdt7eIdaV1W.lR3m3Mi52ascpfZrb3liH.j4CeIOBj2OQxp7wS533qaKocUTF1n5--ELe,1674020666
.360yield.com/	1970-01-20 09:00:20	Name: umeh Value: !38,0,1728452666,-1
.demdex.net/	1970-01-20 11:09:56	Name: demdex Value: 66150793517109937341215637505096588110
.dpm.demdex.net/	1970-01-20 11:09:56	Name: dpm Value: 66150793517109937341215637505096588110
.yahoo.com/	1970-01-20 15:36:42	Name: A3 Value: d=AQABBDrgUGMCENz5977D5ZOIrkwUqPX1TiUFEgEBAQExUmNaYwAAAAAA_eMAAA&S=AQAAAuaWVPpks4WkMu1OdZIYioE
.id5-sync.com/	1970-01-20 06:50:44	Name: cf Value:
.id5-sync.com/	1970-01-20 06:50:44	Name: cip Value:
.id5-sync.com/	1970-01-20 06:50:44	Name: cnac Value:
.id5-sync.com/	1970-01-20 06:50:44	Name: car Value:
.id5-sync.com/	1970-01-20 06:50:44	Name: gdpr Value:
.id5-sync.com/	1970-01-20 06:50:44	Name: callback Value:
.smartadserver.com/	1970-01-20 16:20:59	Name: pid Value: 1108788001598322789
.smartadserver.com/	1970-01-20 16:20:59	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-20 15:36:20	Name: csync Value: 79:k-MDp30_Strj2MZPRBxhnedXB6krt2DrB5HodVKQ
.analytics.yahoo.com/	1970-01-20 15:36:20	Name: IDSYNC Value: 18zh~27th
.krxd.net/	1970-01-20 11:09:56	Name: _kuid_ Value: PJg3q7ew

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.360yield.com
ad.yieldlab.net
beacon.krxd.net
cm.adform.net
cm.g.doubleclick.net
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
dis.criteo.com
dpm.demdex.net
eb2.3lift.com
exchange.mediavine.com
gum.criteo.com
ib.adnxs.com
id5-sync.com
match.sharethrough.com
matching.ivitrack.com
mug.criteo.com
pixel.rubiconproject.com
r.casalemedia.com
rtb-csync.smartadserver.com
s.thebrighttag.com
simage2.pubmatic.com
sslwidget.criteo.com
static.criteo.net
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.outbrain.com
testadvertiser002.com
ups.analytics.yahoo.com
visitor.omnitagjs.com
x.bidswitch.net
13.248.245.213
141.226.228.48
141.95.98.65
142.250.184.194
178.250.2.146
178.250.2.151
18.156.0.31
18.158.247.186
18.202.59.106
18.219.150.27
185.255.84.152
185.64.190.80
185.80.39.216
185.86.139.114
185.89.210.90
2.18.235.93
213.186.33.17
23.11.239.181
2600:1f18:612b:4232:2c9c:1ca6:2cc6:969c
2a02:2638:1::3
2a02:2638::1c
3.124.0.46
3.65.142.183
34.117.157.22
34.242.116.160
37.157.4.28
52.212.100.153
69.173.144.139
70.42.32.159
96.16.132.239
99.80.140.177
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3b4ea6ffcecb10ca443fd3ab2ec667c9efc6968639e476bb51223e31423a0aa6
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
561c579d66ced3002754404f18100a5b84c2b6fb62ad20dbc9d0c290a65ac712
63e5199123854bab71cce8ba286ba527a638d3fd6f7b9263cbad1b8986ceb7d0
820972ca42ab0089fbf0babfc1a388c96770e6581eb28fd4e5f570a2e84e40fa
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
e00397129d5c9f4de2565731d60bc0120d1fe4dc78bf0b5cc9ea8c6571e27052
e16a3820d5af98f42c91e29a124586ad60e179f591c1f943256ab6af7918c722
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fa921061d77aae0f4c32892d507f08edea666b08ddc67ede51b75d5706b4bf75

testadvertiser002.com Open in urlscan Pro 213.186.33.17 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

33 Requests

58 %HTTPS

10 %IPv6

29 Domains

32 Subdomains

29 IPs

8 Countries

37 kBTransfer

69 kBSize

37 Cookies

0 Outgoing links

Redirected requests

33 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

testadvertiser002.com Open in urlscan Pro
213.186.33.17 Public Scan

Screenshot
Live screenshot

Full Image

33
Requests

58 %
HTTPS

10 %
IPv6

29
Domains

32
Subdomains

29
IPs

8
Countries

37 kB
Transfer

69 kB
Size

37
Cookies

33 HTTP transactions
0 data transactions