www.picuki.com Open in urlscan Pro
172.67.68.160 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.picuki.com/profile/rudy_israel
Submission: On June 08 via manual (June 8th 2023, 7:40:24 am UTC) from ZA — Scanned from DE

Summary HTTP 752 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 158 IPs in 16 countries across 133 domains to perform 752 HTTP transactions. The main IP is 172.67.68.160, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.picuki.com. The Cisco Umbrella rank of the primary domain is 186359.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 1st 2023. Valid for: a year.

This is the only time www.picuki.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 47	172.67.68.160 172.67.68.160	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
4	2a04:4e42:600... 2a04:4e42:600::485	54113 (FASTLY) (FASTLY)
7	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:1f31	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::681a:61	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	99.84.88.82 99.84.88.82	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
4	2606:4700:20:... 2606:4700:20::ac43:4615	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:206... 2600:9000:206f:a000:c:abe:f440:93a1	16509 (AMAZON-02) (AMAZON-02)
1	52.57.54.7 52.57.54.7	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1 8	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	18.66.147.119 18.66.147.119	16509 (AMAZON-02) (AMAZON-02)
4	2606:4700:20:... 2606:4700:20::681a:9a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	162.19.138.119 162.19.138.119	16276 (OVH) (OVH)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	65.9.66.122 65.9.66.122	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::ac43:266a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:223... 2600:9000:223d:ce00:a:e047:753:be1	16509 (AMAZON-02) (AMAZON-02)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
9	2600:9000:225... 2600:9000:225b:e800:1d:85c3:6640:93a1	16509 (AMAZON-02) (AMAZON-02)
5 11	37.157.6.254 37.157.6.254	198622 (ADFORM) (ADFORM)
2	172.67.68.162 172.67.68.162	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	147.75.84.158 147.75.84.158	54825 (PACKET) (PACKET)
2	2606:4700::68... 2606:4700::6812:372	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
9 11	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	2a02:2638:d::a 2a02:2638:d::a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
10	3.73.198.78 3.73.198.78	16509 (AMAZON-02) (AMAZON-02)
11 15	37.252.173.215 37.252.173.215	29990 (ASN-APPNEX) (ASN-APPNEX)
1	185.106.140.18 185.106.140.18	7979 (SERVERS-COM) (SERVERS-COM)
2 13	51.89.9.253 51.89.9.253	16276 (OVH) (OVH)
3	18.156.109.169 18.156.109.169	16509 (AMAZON-02) (AMAZON-02)
11	5.196.111.65 5.196.111.65	16276 (OVH) (OVH)
2	35.190.39.111 35.190.39.111	15169 (GOOGLE) (GOOGLE)
1 2	34.120.135.53 34.120.135.53	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 3	54.217.89.185 54.217.89.185	16509 (AMAZON-02) (AMAZON-02)
1	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	159.89.25.223 159.89.25.223	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
9	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
8	161.35.253.218 161.35.253.218	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2606:4700:20:... 2606:4700:20::681a:e7e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	2606:4700:20:... 2606:4700:20::681a:744	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	18.66.97.37 18.66.97.37	16509 (AMAZON-02) (AMAZON-02)
14	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
2 5	2a02:26f0:350... 2a02:26f0:3500:1b::1724:a398	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	18.66.97.112 18.66.97.112	16509 (AMAZON-02) (AMAZON-02)
2 5	18.194.199.66 18.194.199.66	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
11	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
8 9	37.252.172.123 37.252.172.123	29990 (ASN-APPNEX) (ASN-APPNEX)
2	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
9	137.184.242.150 137.184.242.150	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	2602:803:c003... 2602:803:c003:200::21	26667 (RUBICONPR...) (RUBICONPROJECT)
2	34.120.63.153 34.120.63.153	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	216.52.2.91 216.52.2.91	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
2	69.166.1.14 69.166.1.14	27630 (AS-XFERNET) (AS-XFERNET)
2	2a02:fa8:8806... 2a02:fa8:8806:12::1460	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2	2a06:8640:799... 2a06:8640:799:0:ec4:7aff:fe6e:a48e	55081 (24SHELLS) (24SHELLS)
1	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
19 20	3.124.103.237 3.124.103.237	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:20:... 2606:4700:20::681a:333	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.66.192.107 18.66.192.107	16509 (AMAZON-02) (AMAZON-02)
1	18.66.112.32 18.66.112.32	16509 (AMAZON-02) (AMAZON-02)
1	108.138.36.81 108.138.36.81	16509 (AMAZON-02) (AMAZON-02)
2	108.138.36.2 108.138.36.2	16509 (AMAZON-02) (AMAZON-02)
9	34.205.5.140 34.205.5.140	14618 (AMAZON-AES) (AMAZON-AES)
1	52.58.4.68 52.58.4.68	16509 (AMAZON-02) (AMAZON-02)
18	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
2 34	193.3.178.3 193.3.178.3	399668 (E-PLANNING-) (E-PLANNING-)
2	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2602:803:c003... 2602:803:c003:200::57	26667 (RUBICONPR...) (RUBICONPROJECT)
4	98.98.134.241 98.98.134.241	21859 (ZEN-ECN) (ZEN-ECN)
4 4	8.2.110.24 8.2.110.24	46636 (NATCOWEB) (NATCOWEB)
4	193.3.178.2 193.3.178.2	399668 (E-PLANNING-) (E-PLANNING-)
4 4	3.93.228.142 3.93.228.142	14618 (AMAZON-AES) (AMAZON-AES)
6	69.166.1.10 69.166.1.10	27630 (AS-XFERNET) (AS-XFERNET)
1 5	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
4 4	3.217.213.80 3.217.213.80	14618 (AMAZON-AES) (AMAZON-AES)
8 8	23.56.202.187 23.56.202.187	16625 (AKAMAI-AS) (AKAMAI-AS)
22	23.37.42.132 23.37.42.132	16625 (AKAMAI-AS) (AKAMAI-AS)
4 29	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
4	205.234.175.175 205.234.175.175	30081 (CACHENETW...) (CACHENETWORKS)
39	2606:4700:10:... 2606:4700:10::ac43:db6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13 22	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	2.17.187.27 2.17.187.27	16625 (AKAMAI-AS) (AKAMAI-AS)
4	52.51.107.69 52.51.107.69	16509 (AMAZON-02) (AMAZON-02)
17	23.32.184.192 23.32.184.192	16625 (AKAMAI-AS) (AKAMAI-AS)
6 8	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5 8	37.157.4.29 37.157.4.29	198622 (ADFORM) (ADFORM)
2	2a04:4e42:200... 2a04:4e42:200::300	54113 (FASTLY) (FASTLY)
2	2600:1f16:e61... 2600:1f16:e61:3f02:8513:7dd7:332b:6625	16509 (AMAZON-02) (AMAZON-02)
2 8	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	2a05:d018:24:... 2a05:d018:24:b001:3bf0:9c53:4cdb:1436	16509 (AMAZON-02) (AMAZON-02)
4 4	52.31.88.82 52.31.88.82	16509 (AMAZON-02) (AMAZON-02)
2	18.198.126.47 18.198.126.47	16509 (AMAZON-02) (AMAZON-02)
2 2	151.1.205.165 151.1.205.165	3242 (ASN-ITNET) (ASN-ITNET)
3 3	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
4 5	34.111.131.239 34.111.131.239	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	185.15.245.83 185.15.245.83	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	212.82.100.182 212.82.100.182	34010 (YAHOO-IRD) (YAHOO-IRD)
4 4	3.71.149.231 3.71.149.231	16509 (AMAZON-02) (AMAZON-02)
2	34.160.236.64 34.160.236.64	15169 (GOOGLE) (GOOGLE)
4	52.211.158.177 52.211.158.177	16509 (AMAZON-02) (AMAZON-02)
2	168.119.146.39 168.119.146.39	24940 (HETZNER-AS) (HETZNER-AS)
9 13	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
2 2	23.52.122.195 23.52.122.195	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	35.171.239.119 35.171.239.119	14618 (AMAZON-AES) (AMAZON-AES)
5 10	67.220.226.238 67.220.226.238	16509 (AMAZON-02) (AMAZON-02)
2	72.246.169.24 72.246.169.24	16625 (AKAMAI-AS) (AKAMAI-AS)
4 4	52.31.201.132 52.31.201.132	16509 (AMAZON-02) (AMAZON-02)
5 10	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
11	2a00:1450:400... 2a00:1450:4001:82a::2006	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
4 8	52.46.143.56 52.46.143.56	16509 (AMAZON-02) (AMAZON-02)
1 1	35.205.207.25 35.205.207.25	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
6	185.86.138.151 185.86.138.151	201081 (SMARTADSE...) (SMARTADSERVER)
1 1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
2 3	35.204.74.118 35.204.74.118	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5 10	2a05:d018:d29... 2a05:d018:d29:3602:51a:42ee:38f7:77d0	16509 (AMAZON-02) (AMAZON-02)
5 8	54.228.73.172 54.228.73.172	16509 (AMAZON-02) (AMAZON-02)
1 2	2a02:fa8:8806... 2a02:fa8:8806:16::1370	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2 2	54.228.185.250 54.228.185.250	16509 (AMAZON-02) (AMAZON-02)
2	67.202.105.33 67.202.105.33	32748 (STEADFAST) (STEADFAST)
2	23.52.120.27 23.52.120.27	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a0c:5c81:514... 2a0c:5c81:5145::2	55081 (24SHELLS) (24SHELLS)
2 24	23.227.139.243 23.227.139.243	55081 (24SHELLS) (24SHELLS)
2	2a0c:5c81:512... 2a0c:5c81:5126:0:ae1f:6bff:fec1:ad72	55081 (24SHELLS) (24SHELLS)
2 2	35.157.14.121 35.157.14.121	16509 (AMAZON-02) (AMAZON-02)
4 60	52.210.15.1 52.210.15.1	16509 (AMAZON-02) (AMAZON-02)
2 2	188.42.34.65 188.42.34.65	7979 (SERVERS-COM) (SERVERS-COM)
5 5	54.211.72.252 54.211.72.252	14618 (AMAZON-AES) (AMAZON-AES)
4 4	50.31.142.63 50.31.142.63	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
5 5	208.93.169.131 208.93.169.131	46244 (WEBMD-IDC...) (WEBMD-IDC1-AS)
8 14	64.202.112.31 64.202.112.31	23352 (SERVERCEN...) (SERVERCENTRAL)
4 4	50.16.251.137 50.16.251.137	14618 (AMAZON-AES) (AMAZON-AES)
4 4	2603:c020:400... 2603:c020:400d:3000:b5b3:7157:5b47:80e4	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
4	8.18.47.7 8.18.47.7	398989 (DEEPINTENT) (DEEPINTENT)
9 9	54.77.159.209 54.77.159.209	16509 (AMAZON-02) (AMAZON-02)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	184.24.77.72 184.24.77.72	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6 6	74.121.143.240 74.121.143.240	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2	2606:4700:10:... 2606:4700:10::ac43:2954	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	80.77.87.128 80.77.87.128	46636 (NATCOWEB) (NATCOWEB)
1	213.227.153.223 213.227.153.223	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	52.214.36.213 52.214.36.213	16509 (AMAZON-02) (AMAZON-02)
1	8.2.109.53 8.2.109.53	46636 (NATCOWEB) (NATCOWEB)
1	2a02:6b8::90 2a02:6b8::90	208722 (GLOBAL_DC) (GLOBAL_DC)
1	2606:4700:303... 2606:4700:3035::6815:23e9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	77.245.57.72 77.245.57.72	36057 (WEBAIR-IN...) (WEBAIR-INTERNET-MTL)
4	8.2.111.13 8.2.111.13	46636 (NATCOWEB) (NATCOWEB)
4 4	202.241.208.54 202.241.208.54	4694 (IDCF IDC ...) (IDCF IDC Frontier Inc.)
2	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
4	80.77.87.161 80.77.87.161	46636 (NATCOWEB) (NATCOWEB)
14	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	213.155.156.168 213.155.156.168	1299 (TWELVE99 ...) (TWELVE99 Arelion)
8	185.64.191.210 185.64.191.210	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	178.250.7.11 178.250.7.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	193.0.160.130 193.0.160.130	54312 (ROCKETFUEL) (ROCKETFUEL)
3 3	2620:116:800d... 2620:116:800d:21:ef75:8280:f209:5ba1	16509 (AMAZON-02) (AMAZON-02)
1 1	185.86.139.102 185.86.139.102	201081 (SMARTADSE...) (SMARTADSERVER)
1	72.251.245.181 72.251.245.181	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1 2	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1 1	52.220.229.2 52.220.229.2	16509 (AMAZON-02) (AMAZON-02)
1	195.5.165.20 195.5.165.20	44968 (IPROM-AS) (IPROM-AS)
1 1	141.95.172.216 141.95.172.216	16276 (OVH) (OVH)
2 2	141.94.171.216 141.94.171.216	16276 (OVH) (OVH)
1 2	52.48.144.60 52.48.144.60	16509 (AMAZON-02) (AMAZON-02)
1 1	34.102.163.6 34.102.163.6	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	35.214.181.34 35.214.181.34	15169 (GOOGLE) (GOOGLE)
1 1	34.111.129.221 34.111.129.221	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3 4	54.84.97.211 54.84.97.211	14618 (AMAZON-AES) (AMAZON-AES)
3	185.64.190.81 185.64.190.81	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	35.210.53.219 35.210.53.219	19527 (GOOGLE-2) (GOOGLE-2)
1	98.98.134.242 98.98.134.242	21859 (ZEN-ECN) (ZEN-ECN)
2 2	46.228.164.11 46.228.164.11	56396 (AMOBEE) (AMOBEE)
1 1	134.122.57.34 134.122.57.34	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
4 4	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 2	34.248.236.176 34.248.236.176	16509 (AMAZON-02) (AMAZON-02)
1 1	8.2.110.113 8.2.110.113	46636 (NATCOWEB) (NATCOWEB)
5	135.125.163.79 135.125.163.79	16276 (OVH) (OVH)
2	2a02:6ea0:c70... 2a02:6ea0:c700::10	60068 (CDN77 ^_^) (CDN77 ^_^)
1	23.212.89.151 23.212.89.151	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 4	213.19.147.44 213.19.147.44	26120 (RHYTHMONE) (RHYTHMONE)
1	162.55.120.196 162.55.120.196	24940 (HETZNER-AS) (HETZNER-AS)
1 2	77.243.51.121 77.243.51.121	42697 (NETIC-AS) (NETIC-AS)
1 1	141.94.171.214 141.94.171.214	16276 (OVH) (OVH)
1 1	34.102.253.54 34.102.253.54	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	3.64.110.9 3.64.110.9	16509 (AMAZON-02) (AMAZON-02)
1	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
2	99.83.181.31 99.83.181.31	() ()
752	158

47 172.67.68.160 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.picuki.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn1.picuki.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1f31 (United States)

ASN13335 (CLOUDFLARENET, US)

stpd.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:61 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.pubfuture-ad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.88.82 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-88-82.muc50.r.cloudfront.net

platform-api.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::ac43:4615 (United States)

ASN13335 (CLOUDFLARENET, US)

ip2geo.pubfuture-ad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.pubfuture-ad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:a000:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)

buttons-config.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.57.54.7 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-54-7.eu-central-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.66.147.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-119.fra60.r.cloudfront.net

tagan.adlightning.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::681a:9a9 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.19.138.119 (France)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-122.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223d:ce00:a:e047:753:be1 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:9000:225b:e800:1d:85c3:6640:93a1 (United States)

ASN16509 (AMAZON-02, US)

platform-cdn.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 37.157.6.254 (Denmark) 5 redirects

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.68.162 (United States)

ASN13335 (CLOUDFLARENET, US)

prebid-stag.setupad.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 147.75.84.158 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:372 (United States)

ASN13335 (CLOUDFLARENET, US)

mp.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 185.184.8.90 (Amsterdam, Netherlands) 9 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 3.73.198.78 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-73-198-78.eu-central-1.compute.amazonaws.com

btlr.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 37.252.173.215 (Frankfurt am Main, Germany) 11 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.106.140.18 (Netherlands)

ASN7979 (SERVERS-COM, US)

rtb.adxpremium.services	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 51.89.9.253 (London, United Kingdom) 2 redirects

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.156.109.169 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-109-169.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 5.196.111.65 (Le Grau-du-Roi, France)

ASN16276 (OVH, FR)
PTR: ip65.ip-5-196-111.eu

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com

esp.rtbhouse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.135.53 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.217.89.185 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-217-89-185.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

b24aa2873adffce44e55e180d9ae3331.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.89.25.223 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

node.setupad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixfuture2-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 161.35.253.218 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

served-by.pixfuture.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:e7e (United States)

ASN13335 (CLOUDFLARENET, US)

s3.pubfuture.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2606:4700:20::681a:744 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.pixfuture.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.66.97.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-37.fra56.r.cloudfront.net

ib.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:3500:1b::1724:a398 (Frankfurt am Main, Germany) 2 redirects

ASN20940 (AKAMAI-ASN1, NL)

www.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-112.fra56.r.cloudfront.net

img.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.194.199.66 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-199-66.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 37.252.172.123 (Frankfurt am Main, Germany) 8 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 137.184.242.150 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

prebidserver.pixfuture.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2602:803:c003:200::21 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.52.2.91 (United States)

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.166.1.14 (United States)

ASN27630 (AS-XFERNET, US)

apex.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:fa8:8806:12::1460 (Singapore)

ASN41041 (VCLK-EU-SE, US)

web.hb.ad.cpe.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:8640:799:0:ec4:7aff:fe6e:a48e (Piscataway, United States)

ASN55081 (24SHELLS, US)

ghb.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 3.124.103.237 (Frankfurt am Main, Germany) 19 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-103-237.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:333 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.prplads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.192.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-107.muc50.r.cloudfront.net

get.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-32.fra56.r.cloudfront.net

onetag-geo.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.36.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-81.muc50.r.cloudfront.net

signal-beacon.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.138.36.2 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-2.muc50.r.cloudfront.net

signal-segments.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 34.205.5.140 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-205-5-140.compute-1.amazonaws.com

api.purpleads.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.58.4.68 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-4-68.eu-central-1.compute.amazonaws.com

prebid-server.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 193.3.178.3 (United States) 2 redirects

ASN399668 (E-PLANNING-, US)
PTR: ads.us.e-planning.net

ads.us.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u-ams03.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c003:200::57 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

beacon-ams3.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 98.98.134.241 (United States)

ASN21859 (ZEN-ECN, US)

pixel.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 8.2.110.24 (United States) 4 redirects

ASN46636 (NATCOWEB, US)

sync.admanmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 193.3.178.2 (United States)

ASN399668 (E-PLANNING-, US)
PTR: s.e-planning.net

s.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.93.228.142 (Ashburn, United States) 4 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-93-228-142.compute-1.amazonaws.com

ssp.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 69.166.1.10 (United States)

ASN27630 (AS-XFERNET, US)

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.186.253.211 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.217.213.80 (Ashburn, United States) 4 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-217-213-80.compute-1.amazonaws.com

cookies.nextmillmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 23.56.202.187 (Frankfurt am Main, Germany) 8 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-202-187.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 23.37.42.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 185.80.39.216 (Canada) 4 redirects

ASN27381 (CASALE-MEDIA, CA)

ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 205.234.175.175 (Cantonment, United States)

ASN30081 (CACHENETWORKS, US)
PTR: vip1.G-anycast1.cachefly.net

i.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 142.250.181.226 (United States) 13 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.17.187.27 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-17-187-27.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.51.107.69 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-107-69.eu-west-1.compute.amazonaws.com

rtb.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 23.32.184.192 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-184-192.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 34.111.113.62 (Kansas City, United States) 6 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 37.157.4.29 (Denmark) 5 redirects

ASN198622 (ADFORM, DK)

dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:200::300 (United States)

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f16:e61:3f02:8513:7dd7:332b:6625 (Columbus, United States)

ASN16509 (AMAZON-02, US)

dmp.v.fwmrm.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.64.190.78 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:24:b001:3bf0:9c53:4cdb:1436 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

sync.tidaltv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.31.88.82 (Dublin, Ireland) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-88-82.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.198.126.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-126-47.eu-central-1.compute.amazonaws.com

loadeu.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.1.205.165 (Rogeno, Italy) 2 redirects

ASN3242 (ASN-ITNET, IT)

bn01.er.bemail.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 85.114.159.118 (Bad Durrheim, Germany) 3 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.111.131.239 (Kansas City, United States) 4 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com

idsync.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.15.245.83 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

dmp.theadex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.82.100.182 (Dublin, Ireland) 2 redirects

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.71.149.231 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.160.236.64 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 64.236.160.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.211.158.177 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-158-177.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 168.119.146.39 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.39.146.119.168.clients.your-server.de

sync.richaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 151.101.2.49 (United States) 9 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.52.122.195 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-122-195.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.171.239.119 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-171-239-119.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 67.220.226.238 (Dublin, Ireland) 5 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.246.169.24 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a72-246-169-24.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.31.201.132 (Dublin, Ireland) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-201-132.eu-west-1.compute.amazonaws.com

obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 69.173.144.165 (Frankfurt am Main, Germany) 5 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:82a::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.46.143.56 (Ashburn, United States) 4 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.205.207.25 (Brussels, Belgium) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 25.207.205.35.bc.googleusercontent.com

ads.avads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.86.138.151 (France)

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands) 1 redirects

ASN200478 (TABOOLA-AS, IL)

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.204.74.118 (Groningen, Netherlands) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a05:d018:d29:3602:51a:42ee:38f7:77d0 (Dublin, Ireland) 5 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 54.228.73.172 (Dublin, Ireland) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-73-172.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:fa8:8806:16::1370 (Singapore) 1 redirects

ASN41041 (VCLK-EU-SE, US)

casale-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pubmatic-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.228.185.250 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-185-250.eu-west-1.compute.amazonaws.com

r.scoota.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 67.202.105.33 (Palos Park, United States)

ASN32748 (STEADFAST, US)
PTR: ip33.67-202-105.static.steadfastdns.net

ic.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.52.120.27 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-120-27.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a0c:5c81:5145::2 (Brent, United Kingdom)

ASN55081 (24SHELLS, US)

s.console.adtarget.com.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 23.227.139.243 (Piscataway, United States) 2 redirects

ASN55081 (24SHELLS, US)

sync.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.console.adtarget.com.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.spotim.market	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a0c:5c81:5126:0:ae1f:6bff:fec1:ad72 (Brent, United Kingdom)

ASN55081 (24SHELLS, US)

s.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.157.14.121 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-14-121.eu-central-1.compute.amazonaws.com

ads.creative-serving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

60 52.210.15.1 (Dublin, Ireland) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com

usersync.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.42.34.65 (Luxembourg) 2 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.211.72.252 (Ashburn, United States) 5 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-211-72-252.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 50.31.142.63 (Itasca, United States) 4 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: chi.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 208.93.169.131 (United States) 5 redirects

ASN46244 (WEBMD-IDC1-AS, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 64.202.112.31 (Chicago, United States) 8 redirects

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
log.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 50.16.251.137 (Ashburn, United States) 4 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-251-137.compute-1.amazonaws.com

sync.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2603:c020:400d:3000:b5b3:7157:5b47:80e4 (Ashburn, United States) 4 redirects

ASN31898 (ORACLE-BMC-31898, US)

sync.technoratimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 8.18.47.7 (Miami, United States)

ASN398989 (DEEPINTENT, US)

match.deepintent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 54.77.159.209 (Dublin, Ireland) 9 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-159-209.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel-eu.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.24.77.72 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-24-77-72.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 74.121.143.240 (United States) 6 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::ac43:2954 (United States)

ASN13335 (CLOUDFLARENET, US)

ex.ingage.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.77.87.128 (Clifton, United States)

ASN46636 (NATCOWEB, US)

prebid.admanmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.227.153.223 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

b1h-euc1.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.214.36.213 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-36-213.eu-west-1.compute.amazonaws.com

ads.servenobid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.2.109.53 (United States)

ASN46636 (NATCOWEB, US)

explorads-prebid.smart-hub.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::90 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

bs.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::6815:23e9 (United States)

ASN13335 (CLOUDFLARENET, US)

adxbid.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 77.245.57.72 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)

sync.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 8.2.111.13 (United States)

ASN46636 (NATCOWEB, US)

cs.iqzone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 202.241.208.54 (Japan) 4 redirects

ASN4694 (IDCF IDC Frontier Inc., JP)

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 80.77.87.161 (Clifton, United States)

ASN46636 (NATCOWEB, US)

cs.admanmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.168 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.11 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.130 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:116:800d:21:ef75:8280:f209:5ba1 (United States) 3 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.102 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.251.245.181 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

ipac.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.220.229.2 (Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-220-229-2.ap-southeast-1.compute.amazonaws.com

cm-supply-web.gammaplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)

core.iprom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.172.216 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: bixel-4.cloudy.ovh

green.erne.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.94.171.216 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: pikafka-eu-10.cloudy.ovh

pixel-eu.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.48.144.60 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-144-60.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.163.6 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 6.163.102.34.bc.googleusercontent.com

ad.mrtnsvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.214.181.34 (Groningen, Netherlands) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 34.181.214.35.bc.googleusercontent.com

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.129.221 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com

cr.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.84.97.211 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-84-97-211.compute-1.amazonaws.com

a.audrte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.210.53.219 (Brussels, Belgium) 2 redirects

ASN19527 (GOOGLE-2, US)
PTR: 219.53.210.35.bc.googleusercontent.com

pool.admedo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 98.98.134.242 (United States)

ASN21859 (ZEN-ECN, US)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.228.164.11 (United Kingdom) 2 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 134.122.57.34 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

match.adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.139 (Frankfurt am Main, Germany) 4 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.248.236.176 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-236-176.eu-west-1.compute.amazonaws.com

ads.avct.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.2.110.113 (United States) 1 redirects

ASN46636 (NATCOWEB, US)

as.ck-ie.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 135.125.163.79 (France)

ASN16276 (OVH, FR)
PTR: ns3190286.ip-135-125-163.eu

user-sync.adxpremium.services	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6ea0:c700::10 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

vid.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vpaid.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.212.89.151 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-89-151.deploy.static.akamaitechnologies.com

images.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:19ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 213.19.147.44 (Amsterdam, Netherlands) 4 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.55.120.196 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.196.120.55.162.clients.your-server.de

matching.truffle.bid	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.243.51.121 (Denmark) 1 redirects

ASN42697 (NETIC-AS, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.94.171.214 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: pikafka-eu-8.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.253.54 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com

ads.playground.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.64.110.9 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-110-9.eu-central-1.compute.amazonaws.com

a.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.83.181.31 (None, )

ASN- ()

connect-metrics-collector.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
signal-metrics-collector-beta.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
64	gumgum.com 4 redirects rtb.gumgum.com — Cisco Umbrella Rank: 1585 usersync.gumgum.com — Cisco Umbrella Rank: 1913	21 KB
53	pubmatic.com 2 redirects hbopenbid.pubmatic.com — Cisco Umbrella Rank: 545 ads.pubmatic.com — Cisco Umbrella Rank: 541 image6.pubmatic.com — Cisco Umbrella Rank: 786 simage2.pubmatic.com — Cisco Umbrella Rank: 730 image2.pubmatic.com — Cisco Umbrella Rank: 971 image4.pubmatic.com — Cisco Umbrella Rank: 1167 simage4.pubmatic.com — Cisco Umbrella Rank: 1325	122 KB
49	rubiconproject.com 17 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 526 prebid-server.rubiconproject.com — Cisco Umbrella Rank: 983 beacon-ams3.rubiconproject.com — Cisco Umbrella Rank: 9446 secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1112 eus.rubiconproject.com — Cisco Umbrella Rank: 627 pixel.rubiconproject.com — Cisco Umbrella Rank: 375 pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2358 token.rubiconproject.com — Cisco Umbrella Rank: 636	132 KB
47	picuki.com 1 redirects www.picuki.com — Cisco Umbrella Rank: 186359 cdn1.picuki.com — Cisco Umbrella Rank: 207904	2 MB
42	e-planning.net 2 redirects ads.us.e-planning.net — Cisco Umbrella Rank: 4231 u-ams03.e-planning.net — Cisco Umbrella Rank: 42490 s.e-planning.net — Cisco Umbrella Rank: 8506 i.e-planning.net — Cisco Umbrella Rank: 7542 sync.e-planning.net — Cisco Umbrella Rank: 5725	14 KB
39	zeotap.com spl.zeotap.com — Cisco Umbrella Rank: 3635 mwzeom.zeotap.com — Cisco Umbrella Rank: 3167	13 KB
36	pixfuture.com served-by.pixfuture.com — Cisco Umbrella Rank: 44957 cdn.pixfuture.com — Cisco Umbrella Rank: 49170 prebidserver.pixfuture.com — Cisco Umbrella Rank: 50152	3 MB
32	doubleclick.net 13 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218 googleads.g.doubleclick.net — Cisco Umbrella Rank: 54 cm.g.doubleclick.net — Cisco Umbrella Rank: 248 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 362	229 KB
29	casalemedia.com 4 redirects ssum.casalemedia.com — Cisco Umbrella Rank: 1360 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 490 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 612 dsum.casalemedia.com — Cisco Umbrella Rank: 1549	25 KB
26	googlesyndication.com b24aa2873adffce44e55e180d9ae3331.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 127 tpc.googlesyndication.com — Cisco Umbrella Rank: 154 ade.googlesyndication.com — Cisco Umbrella Rank: 315	148 KB
24	adnxs.com 19 redirects ib.adnxs.com — Cisco Umbrella Rank: 244 secure.adnxs.com — Cisco Umbrella Rank: 472	23 KB
22	3lift.com tlx.3lift.com — Cisco Umbrella Rank: 605 ib.3lift.com — Cisco Umbrella Rank: 1580 eb2.3lift.com — Cisco Umbrella Rank: 406 img.3lift.com — Cisco Umbrella Rank: 2882	85 KB
20	bidswitch.net 19 redirects x.bidswitch.net — Cisco Umbrella Rank: 356	5 KB
19	adform.net 10 redirects adx.adform.net — Cisco Umbrella Rank: 4174 cm.adform.net — Cisco Umbrella Rank: 1230 dmp.adform.net — Cisco Umbrella Rank: 3324 c1.adform.net — Cisco Umbrella Rank: 626	6 KB
18	amazon-adsystem.com 9 redirects aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1023 s.amazon-adsystem.com — Cisco Umbrella Rank: 335	13 KB
18	adtelligent.com ghb.adtelligent.com — Cisco Umbrella Rank: 6444 sync.adtelligent.com — Cisco Umbrella Rank: 5684 s.adtelligent.com — Cisco Umbrella Rank: 10914	10 KB
18	smartadserver.com 1 redirects prg.smartadserver.com — Cisco Umbrella Rank: 1553 ssbsync.smartadserver.com — Cisco Umbrella Rank: 861 rtb-csync.smartadserver.com — Cisco Umbrella Rank: 614	7 KB
16	yahoo.com 11 redirects cms.analytics.yahoo.com — Cisco Umbrella Rank: 1254 ups.analytics.yahoo.com — Cisco Umbrella Rank: 334 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 454	8 KB
16	openx.net 2 redirects oajs.openx.net — Cisco Umbrella Rank: 1359 google-bidout-d.openx.net — Cisco Umbrella Rank: 1367 pixfuture2-d.openx.net — Cisco Umbrella Rank: 58998 rtb.openx.net — Cisco Umbrella Rank: 1149 u.openx.net — Cisco Umbrella Rank: 723 us-u.openx.net — Cisco Umbrella Rank: 491	2 KB
13	everesttech.net 9 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 748	3 KB
13	onetag-sys.com 2 redirects onetag-sys.com — Cisco Umbrella Rank: 834	985 B
12	outbrain.com 8 redirects sync.outbrain.com — Cisco Umbrella Rank: 734	4 KB
12	creativecdn.com 9 redirects invstatic101.creativecdn.com — Cisco Umbrella Rank: 1396 prebid-eu.creativecdn.com — Cisco Umbrella Rank: 6786 creativecdn.com — Cisco Umbrella Rank: 492	6 KB
12	sharethis.com platform-api.sharethis.com — Cisco Umbrella Rank: 4850 buttons-config.sharethis.com — Cisco Umbrella Rank: 5577 l.sharethis.com — Cisco Umbrella Rank: 4885 platform-cdn.sharethis.com — Cisco Umbrella Rank: 11099	55 KB
11	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 336	283 KB
11	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 385	3 KB
11	criteo.com 2 redirects gum.criteo.com — Cisco Umbrella Rank: 413 bidder.criteo.com — Cisco Umbrella Rank: 742 mug.criteo.com — Cisco Umbrella Rank: 2161 dis.criteo.com — Cisco Umbrella Rank: 602	9 KB
10	adtarget.com.tr 2 redirects s.console.adtarget.com.tr — Cisco Umbrella Rank: 25924 sync.console.adtarget.com.tr — Cisco Umbrella Rank: 24935	6 KB
10	sharethrough.com btlr.sharethrough.com — Cisco Umbrella Rank: 1222	2 KB
9	360yield.com 9 redirects ad.360yield.com — Cisco Umbrella Rank: 670	3 KB
9	admanmedia.com 4 redirects sync.admanmedia.com — Cisco Umbrella Rank: 6528 prebid.admanmedia.com — Cisco Umbrella Rank: 41226 cs.admanmedia.com — Cisco Umbrella Rank: 1134	3 KB
9	purpleads.io api.purpleads.io — Cisco Umbrella Rank: 40852	4 KB
8	bidr.io 5 redirects match.prod.bidr.io — Cisco Umbrella Rank: 588	4 KB
8	mathtag.com 8 redirects pixel.mathtag.com — Cisco Umbrella Rank: 1153 sync.mathtag.com — Cisco Umbrella Rank: 548	5 KB
8	tapad.com 6 redirects pixel.tapad.com — Cisco Umbrella Rank: 511	3 KB
8	sonobi.com apex.go.sonobi.com — Cisco Umbrella Rank: 2141 sync.go.sonobi.com — Cisco Umbrella Rank: 1072	8 KB
7	s-onetag.com get.s-onetag.com — Cisco Umbrella Rank: 4290 onetag-geo.s-onetag.com — Cisco Umbrella Rank: 5636 signal-beacon.s-onetag.com — Cisco Umbrella Rank: 5892 signal-segments.s-onetag.com — Cisco Umbrella Rank: 10041 connect-metrics-collector.s-onetag.com signal-metrics-collector-beta.s-onetag.com	18 KB
7	gstatic.com www.gstatic.com fonts.gstatic.com	575 KB
6	krxd.net 2 redirects beacon.krxd.net — Cisco Umbrella Rank: 649 usermatch.krxd.net — Cisco Umbrella Rank: 1593	2 KB
6	weborama.fr 5 redirects idsync.frontend.weborama.fr — Cisco Umbrella Rank: 24136 cr.frontend.weborama.fr — Cisco Umbrella Rank: 24843	2 KB
6	adxpremium.services rtb.adxpremium.services — Cisco Umbrella Rank: 11756 user-sync.adxpremium.services — Cisco Umbrella Rank: 16484	6 KB
6	crwdcntrl.net 3 redirects tags.crwdcntrl.net — Cisco Umbrella Rank: 1009 bcp.crwdcntrl.net — Cisco Umbrella Rank: 948 sync.crwdcntrl.net — Cisco Umbrella Rank: 937	13 KB
6	4dex.io script.4dex.io — Cisco Umbrella Rank: 1518 mp.4dex.io — Cisco Umbrella Rank: 2625	50 KB
6	google.com www.google.com — Cisco Umbrella Rank: 3 adservice.google.com — Cisco Umbrella Rank: 106	33 KB
6	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 422 fonts.googleapis.com — Cisco Umbrella Rank: 67 imasdk.googleapis.com — Cisco Umbrella Rank: 489	217 KB
5	contextweb.com 5 redirects bh.contextweb.com — Cisco Umbrella Rank: 625	3 KB
5	zemanta.com 4 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 569 b1h-euc1.zemanta.com — Cisco Umbrella Rank: 26062	1 KB
5	stackadapt.com 5 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 758	3 KB
5	sitescout.com pixel.sitescout.com — Cisco Umbrella Rank: 3920 pixel-sync.sitescout.com — Cisco Umbrella Rank: 729	935 B
5	agkn.com 2 redirects aa.agkn.com — Cisco Umbrella Rank: 529 fid.agkn.com Failed	2 KB
5	bing.com 2 redirects www.bing.com — Cisco Umbrella Rank: 63	9 KB
5	pubfuture-ad.com cdn.pubfuture-ad.com — Cisco Umbrella Rank: 45273 ip2geo.pubfuture-ad.com — Cisco Umbrella Rank: 84286	6 KB
4	vidoomy.com vid.vidoomy.com — Cisco Umbrella Rank: 2349 vpaid.vidoomy.com — Cisco Umbrella Rank: 2998 a.vidoomy.com — Cisco Umbrella Rank: 2503	20 KB
4	audrte.com 3 redirects a.audrte.com — Cisco Umbrella Rank: 2767	3 KB
4	socdm.com 4 redirects tg.socdm.com — Cisco Umbrella Rank: 1076	3 KB
4	iqzone.com cs.iqzone.com — Cisco Umbrella Rank: 1757	756 B
4	adkernel.com sync.adkernel.com — Cisco Umbrella Rank: 1350	768 B
4	deepintent.com match.deepintent.com — Cisco Umbrella Rank: 1156	115 B
4	technoratimedia.com 4 redirects sync.technoratimedia.com — Cisco Umbrella Rank: 1560	1 KB
4	ipredictive.com 4 redirects sync.ipredictive.com — Cisco Umbrella Rank: 1043	2 KB
4	imrworldwide.com 4 redirects obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com — Cisco Umbrella Rank: 14913	1 KB
4	demdex.net 4 redirects dpm.demdex.net — Cisco Umbrella Rank: 219	4 KB
4	nextmillmedia.com 4 redirects cookies.nextmillmedia.com — Cisco Umbrella Rank: 4242	783 B
4	disqus.com 4 redirects ssp.disqus.com — Cisco Umbrella Rank: 1542	1 KB
4	dotomi.com 1 redirects web.hb.ad.cpe.dotomi.com — Cisco Umbrella Rank: 3588 casale-match.dotomi.com — Cisco Umbrella Rank: 3697 pubmatic-match.dotomi.com — Cisco Umbrella Rank: 4235	581 B
4	media.net prebid.media.net — Cisco Umbrella Rank: 1537 contextual.media.net — Cisco Umbrella Rank: 654	17 KB
4	adlightning.com tagan.adlightning.com — Cisco Umbrella Rank: 2329	105 KB
4	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 377	6 KB
3	outbrainimg.com images.outbrainimg.com — Cisco Umbrella Rank: 2281 log.outbrainimg.com — Cisco Umbrella Rank: 2481	36 KB
3	onaudience.com 3 redirects pixel-eu.onaudience.com — Cisco Umbrella Rank: 14305 pixel.onaudience.com — Cisco Umbrella Rank: 3331	1 KB
3	quantserve.com 3 redirects cms.quantserve.com — Cisco Umbrella Rank: 817	1 KB
3	simpli.fi 2 redirects um.simpli.fi — Cisco Umbrella Rank: 953	1 KB
3	adition.com 3 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1620	2 KB
3	taboola.com 1 redirects trc.taboola.com — Cisco Umbrella Rank: 632 sync.taboola.com — Cisco Umbrella Rank: 1077	393 B
3	lijit.com ap.lijit.com — Cisco Umbrella Rank: 724	955 B
3	1rx.io tag.1rx.io Failed sync.1rx.io — Cisco Umbrella Rank: 630	2 KB
3	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 427 cdn.id5-sync.com — Cisco Umbrella Rank: 785	18 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 57 region1.google-analytics.com — Cisco Umbrella Rank: 1892	21 KB
2	semasio.net 1 redirects uipglob.semasio.net — Cisco Umbrella Rank: 1334	1 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 851 s.tribalfusion.com — Cisco Umbrella Rank: 1995	1 KB
2	avct.cloud 2 redirects ads.avct.cloud — Cisco Umbrella Rank: 4430	1 KB
2	spotim.market sync.spotim.market — Cisco Umbrella Rank: 2682	904 B
2	turn.com 2 redirects ad.turn.com — Cisco Umbrella Rank: 1017	952 B
2	admedo.com 2 redirects pool.admedo.com — Cisco Umbrella Rank: 5494	751 B
2	ctnsnet.com 1 redirects ipac.ctnsnet.com — Cisco Umbrella Rank: 6059 cm.ctnsnet.com — Cisco Umbrella Rank: 5053	755 B
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 5458	562 B
2	ingage.tech ex.ingage.tech — Cisco Umbrella Rank: 8995	929 B
2	betweendigital.com 2 redirects ads.betweendigital.com — Cisco Umbrella Rank: 1813	1 KB
2	creative-serving.com 2 redirects ads.creative-serving.com — Cisco Umbrella Rank: 4764	1 KB
2	tynt.com ic.tynt.com — Cisco Umbrella Rank: 8639
2	scoota.co 2 redirects r.scoota.co — Cisco Umbrella Rank: 33375	1 KB
2	bluekai.com tags.bluekai.com — Cisco Umbrella Rank: 635	419 B
2	richaudience.com sync.richaudience.com — Cisco Umbrella Rank: 1991	757 B
2	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 1219	316 B
2	theadex.com dmp.theadex.com — Cisco Umbrella Rank: 19898	99 B
2	bemail.it 2 redirects bn01.er.bemail.it — Cisco Umbrella Rank: 98815	1 KB
2	exelator.com loadeu.exelator.com — Cisco Umbrella Rank: 8036	648 B
2	tidaltv.com sync.tidaltv.com — Cisco Umbrella Rank: 1802	133 B
2	fwmrm.net dmp.v.fwmrm.net — Cisco Umbrella Rank: 11049	822 B
2	prplads.com cdn.prplads.com — Cisco Umbrella Rank: 65072	129 KB
2	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1114	14 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	110 KB
2	rtbhouse.com esp.rtbhouse.com — Cisco Umbrella Rank: 1513	334 B
2	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 992	433 B
2	setupad.net prebid-stag.setupad.net — Cisco Umbrella Rank: 41468	6 KB
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 562	41 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 75	127 KB
1	playground.xyz 1 redirects ads.playground.xyz — Cisco Umbrella Rank: 4422	465 B
1	truffle.bid matching.truffle.bid — Cisco Umbrella Rank: 7407
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1292	527 B
1	ck-ie.com 1 redirects as.ck-ie.com — Cisco Umbrella Rank: 8664	484 B
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 390	649 B
1	bidtheatre.com 1 redirects match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2485	555 B
1	loopme.me 1 redirects csync.loopme.me — Cisco Umbrella Rank: 999	225 B
1	mrtnsvr.com 1 redirects ad.mrtnsvr.com — Cisco Umbrella Rank: 2881	308 B
1	erne.co 1 redirects green.erne.co — Cisco Umbrella Rank: 19213	412 B
1	iprom.net core.iprom.net — Cisco Umbrella Rank: 6427	277 B
1	gammaplatform.com 1 redirects cm-supply-web.gammaplatform.com — Cisco Umbrella Rank: 3439	639 B
1	adgrx.com cm.adgrx.com — Cisco Umbrella Rank: 1598	283 B
1	rfihub.com 1 redirects p.rfihub.com — Cisco Umbrella Rank: 940	793 B
1	adxbid.info adxbid.info — Cisco Umbrella Rank: 16771	3 KB
1	yandex.ru bs.yandex.ru — Cisco Umbrella Rank: 16780	421 B
1	smart-hub.io explorads-prebid.smart-hub.io	337 B
1	servenobid.com ads.servenobid.com — Cisco Umbrella Rank: 2715	777 B
1	stickyadstv.com ads.stickyadstv.com — Cisco Umbrella Rank: 629	734 B
1	avads.net 1 redirects ads.avads.net — Cisco Umbrella Rank: 23940	371 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 4106	400 B
1	pubfuture.com s3.pubfuture.com — Cisco Umbrella Rank: 182732	21 KB
1	setupad.com node.setupad.com — Cisco Umbrella Rank: 48268	209 B
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 1497	8 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 1424	2 KB
1	stpd.cloud stpd.cloud — Cisco Umbrella Rank: 45028	124 KB
0	rlcdn.com Failed api.rlcdn.com Failed
752	133

	Domain	Requested by
60	usersync.gumgum.com	4 redirects rtb.gumgum.com ads.pubmatic.com
31	mwzeom.zeotap.com	spl.zeotap.com ads.us.e-planning.net
31	www.picuki.com	1 redirects www.picuki.com ajax.googleapis.com
24	u-ams03.e-planning.net	ads.us.e-planning.net ssum.casalemedia.com ads.pubmatic.com
22	eus.rubiconproject.com	ads.us.e-planning.net www.picuki.com cdn.pixfuture.com eus.rubiconproject.com rtb.gumgum.com
21	cm.g.doubleclick.net	13 redirects spl.zeotap.com rtb.gumgum.com eus.rubiconproject.com
20	x.bidswitch.net	19 redirects www.picuki.com
19	cdn.pixfuture.com	tagan.adlightning.com static.cloudflareinsights.com cdn.pixfuture.com www.picuki.com
18	pagead2.googlesyndication.com	tagan.adlightning.com www.picuki.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net www.googletagservices.com securepubads.g.doubleclick.net
17	ads.pubmatic.com	ads.us.e-planning.net cdn.pixfuture.com stpd.cloud rtb.gumgum.com ads.pubmatic.com s.adtelligent.com adxbid.info
16	cdn1.picuki.com	www.picuki.com
15	ib.adnxs.com	11 redirects stpd.cloud cdn.pixfuture.com spl.zeotap.com
14	simage2.pubmatic.com	ads.pubmatic.com ads.us.e-planning.net
14	sync.adtelligent.com	cdn.pixfuture.com s.console.adtarget.com.tr ads.us.e-planning.net s.adtelligent.com ads.pubmatic.com
14	eb2.3lift.com	www.picuki.com ads.us.e-planning.net stpd.cloud adxbid.info tagan.adlightning.com
13	sync-tm.everesttech.net	9 redirects spl.zeotap.com ssum.casalemedia.com ads.pubmatic.com
13	onetag-sys.com	2 redirects stpd.cloud ads.us.e-planning.net cdn.pixfuture.com cdn.prplads.com s.adtelligent.com
12	sync.outbrain.com	8 redirects rtb.gumgum.com
12	dsum-sec.casalemedia.com	1 redirects ssum.casalemedia.com
11	s0.2mdn.net	www.picuki.com s0.2mdn.net
11	match.adsrvr.org	cdn.pixfuture.com spl.zeotap.com ssum.casalemedia.com rtb.gumgum.com ads.pubmatic.com eus.rubiconproject.com ads.us.e-planning.net
11	prg.smartadserver.com	stpd.cloud cdn.pixfuture.com
10	pr-bh.ybp.yahoo.com	5 redirects ssum.casalemedia.com ads.pubmatic.com
10	pixel.rubiconproject.com	5 redirects eus.rubiconproject.com adxbid.info www.picuki.com
10	aax-eu.amazon-adsystem.com	5 redirects spl.zeotap.com www.picuki.com ads.pubmatic.com eus.rubiconproject.com
10	btlr.sharethrough.com	stpd.cloud cdn.pixfuture.com
9	creativecdn.com	9 redirects
9	ad.360yield.com	9 redirects
9	cm.adform.net	5 redirects googleads.g.doubleclick.net cdn.pixfuture.com s.console.adtarget.com.tr
9	api.purpleads.io	cdn.prplads.com www.picuki.com
9	prebidserver.pixfuture.com	cdn.pixfuture.com www.picuki.com ads.us.e-planning.net
9	secure.adnxs.com	8 redirects tagan.adlightning.com
9	platform-cdn.sharethis.com	www.picuki.com
8	image2.pubmatic.com	ads.pubmatic.com
8	sync.console.adtarget.com.tr	2 redirects s.console.adtarget.com.tr
8	match.prod.bidr.io	5 redirects ssum.casalemedia.com
8	s.amazon-adsystem.com	4 redirects ssum.casalemedia.com eus.rubiconproject.com
8	image6.pubmatic.com	2 redirects spl.zeotap.com ads.pubmatic.com
8	pixel.tapad.com	6 redirects spl.zeotap.com
8	spl.zeotap.com	ads.us.e-planning.net spl.zeotap.com
8	secure-assets.rubiconproject.com	8 redirects
8	served-by.pixfuture.com	tagan.adlightning.com cdn.pixfuture.com
8	gum.criteo.com	1 redirects stpd.cloud tagan.adlightning.com cdn.pixfuture.com
7	ssum.casalemedia.com	3 redirects ads.us.e-planning.net
7	securepubads.g.doubleclick.net	www.picuki.com securepubads.g.doubleclick.net tagan.adlightning.com
6	sync.mathtag.com	6 redirects
6	ssbsync.smartadserver.com	ssum.casalemedia.com rtb.gumgum.com
6	tpc.googlesyndication.com	www.picuki.com tpc.googlesyndication.com s0.2mdn.net tagan.adlightning.com
6	sync.go.sonobi.com	ads.us.e-planning.net www.picuki.com
6	ads.us.e-planning.net	2 redirects cdn.pixfuture.com
5	user-sync.adxpremium.services	adxbid.info ads.pubmatic.com vid.vidoomy.com
5	c1.adform.net	4 redirects ads.pubmatic.com
5	bh.contextweb.com	5 redirects
5	sync.srv.stackadapt.com	5 redirects
5	dsum.casalemedia.com	ssum.casalemedia.com
5	ssum-sec.casalemedia.com	ssum.casalemedia.com rtb.gumgum.com
5	idsync.frontend.weborama.fr	4 redirects ads.pubmatic.com
5	rtb.openx.net	1 redirects ads.us.e-planning.net
5	aa.agkn.com	2 redirects tagan.adlightning.com
5	www.bing.com	2 redirects www.picuki.com
5	www.gstatic.com	www.google.com
5	www.google.com	www.picuki.com www.gstatic.com www.google.com tagan.adlightning.com
4	token.rubiconproject.com	4 redirects
4	a.audrte.com	3 redirects ads.pubmatic.com
4	cs.admanmedia.com	rtb.gumgum.com
4	tg.socdm.com	4 redirects
4	cs.iqzone.com	rtb.gumgum.com
4	sync.adkernel.com	rtb.gumgum.com
4	sync.e-planning.net	rtb.gumgum.com
4	match.deepintent.com	rtb.gumgum.com
4	sync.technoratimedia.com	4 redirects
4	sync.ipredictive.com	4 redirects
4	us-u.openx.net	rtb.gumgum.com
4	b1sync.zemanta.com	4 redirects
4	obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com	4 redirects
4	beacon.krxd.net	spl.zeotap.com
4	ups.analytics.yahoo.com	4 redirects
4	dpm.demdex.net	4 redirects
4	rtb.gumgum.com	ads.us.e-planning.net
4	i.e-planning.net	ads.us.e-planning.net
4	cookies.nextmillmedia.com	4 redirects
4	ssp.disqus.com	4 redirects
4	s.e-planning.net	ads.us.e-planning.net
4	sync.admanmedia.com	4 redirects
4	pixel.sitescout.com	ads.us.e-planning.net
4	ib.3lift.com	tagan.adlightning.com www.picuki.com
4	script.4dex.io	stpd.cloud script.4dex.io cdn.prplads.com
4	tagan.adlightning.com	stpd.cloud tagan.adlightning.com
4	cdn.jsdelivr.net	www.picuki.com stpd.cloud securepubads.g.doubleclick.net cdn.prplads.com
3	sync.1rx.io	3 redirects
3	cms.quantserve.com	3 redirects
3	um.simpli.fi	2 redirects ads.pubmatic.com
3	dsp.adfarm1.adition.com	3 redirects
3	dmp.adform.net	1 redirects spl.zeotap.com
3	ap.lijit.com	cdn.pixfuture.com www.picuki.com adxbid.info
3	fonts.googleapis.com	tagan.adlightning.com cdn.pixfuture.com
3	bcp.crwdcntrl.net	2 redirects tags.crwdcntrl.net
3	tlx.3lift.com	stpd.cloud www.picuki.com
3	hbopenbid.pubmatic.com	stpd.cloud cdn.pixfuture.com
3	cdn.pubfuture-ad.com	www.picuki.com cdn.pubfuture-ad.com
2	a.vidoomy.com	www.picuki.com
2	uipglob.semasio.net	1 redirects www.picuki.com
2	simage4.pubmatic.com	ads.pubmatic.com
2	log.outbrainimg.com	www.picuki.com
2	ads.avct.cloud	2 redirects
2	sync.spotim.market	s.adtelligent.com
2	ad.turn.com	2 redirects
2	pool.admedo.com	2 redirects
2	sync.crwdcntrl.net	1 redirects ads.pubmatic.com
2	pixel-eu.onaudience.com	2 redirects
2	d5p.de17a.com	2 redirects
2	googleads4.g.doubleclick.net	www.picuki.com
2	ex.ingage.tech	cdn.prplads.com
2	ads.betweendigital.com	2 redirects
2	ads.creative-serving.com	2 redirects
2	s.adtelligent.com	cdn.pixfuture.com
2	u.openx.net	cdn.pixfuture.com
2	s.console.adtarget.com.tr	cdn.pixfuture.com
2	contextual.media.net	cdn.pixfuture.com
2	ic.tynt.com	cdn.pixfuture.com
2	r.scoota.co	2 redirects
2	tags.bluekai.com	spl.zeotap.com
2	usermatch.krxd.net	2 redirects
2	pixel.mathtag.com	2 redirects
2	sync.richaudience.com	spl.zeotap.com
2	odr.mookie1.com	spl.zeotap.com
2	cms.analytics.yahoo.com	2 redirects
2	dmp.theadex.com	spl.zeotap.com
2	bn01.er.bemail.it	2 redirects
2	loadeu.exelator.com	spl.zeotap.com
2	sync.tidaltv.com	spl.zeotap.com
2	dmp.v.fwmrm.net	spl.zeotap.com
2	trc.taboola.com	spl.zeotap.com
2	googleads.g.doubleclick.net	www.picuki.com pagead2.googlesyndication.com
2	signal-segments.s-onetag.com	get.s-onetag.com
2	cdn.prplads.com	cdn.pixfuture.com cdn.prplads.com
2	ghb.adtelligent.com	cdn.pixfuture.com
2	web.hb.ad.cpe.dotomi.com	cdn.pixfuture.com
2	apex.go.sonobi.com	cdn.pixfuture.com
2	prebid.media.net	cdn.pixfuture.com
2	pixfuture2-d.openx.net	cdn.pixfuture.com
2	fastlane.rubiconproject.com	cdn.pixfuture.com
2	fonts.gstatic.com	fonts.googleapis.com
2	static.cloudflareinsights.com	cdn.pixfuture.com
2	www.googletagservices.com	tagan.adlightning.com s0.2mdn.net
2	oajs.openx.net	1 redirects www.picuki.com
2	esp.rtbhouse.com	invstatic101.creativecdn.com
2	prebid-eu.creativecdn.com	stpd.cloud cdn.prplads.com
2	mp.4dex.io	stpd.cloud cdn.prplads.com
2	prebid.a-mo.net	stpd.cloud cdn.prplads.com
2	prebid-stag.setupad.net	stpd.cloud
2	adx.adform.net	stpd.cloud
2	static.criteo.net	securepubads.g.doubleclick.net stpd.cloud
2	id5-sync.com	stpd.cloud cdn.id5-sync.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	ip2geo.pubfuture-ad.com	cdn.pubfuture-ad.com
2	ajax.googleapis.com	www.picuki.com s0.2mdn.net
2	www.googletagmanager.com	www.picuki.com www.googletagmanager.com
1	signal-metrics-collector-beta.s-onetag.com	signal-beacon.s-onetag.com
1	connect-metrics-collector.s-onetag.com	get.s-onetag.com
1	ade.googlesyndication.com	www.picuki.com
1	ads.playground.xyz	1 redirects
1	pixel.onaudience.com	1 redirects
1	matching.truffle.bid	ads.pubmatic.com
1	sync.targeting.unrulymedia.com	1 redirects
1	s.tribalfusion.com	ads.pubmatic.com
1	a.tribalfusion.com	1 redirects
1	images.outbrainimg.com	www.picuki.com
1	vpaid.vidoomy.com	vid.vidoomy.com
1	vid.vidoomy.com	adxbid.info
1	cm.ctnsnet.com	1 redirects
1	as.ck-ie.com	1 redirects
1	px.ads.linkedin.com	eus.rubiconproject.com
1	match.adsby.bidtheatre.com	1 redirects
1	pixel-sync.sitescout.com	ads.pubmatic.com
1	pubmatic-match.dotomi.com	ads.pubmatic.com
1	image4.pubmatic.com	ads.pubmatic.com
1	cr.frontend.weborama.fr	1 redirects
1	csync.loopme.me	1 redirects
1	ad.mrtnsvr.com	1 redirects
1	green.erne.co	1 redirects
1	core.iprom.net	ads.pubmatic.com
1	cm-supply-web.gammaplatform.com	1 redirects
1	ipac.ctnsnet.com	ads.pubmatic.com
1	cm.adgrx.com	ads.pubmatic.com
1	rtb-csync.smartadserver.com	1 redirects
1	p.rfihub.com	1 redirects
1	dis.criteo.com	1 redirects
1	adxbid.info	stpd.cloud
1	bs.yandex.ru	cdn.prplads.com
1	explorads-prebid.smart-hub.io	cdn.prplads.com
1	ads.servenobid.com	cdn.prplads.com
1	b1h-euc1.zemanta.com	cdn.prplads.com
1	prebid.admanmedia.com	cdn.prplads.com
1	ads.stickyadstv.com	ssum.casalemedia.com
1	pixel-eu.rubiconproject.com	eus.rubiconproject.com
1	casale-match.dotomi.com	1 redirects
1	sync.taboola.com	1 redirects
1	ads.avads.net	1 redirects
1	ad.yieldlab.net	googleads.g.doubleclick.net
1	beacon-ams3.rubiconproject.com	www.picuki.com
1	prebid-server.rubiconproject.com	cdn.pixfuture.com
1	signal-beacon.s-onetag.com	tagan.adlightning.com
1	onetag-geo.s-onetag.com	get.s-onetag.com
1	get.s-onetag.com	tagan.adlightning.com
1	imasdk.googleapis.com	tagan.adlightning.com
1	img.3lift.com	www.picuki.com
1	s3.pubfuture.com	www.picuki.com
1	google-bidout-d.openx.net	tagan.adlightning.com
1	node.setupad.com	stpd.cloud
1	b24aa2873adffce44e55e180d9ae3331.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	tagan.adlightning.com
1	mug.criteo.com	www.picuki.com
1	rtb.adxpremium.services	stpd.cloud
1	bidder.criteo.com	stpd.cloud
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	region1.google-analytics.com	www.googletagmanager.com
1	l.sharethis.com	platform-api.sharethis.com
1	buttons-config.sharethis.com	platform-api.sharethis.com
1	platform-api.sharethis.com	www.picuki.com
1	stpd.cloud	www.picuki.com
0	api.rlcdn.com Failed	cdn.pixfuture.com
0	fid.agkn.com Failed	cdn.pixfuture.com
0	tag.1rx.io Failed	stpd.cloud
752	228

This site contains links to these domains. Also see Links.

Domain
cdn1.picuki.com
www.reviwu.com
www.facebook.com
www.pixfuture.com
pubfuture.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-03-01` - `2024-02-28`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
stpd.cloud E1	`2023-04-24` - `2023-07-23`	3 months	crt.sh
sharethis.com Amazon RSA 2048 M02	`2023-05-20` - `2024-06-17`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
*.adlightning.com Amazon RSA 2048 M01	`2023-02-22` - `2023-07-07`	4 months	crt.sh
script.4dex.io Cloudflare Inc ECC CA-3	`2022-11-23` - `2023-11-22`	a year	crt.sh
*.id5-sync.com R3	`2023-04-18` - `2023-07-17`	3 months	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-04-28` - `2023-07-28`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2022-11-07` - `2023-12-06`	a year	crt.sh
cdn.prod.uidapi.com R3	`2023-05-18` - `2023-08-16`	3 months	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-05-28` - `2023-08-26`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-27` - `2023-08-27`	3 months	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
*.a-mo.net R3	`2023-04-13` - `2023-07-12`	3 months	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.creativecdn.com RapidSSL TLS RSA CA G1	`2023-03-29` - `2024-04-28`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M02	`2023-02-10` - `2023-08-12`	6 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.adxpremium.services Sectigo RSA Domain Validation Secure Server CA	`2022-08-26` - `2023-08-05`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-28` - `2024-01-28`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
esp.rtbhouse.com GTS CA 1D4	`2023-05-17` - `2023-08-15`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
node.setupad.com R3	`2023-04-27` - `2023-07-26`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.pixfuture.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-01` - `2023-12-03`	a year	crt.sh
r.bing.com Microsoft RSA TLS CA 01	`2022-11-15` - `2023-11-15`	a year	crt.sh
*.agkn.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-09-06` - `2023-09-21`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
prebid.media.net GTS CA 1D4	`2023-05-09` - `2023-08-07`	3 months	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2023-05-06` - `2024-05-04`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2022-12-06` - `2024-01-07`	a year	crt.sh
ad.cpe.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-05-31` - `2023-07-02`	a year	crt.sh
ghb.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2023-06-01` - `2023-08-30`	3 months	crt.sh
prplads.com GTS CA 1P5	`2023-04-19` - `2023-07-18`	3 months	crt.sh
*.s-onetag.com Amazon RSA 2048 M01	`2023-02-23` - `2024-01-02`	10 months	crt.sh
*.purpleads.io Amazon RSA 2048 M02	`2023-02-24` - `2023-11-29`	9 months	crt.sh
ads.us.e-planning.net R3	`2023-05-06` - `2023-08-04`	3 months	crt.sh
*.sitescout.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-01-09` - `2024-02-02`	a year	crt.sh
*.e-planning.net R3	`2023-05-06` - `2023-08-04`	3 months	crt.sh
casalemedia.com Go Daddy Secure Certificate Authority - G2	`2022-12-13` - `2024-01-13`	a year	crt.sh
i.e-planning.net Sectigo RSA Domain Validation Secure Server CA	`2023-01-09` - `2024-02-09`	a year	crt.sh
gumgum.com Amazon RSA 2048 M01	`2023-02-14` - `2023-10-05`	8 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
*.v.fwmrm.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-09` - `2023-12-10`	a year	crt.sh
*.tidaltv.com Sectigo RSA Domain Validation Secure Server CA	`2022-05-19` - `2023-06-19`	a year	crt.sh
*.exelator.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-29` - `2024-06-11`	a year	crt.sh
dmp.theadex.com R3	`2023-04-24` - `2023-07-23`	3 months	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-27` - `2024-03-29`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-14` - `2024-04-12`	a year	crt.sh
*.richaudience.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2023-02-27` - `2024-02-26`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-07` - `2024-02-08`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-04-04` - `2023-09-27`	6 months	crt.sh
*.match.prod.bidr.io Amazon RSA 2048 M02	`2023-02-09` - `2024-01-26`	a year	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-07` - `2023-09-30`	a year	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
s.console.adtarget.com.tr ZeroSSL ECC Domain Secure Site CA	`2023-05-23` - `2023-08-21`	3 months	crt.sh
sync.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2023-05-24` - `2023-08-22`	3 months	crt.sh
s.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2023-05-27` - `2023-08-25`	3 months	crt.sh
*.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-25` - `2024-06-18`	a year	crt.sh
aax-eu.amazon-adsystem.com Amazon RSA 2048 M01	`2023-01-27` - `2024-01-27`	a year	crt.sh
*.deepintent.com Go Daddy Secure Certificate Authority - G2	`2022-11-30` - `2024-01-01`	a year	crt.sh
*.ads.stickyadstv.com DigiCert TLS RSA SHA256 2020 CA1	`2023-04-16` - `2024-04-16`	a year	crt.sh
*.ingage.tech Sectigo RSA Organization Validation Secure Server CA	`2022-07-13` - `2023-08-11`	a year	crt.sh
*.admanmedia.com Go Daddy Secure Certificate Authority - G2	`2023-04-20` - `2024-05-21`	a year	crt.sh
*.zemanta.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-16` - `2023-09-06`	a year	crt.sh
ads.servenobid.com Amazon RSA 2048 M01	`2023-04-29` - `2024-05-27`	a year	crt.sh
*.smart-hub.io Go Daddy Secure Certificate Authority - G2	`2022-09-29` - `2023-10-05`	a year	crt.sh
bs.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-04-08` - `2023-10-07`	6 months	crt.sh
adxbid.info E1	`2023-04-12` - `2023-07-11`	3 months	crt.sh
*.adkernel.com AlphaSSL CA - SHA256 - G4	`2023-01-03` - `2024-02-04`	a year	crt.sh
*.iqzone.com Go Daddy Secure Certificate Authority - G2	`2023-04-05` - `2024-05-06`	a year	crt.sh
*.ad-server.k8s.ie.ggops.com Amazon RSA 2048 M02	`2023-02-08` - `2024-02-15`	a year	crt.sh
sync.console.adtarget.com.tr ZeroSSL ECC Domain Secure Site CA	`2023-05-22` - `2023-08-20`	3 months	crt.sh
*.everesttech.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-11-07` - `2023-12-09`	a year	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-03` - `2024-03-31`	a year	crt.sh
*.ctnsnet.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-04` - `2023-11-06`	10 months	crt.sh
*.iprom.net R3	`2023-05-23` - `2023-08-21`	3 months	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2022-11-07` - `2023-12-08`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
sync.spotim.market ZeroSSL ECC Domain Secure Site CA	`2023-05-24` - `2023-08-22`	3 months	crt.sh
s.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-03` - `2024-02-19`	a year	crt.sh
*.vidoomy.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-01` - `2023-10-02`	a year	crt.sh
*.outbrainimg.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-02` - `2024-03-02`	a year	crt.sh
truffle.bid R3	`2023-05-24` - `2023-08-22`	3 months	crt.sh

This page contains 191 frames:

Primary Page: https://www.picuki.com/profile/rudy_israel
Frame ID: E9130ACCC413EA8605D7FBA429C0D5E5
Requests: 213 HTTP requests in this frame

Frame: https://www.picuki.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/5da7637f/invisible.js
Frame ID: 3C0DA83006F9A3F5490EA9B1D06488E8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdcFkUaAAAAAHxmRBOJruwwR6lt9AfAQOWSgZMk&co=aHR0cHM6Ly93d3cucGljdWtpLmNvbTo0NDM.&hl=de&v=sNQO7xVld1CuA2hfFHvkpVL-&size=normal&cb=93nbcugn4g2q
Frame ID: DF9C2BBD42398BAB4C4C97626B8FCD41
Requests: 4 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.picuki.com
Frame ID: 2FB90E0C5FF949F014E5329A872C1F12
Requests: 2 HTTP requests in this frame

Frame: https://b24aa2873adffce44e55e180d9ae3331.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 389E867FB74D68BC12B1E3FFE00EF4F2
Requests: 1 HTTP requests in this frame

Frame: https://tagan.adlightning.com/setupad/b-e09f10f-032e20a2.js
Frame ID: C3DFF9DFD72055D39DE1970474DFB9A4
Requests: 18 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 3FF61ECDC4F84F56DFD3F3A897A4F5B5
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=sNQO7xVld1CuA2hfFHvkpVL-&k=6LdcFkUaAAAAAHxmRBOJruwwR6lt9AfAQOWSgZMk
Frame ID: 8F765C4A7D9F47BAE18B3143A53445C5
Requests: 3 HTTP requests in this frame

Frame: https://cdn.pixfuture.com/pixf_sync.html
Frame ID: 7992B3383969B3695D2853BE0A15C513
Requests: 3 HTTP requests in this frame

Frame: https://cdn.pixfuture.com/pixf_sync.html
Frame ID: 0EE3B422B67278EFA55E93D5067C8719
Requests: 3 HTTP requests in this frame

Frame: https://cdn.prplads.com/agent.js?publisherId=843634950ae7da8212d7bc65d4f0a97e:52301e0c24b64bee47e1918518ccf6ca04407559b11da94db7a58977efa6c61b600e63c341130ae129833a140151abb43deee7f045746681acde1e0accf71bc7
Frame ID: 3C0E957C594E30C549B7E14E44FE597C
Requests: 5 HTTP requests in this frame

Frame: https://prebidserver.pixfuture.com/setuid?bidder=onetag&gdpr=&gdpr_consent=&f=b&uid=
Frame ID: 5B2B011FD9CB449A123BEE309A1175F2
Requests: 1 HTTP requests in this frame

Frame: https://prebidserver.pixfuture.com/setuid?bidder=onetag&gdpr=&gdpr_consent=&f=b&uid=
Frame ID: DA1B057837C2635447219EFDB43249B7
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Frame ID: 637C5E43FF3276BCC23FBC05724096AB
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYidrjwAEwAQ&v=APEucNUjPIlKo3Fvjwsuc79yOAVYjjgG3a-vI-CGpMzqfeLYeSthvn_hHr5McPINEkLWGLQZvobSTW1rngc3a-CRV0fal_LGZQSTw3NQmV93ECFnoHp6iNxPSlRdwhrZTOTaPKONC1rzkFtpiNLtMtczY5lXtSjIqLqDwTIBmtH_5U73hWrPbr8
Frame ID: 3C087F4F0272CA0902796F78DF471417
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 2C9724483206F04A0E21588D250196DB
Requests: 17 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Frame ID: D5ACC62BAAB1E82D3A8FF55D5FE26B7B
Requests: 9 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Frame ID: 3BBC1709D910C605C9077AC99621211A
Requests: 2 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D719ef7d6c453fa93%26uid%3D&s=190243&C=1
Frame ID: 11DDC1EB5DBE589E41DCFBED6B90C9A1
Requests: 10 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: 2B4D5810A2E79C80A7E39069DEF543AE
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: 13FD48B6087CEA61536065D4CB913705
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Frame ID: EC634B9C86EE259D77AEF5F010AF18A0
Requests: 33 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Frame ID: 87C59019461FEF2F595C4E371EE009F8
Requests: 11 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D719ef7d6c453fa93%26uid%3D&s=190243&C=1
Frame ID: 01D9E2AB2232FF8C599F0AF3C8A8819C
Requests: 10 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: 83884C1FAEE9892AC91B5B699F2F8225
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: 146074895D7F0A379957A904892851B3
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Frame ID: 0DA3D65EAA652D0ED29BE103FDECBBC8
Requests: 33 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D719ef7d6c453fa93%26uid%3D
Frame ID: 054898A9FA7B52E0186C976003D63919
Requests: 15 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Frame ID: F16CD2A65D235582E896B9CE6DE84100
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D719ef7d6c453fa93%26uid%3D
Frame ID: A5608CDB0163D6B48E23C4BF582CD75F
Requests: 7 HTTP requests in this frame

Frame: https://prebidserver.pixfuture.com/setuid?bidder=eplanning&gdpr=&gdpr_consent=&f=b&uid=AIOxlFouGHXuimNR
Frame ID: 5602A2BE75730CBAD38A96C4BE1211E0
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D719ef7d6c453fa93%26uid%3D
Frame ID: C792EA0F00E06E13AC405019043BF3D5
Requests: 15 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Frame ID: D1FD01924C25AE21BF520DF352B84D47
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D719ef7d6c453fa93%26uid%3D
Frame ID: 6DD5892C5398899C78F90B03995D1C2E
Requests: 19 HTTP requests in this frame

Frame: https://prebidserver.pixfuture.com/setuid?bidder=eplanning&gdpr=&gdpr_consent=&f=b&uid=AIOxlFouGHXuimNR
Frame ID: 86AA3699E822630CCD341C0A499999AD
Requests: 1 HTTP requests in this frame

Frame: https://cdn.prplads.com/prebid-2023-06-05.js
Frame ID: 60F176E88D20C357BC8D074335E654CF
Requests: 14 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: 1D572A9AAEE61C189F59804D4E1590B4
Requests: 2 HTTP requests in this frame

Frame: https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Frame ID: 6E7AB5CA663562B9D34A92BACD6CD18D
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent={gdpr_consent}&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Frame ID: 0D138BDAB0C218C2896DBC2CC7FBA1AF
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Frame ID: D052EF5D6050C724A08FF7535102A692
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUIUMTP7&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 54EEF20C236B44FD0CC81A94CE2B3B9E
Requests: 1 HTTP requests in this frame

Frame: https://s.console.adtarget.com.tr/sync.html?aid=755289
Frame ID: 463F90B9E4567DCDF0E3B3B667C24F0A
Requests: 2 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=733849&extuid=2010292523365572458
Frame ID: 269B720E1C6F927FBE31A14B666E6F1D
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Frame ID: 27B9EB20058950FE218D4288251EE21C
Requests: 9 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: E454C18AF2A473F546A07EFCA1E98836
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=743295&extuid=${UID}&gdpr=[replace_me]&gdpr_consent=[replace_me]
Frame ID: A0C2E80C0F04C2D3F1B73D5D45D6EE1B
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 78F872AC8A35B1CA64223B13D71A9855
Requests: 2 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=651796
Frame ID: CF2C62AD76EF59A3375072508F56ACAD
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Frame ID: BFAB1226AA6C9B23CFB1287DA85BEE4A
Requests: 2 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D743293%26extuid%3D%24UID%26gdpr%3D%5Breplace_me%5D%26gdpr_consent%3D%5Breplace_me%5D
Frame ID: A0C17763117809946A2671932E95A8AE
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Frame ID: 8EB53A42DCCE93307B3583114ED1D06B
Requests: 2 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D719ef7d6c453fa93%26uid%3D
Frame ID: 186862E7F82D73B4F01BF32F1EBD1CDD
Requests: 10 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: C747FEFDAC03946099BC72E9C7D54A3A
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: 5AF9243F2A4DECD14F7245D0805A6D6F
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Frame ID: 958F377C76DF53F8CFEAEA20CC177875
Requests: 4 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 8FA6961C06756A42E7EAF57282343B1E
Requests: 1 HTTP requests in this frame

Frame: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Frame ID: 351461752C4A10D17D7CA3342634261C
Requests: 7 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1686210010805
Frame ID: 7DAA2ECC763529363E462F6C83054EB2
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Frame ID: E20AD5CE217C6388D7FA5D9177B72E00
Requests: 1 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=181093&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dmdp%26i%3D%5BUID%5D&gdpr=&gdpr_consent=&ccpa=
Frame ID: 39DBA14C432E6657A6021A87C8DCE80B
Requests: 1 HTTP requests in this frame

Frame: https://cs.iqzone.com/e9d4ff858b5e32317e843f5ed11b2659.gif?puid=e_a01540c4-6b8d-441e-aa49-6451ca6fa1fc&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diqz
Frame ID: ACDD0F9783FAC0E733678355D70315FD
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Frame ID: F8BEEF7F30F4D888E92423AF43BCDDCB
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
Frame ID: 30C6EBF1AA6B60DD2AB9788A5E0CF77F
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=9cec6481-85de-4100-a882-2763fa3fa443&gdpr=&gdpr_consent=
Frame ID: 896F9133FB88DA53CD5B8AD70BFF73C7
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=ZIGF3gAQJUIl8wAp&gdpr=&gdpr_consent=&_test=ZIGF3gAQJUIl8wAp
Frame ID: A49E4FBC8BF7C2359BA4BCE33D2E3C56
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9hMDE1NDBjNC02YjhkLTQ0MWUtYWE0OS02NDUxY2E2ZmExZmM=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: 8F16D2B84038C78BCFC7C8DF8F8733D7
Requests: 1 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=181093&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dmdp%26i%3D%5BUID%5D&gdpr=&gdpr_consent=&ccpa=
Frame ID: 393E37368B17F1D22733482B99D5CB48
Requests: 1 HTTP requests in this frame

Frame: https://cs.iqzone.com/e9d4ff858b5e32317e843f5ed11b2659.gif?puid=e_3669e6a6-26f5-4699-9b14-91acccedbe01&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diqz
Frame ID: 59CABE450237BBDE8EEC15A9A50A611A
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Frame ID: 6D12BAD3298A89E9CE3976DBC9C9971A
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
Frame ID: 0AED97DFA22E4CA45FA781B0218DBCD1
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=1a106481-85dd-4f00-93b4-dd67057587d7&gdpr=&gdpr_consent=
Frame ID: B0F16400D0BE48965239081F18BD7641
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=ZIGF3gAQGejc6AAn&gdpr=&gdpr_consent=
Frame ID: EAD5987AC3F6E09953CEEDF22A85EC0C
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8zNjY5ZTZhNi0yNmY1LTQ2OTktOWIxNC05MWFjY2NlZGJlMDE=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: D3335BCBA43C354DFFE2F24BC2D0721D
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZIGF3sCo5tEAANyoq6gAAAAA
Frame ID: 07F6A7D0947E0C79C475FA6C6C8C75CA
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 70B778C8FB70913BEC87B1F4605AE104
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/10268516360994813842/index.html?e=69&leftOffset=0&topOffset=0&c=pcCPQ3X2yb&t=1&renderingType=2&ev=01_250
Frame ID: C7B2AE1005138219DB198376611718D4
Requests: 13 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=N7fCtP1YxmCs0rveLB0j&pi=admatic&tc=1
Frame ID: 6967A38F60DCEDF35AA18A16AC9B89A0
Requests: 1 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Frame ID: BE5A334361E290C11610EAA97D73BC66
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=743408&extuid=4f83d804-a17a-47e8-9910-870fa15f0259&gdpr=[replace_me]&gdpr_consent=[replace_me]
Frame ID: 07BA6522FFE45ABFBC25B1A9F303890E
Requests: 1 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D743845%26extuid%3D%24UID
Frame ID: 1E6CDBBB29C5F0192E7601748C687949
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZIGF3sCo5ucAAOzzFLsAAAAA
Frame ID: 4CAC3C0EF29BFC9C15A7DE271715AD57
Requests: 1 HTTP requests in this frame

Frame: https://cs.admanmedia.com/sync/gumgum?puid=e_a01540c4-6b8d-441e-aa49-6451ca6fa1fc&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=&gdpr_consent=&ccpa=
Frame ID: 068B5CB19994557AC55B86635E641EF2
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
Frame ID: 806837C0CA6F8EE7F5D7E1FC0740CF4B
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=N7fCtP1YxmCs0rveLB0j&pi=gumgum&tc=1
Frame ID: 7A9F73AC990B2766A5E082B0E5DBF829
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 7C0172046371C1AC1791A654C8D85694
Requests: 3 HTTP requests in this frame

Frame: https://cs.admanmedia.com/sync/gumgum?puid=e_3669e6a6-26f5-4699-9b14-91acccedbe01&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=&gdpr_consent=&ccpa=
Frame ID: 92FF7D36601B2680F3F00A048044654B
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
Frame ID: 99925A8C928BB6FBC0A7C03E6640B653
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=N7fCtP1YxmCs0rveLB0j&pi=gumgum&tc=1
Frame ID: 71AFCF320D2CDCE346344E3758100558
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 522029A9E7301AE518E2A0EAC5860EA5
Requests: 2 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:48866481-85de-4f00-8fe9-3444e552210b&gdpr=0&gdpr_consent=
Frame ID: 8B8EA2C126822278CAA730D74929A502
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1231002253622186881
Frame ID: B83FDD8DC11359A78481593FE45306D8
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 1BC0B696906546BE6295EB015646838C
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5124322326816305658
Frame ID: 8D556AB62238EE433923CFECDC52B747
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=F1189970-D5EB-4D10-A457-2B376BA0A465&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: 4954D064E6EF9DE8BAE13A6F8B035A1D
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=1vhTu9j5D-_N-gi90PlGvtepD-7N_Fq72a2_o3f7
Frame ID: A873BA1958670BE9F23863611AA93270
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2010292523365572458&gdpr=0&gdpr_consent=
Frame ID: DDB1164CA3E8854F8E98122096FCAD50
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7242216864319142038&gdpr=0&gdpr_consent=
Frame ID: 1F6F0ABAABADD097E60A6096878E2053
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABUJE7JAwwAACKUk8iBSg&gdpr=0&gdpr_consent=
Frame ID: D69A9BD1B303308CD69FC7AC72793391
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: 6507C7BF8FE6EF68F407FD71CE8E9D4F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=82NyhbR3XSNH7Pjg59tfMFD_B2w&gdpr=0&gdpr_consent=
Frame ID: 407E6C50919624BE859C6227E30D4E3E
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 91AB3C863FD8F71D17F1C84144AF02AF
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 33198B69AFEF6168AB11560F1A4E0D68
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=16yp2tak7zyl
Frame ID: 3F4B8DB8A160A94E51D6584F4ACF0CD9
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: B3D3068A3E293E68C9A39C5462D1DFB2
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=uroLIz3lVbhVUQggUQnbabgg&gdpr=0&gdpr_consent=
Frame ID: 3F4FFD7434218F4A86E13386A45706CA
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=F1189970-D5EB-4D10-A457-2B376BA0A465&gdpr=0&gdpr_consent=
Frame ID: 1D36F5AC13B259E3021FEBDDC06243F5
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: ADBDB5366BB76F2115E95EDB3CD8C792
Requests: 1 HTTP requests in this frame

Frame: https://u-ams03.e-planning.net/um?dc=a208d9366469aa64&fi=719ef7d6c453fa93&uid=F1189970-D5EB-4D10-A457-2B376BA0A465
Frame ID: 4B0D44F08ECBDE255806004192F147E1
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D719ef7d6c453fa93%26uid%3D
Frame ID: 191D7241050AF1B1C3A47E29699C595B
Requests: 15 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Frame ID: 2DB8E5F82D93072475E9A4EF2ABD4A07
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D719ef7d6c453fa93%26uid%3D
Frame ID: AE405BBBF0AF2727BC259ECA5FCE9A56
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=AIOxlFouGHXuimNR
Frame ID: D2A638830213569E47FBB4A3DDFF511C
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Frame ID: 5E9296F0B343B845248C50B5CA09BF8B
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=0&gdpr_consent=
Frame ID: 1FFEF1E8C76F32C7393B45B93625E29F
Requests: 1 HTTP requests in this frame

Frame: https://sync.spotim.market/csync?t=a&ep=323548&extuid=2010292523365572458&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
Frame ID: A38E4C0A1187FE887322DA0CD7044B76
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=743293&extuid=3774514616463086421&gdpr=[replace_me]&gdpr_consent=[replace_me]
Frame ID: 4386308A226421FE4D8BA0827474C8C3
Requests: 1 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=651796
Frame ID: 353B71DFD7E91EC668E3A77DAD17B8A3
Requests: 2 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUIUMTP7&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 143D7FE3B120515EA08A889DF2084245
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=743295&extuid=${UID}&gdpr=[replace_me]&gdpr_consent=[replace_me]
Frame ID: 1692FD3B8CBFB88090821828EA584978
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent={gdpr_consent}&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Frame ID: F2620F40C70F083B3D6D69BB09A763BE
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Frame ID: 65D71DCA7197761F8BE117584496AC17
Requests: 9 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Frame ID: CF1AC99EFB65B0440885F3EF8B3E49D6
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 28976F91F69297FE13CAC5E358090F29
Requests: 1 HTTP requests in this frame

Frame: https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Frame ID: D1796883C0F2928AAB13C08533B40666
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Frame ID: D2405956EC65ACB61BF4BB8942A1CC95
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=733849&extuid=2010292523365572458
Frame ID: 7EC5C249E15A244C56EA4BC5BCD11157
Requests: 1 HTTP requests in this frame

Frame: https://s.console.adtarget.com.tr/sync.html?aid=755289
Frame ID: 6989DD67D32BB8CF55C0477926CF2151
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 1606DF45FBA08B2E5B5E3F4D0BC85C63
Requests: 2 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=181093&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dmdp%26i%3D%5BUID%5D&gdpr=&gdpr_consent=&ccpa=
Frame ID: D0D5507080E6A9C26BD32CA4B074F0A0
Requests: 1 HTTP requests in this frame

Frame: https://cs.iqzone.com/e9d4ff858b5e32317e843f5ed11b2659.gif?puid=e_3669e6a6-26f5-4699-9b14-91acccedbe01&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diqz
Frame ID: 00A415A6D2A612B1606987DE99E66749
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Frame ID: 80BAB12FAF3F7F12D6FF10F9C63BAC28
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
Frame ID: 0081CD31543147F34B50C64602BB7716
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=48866481-85de-4f00-8fe9-3444e552210b&gdpr=&gdpr_consent=
Frame ID: 5BD37C46E8517001442F0D657838A32F
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=ZIGF3gAQJUIl8wAp&gdpr=&gdpr_consent=
Frame ID: 514C93BBEBA6DA256DB6B3482A648514
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8zNjY5ZTZhNi0yNmY1LTQ2OTktOWIxNC05MWFjY2NlZGJlMDE=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: CBBE09C3362602FDF31C1BA9A5E6CBFF
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZIGF38Co5ukAAJL1eIgAAAAA
Frame ID: AD5AFCFB183393FCAE86600C883CB9BB
Requests: 1 HTTP requests in this frame

Frame: https://cs.admanmedia.com/sync/gumgum?puid=e_3669e6a6-26f5-4699-9b14-91acccedbe01&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=&gdpr_consent=&ccpa=
Frame ID: F5450915ECB5112D2ED77EBDE4DF7158
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
Frame ID: AD0CA494A1F0E51C995C73C0B0F970D5
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=N7fCtP1YxmCs0rveLB0j&pi=gumgum
Frame ID: B66CA58111F3E34BDC658245327DC755
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 078231A6CEBE53486F46D8FEAC5EEFC1
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Frame ID: 1D2D9EC34BE512912A8997C88C04AD5C
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=0&gdpr_consent=
Frame ID: 8E6B9A25DDB64356A7523216B83B5264
Requests: 1 HTTP requests in this frame

Frame: https://sync.spotim.market/csync?t=a&ep=323548&extuid=2010292523365572458&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
Frame ID: 97E4367EC906CB35A0FCD441767DEFB9
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Frame ID: 8EC79F8506F9043FA8E32C2C58CA8CF3
Requests: 2 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D84e816764fcbc1fd%26uid%3D
Frame ID: 2EDA90FC7645390AE69C1F34D02B8A2F
Requests: 10 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: D5919A5A153E6A0F281C00512A4EFD04
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: C727D7E7F71ED4738F0BB651466D98D9
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Frame ID: 0E5A12F0D5017E1FFFC7C016B527900D
Requests: 4 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=N7fCtP1YxmCs0rveLB0j&pi=admatic
Frame ID: D17BF87FBD850188AB4CA9211F882171
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=3774514616463086421
Frame ID: 0DD3FF5C90C05157B70F7BFC6718004D
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=743408&extuid=4f83d804-a17a-47e8-9910-870fa15f0259&gdpr=[replace_me]&gdpr_consent=[replace_me]
Frame ID: 2DDBBE6CA2F4C318BC61E923E053D15E
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=743845&extuid=3774514616463086421
Frame ID: 0E231CC9146E4DE6C8231B3646B1B792
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D84e816764fcbc1fd%26uid%3D
Frame ID: 86B8D1050497329C1BC1E929AECD72FA
Requests: 15 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Frame ID: C57ACD2F6D0AFB4E237E7DEDC09E5EC1
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D84e816764fcbc1fd%26uid%3D
Frame ID: 256E51D0082D9F173100F942631636A2
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=AIOxlFouGHXuimNR
Frame ID: 15272A74A47CDA313502B5A689464E21
Requests: 1 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=181093&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dmdp%26i%3D%5BUID%5D&gdpr=&gdpr_consent=&ccpa=
Frame ID: 6FD5919F0A288FBC7D7298FC34915117
Requests: 1 HTTP requests in this frame

Frame: https://cs.iqzone.com/e9d4ff858b5e32317e843f5ed11b2659.gif?puid=e_3669e6a6-26f5-4699-9b14-91acccedbe01&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diqz
Frame ID: B30B136CCA69FE69D3234F809CE02C73
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Frame ID: 461B7B64BE411018DB9896AB2B8EC37B
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
Frame ID: 09517272BFA00550E349EB8ED36F92E6
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=829f6481-85de-4c00-be7d-06d6e712ce7d&gdpr=&gdpr_consent=
Frame ID: 09C7EF64DE1963518601598C71685AAE
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=ZIGF3gAQJUIl8wAp&gdpr=&gdpr_consent=
Frame ID: FFF287D54D8A65B01B29E96DEA3C97A3
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8zNjY5ZTZhNi0yNmY1LTQ2OTktOWIxNC05MWFjY2NlZGJlMDE=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: 4D45A87EBF1BE795C65F63C5918CBD1F
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZIGF38Co5ucAAOzzFQAAAAAA
Frame ID: FE92F5CB6236E1DDEB2CC2EAC6747C2E
Requests: 1 HTTP requests in this frame

Frame: https://cs.admanmedia.com/sync/gumgum?puid=e_3669e6a6-26f5-4699-9b14-91acccedbe01&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=&gdpr_consent=&ccpa=
Frame ID: 08F9DCFA40EC193C8475B248DD49AC45
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
Frame ID: C2669DD556A73CFC8332004BD865090B
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=N7fCtP1YxmCs0rveLB0j&pi=gumgum
Frame ID: 9A0C0075B7F6664767F16FF88FAC1A3F
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: DAF8052959645148AA1C1129BFDA8B71
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/_gLG9aN8cjF7vXKbMeOxmtCOjM8PIsJVPzQXNT2dY7E.js
Frame ID: 89323A35021B6198B08F42C971E449FE
Requests: 1 HTTP requests in this frame

Frame: https://user-sync.adxpremium.services/setuid?bidder=vidoomy&uid=a6f37f0123013099a595be2217fc435a
Frame ID: EC701E4417E466601964A8EEC4D5E63D
Requests: 6 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: C7A6EF67927E6655CDC3D96DB006CD43
Requests: 1 HTTP requests in this frame

Frame: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjU3YTAwMjBlMjgzODhjZmI2ZmU3YjA5Y2JjNDFjZmZmZmY3M2YxMWQ1M2ZlYzExZTBhZDUyZjM3ZWIxMDE1OTEiLCJ3Ijo1MDAsImgiOjM3NSwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
Frame ID: 60C606C03B1C64458FC38597FFB73B82
Requests: 4 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=F1189970-D5EB-4D10-A457-2B376BA0A465&gdpr=0&gdpr_consent=
Frame ID: F207C9ABD45F51882A6C4BAD32A033E1
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: A266F33E79D0587E828266969EC38061
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-066a66fc-e29c-4985-983a-818a7e1795f8-003
Frame ID: D4E369D0C7C45BFF225C02355A2F9509
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 1AB4DF700577B185EEC9904CC2315B31
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:D998252CA44F4710BFAB481463D50A6D&gdpr=0&gdpr_consent=
Frame ID: EB573DFD61C43423566126DD25C2A8BA
Requests: 1 HTTP requests in this frame

Frame: https://u-ams03.e-planning.net/um?dc=a208d9366469aa64&fi=719ef7d6c453fa93&uid=F1189970-D5EB-4D10-A457-2B376BA0A465
Frame ID: FDF0AFEE9DA796CD04EA4D7B79171B93
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=F1189970-D5EB-4D10-A457-2B376BA0A465
Frame ID: DB21030D9AC6D1D07A5EF86A9744CF71
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=F1189970-D5EB-4D10-A457-2B376BA0A465
Frame ID: 13685C0403CB54AC12F1E819FD9BACCC
Requests: 1 HTTP requests in this frame

Frame: https://u-ams03.e-planning.net/um?dc=a208d9366469aa64&fi=719ef7d6c453fa93&uid=F1189970-D5EB-4D10-A457-2B376BA0A465
Frame ID: 7E769BFA71BD0A8A8096B01F0EA3D2AA
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=281178&extuid=F1189970-D5EB-4D10-A457-2B376BA0A465
Frame ID: A37BBE9184F68B17C96DF3C80C402923
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=558003&extuid=F1189970-D5EB-4D10-A457-2B376BA0A465
Frame ID: 82AB8335B6BF5469499B1A89143A4E60
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=F1189970-D5EB-4D10-A457-2B376BA0A465
Frame ID: A46DB33FD59FB1371F5930337A16B152
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=281178&extuid=F1189970-D5EB-4D10-A457-2B376BA0A465
Frame ID: D96AD60EF896F6C34E51401A4A2AD48E
Requests: 1 HTTP requests in this frame

Frame: https://u-ams03.e-planning.net/um?dc=a208d9366469aa64&fi=84e816764fcbc1fd&uid=F1189970-D5EB-4D10-A457-2B376BA0A465
Frame ID: 13B4661DDA3740B9B1D6EC2198C7CE53
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=F1189970-D5EB-4D10-A457-2B376BA0A465
Frame ID: 449C91FB65E11641768BA788BEE305CD
Requests: 1 HTTP requests in this frame

Frame: https://user-sync.adxpremium.services/setuid?bidder=pubmatic&uid=F1189970-D5EB-4D10-A457-2B376BA0A465
Frame ID: DA57C5A4145C715647C392445079AF02
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?max=10&cb=80177
Frame ID: 42CF30A4574F2C063689BAFAB005AC9C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5E7153D5784186FA518A1B10DE2E7270
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 615A95DB1CDB477BF16D5028EC857CBF
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

@rudy_israel Instagram profile with posts and stories - Picuki.com

Detected technologies

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/(?:([\d.]+)/)?firebase(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

owl\.carousel.*\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

752
Requests

80 %
HTTPS

27 %
IPv6

133
Domains

228
Subdomains

158
IPs

16
Countries

8066 kB
Transfer

13182 kB
Size

174
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://cdn1.picuki.com/hosted-by-instagram/q/0exhNuNYnjBcaS3SYdxKjf8AzPR0Wg9SZ60STLepjSVmIR1vLHOapZA0mpCj4yRwKwVlASudYz5j4o0iUFtVCT14Pk3dTLKJRDhV5qufXOqrvDJu8pBpl7o1LnUYbXSs8scrVWCpNWwSDv5PHL%7C%7Clo79UvOa0LGFq5TCQNPxBmmYUjs2nZ6phl4Ij7ayThUXxpoIjJWgHoCUiIEchrM7Oqz0YXfm+McF54555RYgPi9NYur+53Rq2ElIlc20jRmi2k47WkrlRszDJTGwUwzD0U+8+K0FDoHqK5hVhpa4PqaSDco5u26Nv%7C%7CPWRQ25aDzxUhhJKpYOXrSGbMTKR7xB8mnbrypaSdqgOvL%7C%7CeCuGcev7k+QrVfZLqF5Z7eW87MbrZVgKKdK3jVZAMwc1wEvtxxFexrQDqJLGhiw==.jpeg

Search URL Search Domain Scan URL

URL: https://www.reviwu.com/ig/rudy_israel?modal_rate=1

Search URL Search Domain Scan URL

URL: https://www.reviwu.com/ig/rudy_israel?modal_rate=2

Search URL Search Domain Scan URL

URL: https://www.reviwu.com/ig/rudy_israel?modal_rate=3

Search URL Search Domain Scan URL

URL: https://www.reviwu.com/ig/rudy_israel?modal_rate=4

Search URL Search Domain Scan URL

URL: https://www.reviwu.com/ig/rudy_israel?modal_rate=5

Search URL Search Domain Scan URL

URL: https://cdn1.picuki.com/hosted-by-instagram/q/0exhNuNYnjBcaS3SYdxKjf8K2fRyWg9SZ60STLepjSVmIR1vLHOapZAthMvg%7C%7CX5zJRI2HTXJezd%7C%7Ckv0vIilRDycMNTTXS7yAPkpR76rrU+rW1jBl854U5rxbayxLMCnAo5JvDD+YMjZWE+lEUK7z+eZCsYGmBlAM+GDPPbUR4BtbnsqOWppW4IEas%7C%7CvUunzP7b4WEi5LylEtJ0ckpNnUmCAyDq2gCMJjrJlEb6QlhP0J6eLAjR+fJ2suXEhwPjqQs4%7C%7CPrfQ71hn+ThNhqmKqX6cBGBgLr0+SoDo%7C%7CnNws26%7C%7C3GIBH0f1qh7PWezMLdmI74Stgk6u1g37ea2+ny0Zc1y3fxbLiP6xopZH+LP2OQdru3iDNILLRGf1zU3kwA%7C%7C3CDg6MdrOgFJUMwd8fTKwchQ%7C%7CnqV%7C%7CqI+XLjUAoXG0f1mTeWNRPTf6i0rz52lXbkRu%7C%7CiT4Op8C1Q+BU31pRq9KPziBxQ0uXCcpBCTLV%7C%7CmY7EOlmZIT%7C%7Cy87sONFbZEM9Gac2hESms6d+Ehy9gJUbS4lFCepJq10LHbK9yrKBrvV3Ee9wB2qIodwOEMLfSixOOQvm9GJC8GiUdg1GqMdDo8ZgpF995fFH0JAIskQJn1npSLxtNYn6lwSPt%7C%7CZgnf8eI2xmcYL7lTPGOyR3illBkJhycmd4C%7C%7CTySLvy6+XakNOocce1XYx8dtxOy++wOaKAaMgSs915Z+Exws4NJh2N8EPbNULOcKGrAA5M8gkAla+EwEdIq2NVGHGz8GJR45l38+23aBKLb7LT89QXVISyEnkhm7OmSjYnOE8UlZhhlbOa9fMujweZk4FfPqpDd02gMAXZgP8nJvg2cDsX+tg1cViMkyg8gAgp0gWx2o6wtsbmV18S61HqIoh4dzhtX9%7C%7CZ5k4+fWv7ss8TpXyCL9nsQ9WKT6xqLWg8ZGTJzyUMrqPnsSK1sQ==.mp4

Search URL Search Domain Scan URL

URL: https://cdn1.picuki.com/hosted-by-instagram/q/0exhNuNYnjBcaS3SYdxKjf8K2fRyWg9SZ60STLepjSVmIR1vLHOapZA0mpCh4CRzJwVjGjeVeiBj5ogoV19WAlUVPUPYSrKASDZd6qmQXe+lvDFm8ZZnkLk0LH0ZYXKv9McvU2KpNWwVDq1PCq3yo75egvmECzNf9DHwaNxB+j5oqOrycaxPmpJxu%7C%7CCF0nnj77wbNwcYxH4NLmw%7C%7Cjfn7vzlZbuLzPMVhpIZ7SLYvo9Qs5cnio3e8CG95TXl9DhnJk4fVnMcOiS3QJzE0wm3+TJMMN1wajGOisiBo4IgGpoOgZ79g4d0StYnZHCA4UW9UrwAzg5eymTfIZnTk00RTkC2BjLC1fPcotYHxIuGcWJXqwyyGUb%7C%7CdK7hNSSdeUKuQbFHfH%7C%7Cq+BJV9ktxjNOJL0F2Y5yeFOeL9+iBeQjBOjmmqIp9AFNqs5o6F01aWlC7T9VVjwZXoIuoFmwcOoJDb1lQpKCmVVp0XbWaQ5l4hLchTLJbqlY3yWsl7YjYDFIhBkFKKosB1JRqTlogaO%7C%7CZQfOZNt18+a62T48eF2%7C%7Co3Pu9BW1yxrZcHdt7tQgNNDhKnwUhggFWlUyN40NhD2PdLrm528tR2+Yswi2oasE3lS4Qxb5XIvX64pNBgnu8SKm9edZXnlTi2JDRgi05N5Kl+ExNRE9jXWrHQ6u7J9tyEavbAYqx6QPFC292wP5alFa8Tp+xRCOgi2qkqHAWc7kPQMm6Hcs3MKhB48DQSr5OT6F9HgnxEDBuK01t71ZpM2I+ifA+pdYP9qdQyYJieMGYchIqXDWg1ezEGislPpcvsvKNvqC7lhoJEWv9DZ0qHMQmF9JhHA909LF4vidoJc22csDsYigoZ1BKD0ae0o57of1p97ln0JOl%7C%7CRUIWGKa+i15pJHXyjJoLoTOJd4bpRdqPSA==.mp4

Search URL Search Domain Scan URL

URL: https://cdn1.picuki.com/hosted-by-instagram/q/0exhNuNYnjBcaS3SYdxKjf8K2fRyWg9SZ60STLepjSVmIR1vLHOapZAthMvg%7C%7CX5zJRI2HTXJezd%7C%7C7Y4vVikleiQIO03cOMaMTj8g7N7sIOmjpjUQ85dmnclbayxLMCnAo5JvDD+YMjZWE+lEUK7z+eZCsYGmBlAM+GDPPbUR4BtbnsqOWppW4IEas%7C%7CvUunzP7b4WEi5LylEtJ0ckpNnUmCAyDq2gCMJjrJlEb6QlhP0J6eLAjR+fJ2suXEhwPjqQs4%7C%7CPrfQ71hn+ThNhqmKqX6cBGBgLr0+SoDo%7C%7CnNws26%7C%7C3GIBH0f1qh7PWezMLdmI74Stgk6u1g37ea2+ny0Zc1y3fxbLiP6xopZH+LP2OQdru3iDNILLRGf1zU3kwA%7C%7C3CDg6MdrOgFJUPxdgeTKAXggzlo1LoIObLj0QlUWAc1GTbXNRPTf6i0rz52lXbkRu%7C%7CiT4Op8C1Q+BU31pRq9KPziBxQ0uXCcpBCTLV%7C%7CmY7EOlmZIT%7C%7Cy87sONFbZAkMb6c3rkS5srN%7C%7CERyy9pdvRP5ECOl4t00EarGC+LGev%7C%7CUxDv9wRXanhOEOEMLfSixOOQvm9GJC8GiUdg1GqMdDo8ZgpF995fFH0JAIskQJn1npTrsPNJ+DtQO6iNxVn9FXPWNmW4X7lRaiJzIIkm58+rJuLgREC%7C%7CTySLvy6+XakNOocce1XYx8dtxOy++wOaKAaMgSs915Z+Exws4NJh2N8EPbNUK1bOP%7C%7CGRNbjgQBv6+EwEdIq2NVGHGz8XQP6sxM8IDvBRKLb7LT89QXVISyEnkhm7OmSjYnOE8UlZhhlbOa9fMujweZk4FfPqpDd02gMAXZgP8nJvg2cDsX+tg1EU6w93swvjUS%7C%7CW2l46CWt8W9QzV9oEqPVLxzUzRKXcjCinUIfzHCjZVkpXyCL9nsQ9WKTqNvKmg8ZGTJzyUMrqPnsSK1sQ==.mp4

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.pixfuture.com/
Title: About

Search URL Search Domain Scan URL

URL: https://pubfuture.com/

Search URL Search Domain Scan URL

URL: https://www.pixfuture.com/advertisers/?id0348293521d
Title: Powered by pixfuture

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 45

https://www.picuki.com/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
https://www.picuki.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/5da7637f/invisible.js

Request Chain 119

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.picuki.com%2Fprofile%2Frudy_israel&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.picuki.com%2Fprofile%2Frudy_israel&rid=esp&cc=1

Request Chain 129

https://gum.criteo.com/sid/json?origin=publishertagids&domain=picuki.com&sn=ChromeSyncframe&so=0&topUrl=www.picuki.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=KpB4UHx4SjlTcTZUVnFCQTVNeGpJRW1TNGZOVXdFWEU1NmRUMCtEcTBwTmpnYWg0cWVSSUVsS3ZKYXlhbHZhWjIyUEFud3FWUEJQQXVSc1d3Vnh1dXhpMm9jS3o2amxlRGdLL0RlbXRsc0lvNEFDOFlXZHprV0IzQ2dwUDAxWEREZnRYL0RrbjI2Z21KN0Z2ZXFHMVJnYzRzVzdqc2RUa2NXNm1JMjg5Q1d1UzMxalNxOFNSSVUxWHZ0Z2M4b0JZKysyUTg4UVd4Yzd2eEFObGVVL0VLb1NONjkrd0NXd3B5V3ZoQ2VvVS9LQ1VrbzlTcUlNRGJTcDFVSXlLWEQxQ21wUEl1Nko4Zk9Rd3NlbW5iRWVwL3hZY2pIZz09fA&cppv=2

Request Chain 154

https://www.bing.com/api/v1/mediation/tracking?adUnit=11722698&auId=75b266bc-8ba7-4b64-904a-3735784b9a4f&cmExpId=LV3&oAdUnit=11722698&publisherId=250152235&rId=abdfaa95-d3c8-49a1-933d-285cdbbcabcf&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3D01e7f56633f24591b65284b4a0ba47f5%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=457518&trafficGroup=gevcyryvsg_pcz&trafficSubGroup=erfreir&aid=735614601665552446966-277&wp=0.372 HTTP 303
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=01e7f56633f24591b65284b4a0ba47f5&SNR=1&GV=2&med=10

Request Chain 212

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%24%7BBSW_UUID%7D?gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%24%7BBSW_UUID%7D?gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://prebidserver.pixfuture.com/setuid?bidder=grid&gdpr=&gdpr_consent=&f=i&uid=395da4e5-7a73-425d-b97d-bc53dd5eb6ea

Request Chain 229

https://onetag-sys.com/usync/?redir=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D HTTP 302
https://prebidserver.pixfuture.com/setuid?bidder=onetag&gdpr=&gdpr_consent=&f=b&uid=

Request Chain 231

https://www.bing.com/api/v1/mediation/tracking?adUnit=11722698&auId=75b266bc-8ba7-4b64-904a-3735784b9a4f&cmExpId=LV3&oAdUnit=11722698&publisherId=250152235&rId=abdfaa95-d3c8-49a1-933d-285cdbbcabcf&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3Ftype%3Dmv%26reqver%3D1.0%26rg%3D01e7f56633f24591b65284b4a0ba47f5%26tids%3D15000%26med%3D10&rtype=mvFeedbackURL&tagId=457518&trafficGroup=gevcyryvsg_pcz&trafficSubGroup=erfreir&aid=735614601665552446966-277&wp=0.11715032191844733 HTTP 303
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=01e7f56633f24591b65284b4a0ba47f5&tids=15000&med=10

Request Chain 245

https://onetag-sys.com/usync/?redir=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D HTTP 302
https://prebidserver.pixfuture.com/setuid?bidder=onetag&gdpr=&gdpr_consent=&f=b&uid=

Request Chain 249

https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID HTTP 302
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID

Request Chain 257

https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID HTTP 302
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID

Request Chain 259

https://sync.admanmedia.com/pbs.gif?redir=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D9937b3fd6e9a979a%26fi%3D719ef7d6c453fa93%26uid%3D%5BUID%5D HTTP 302
https://u-ams03.e-planning.net/um?dc=9937b3fd6e9a979a&fi=719ef7d6c453fa93&uid=512c8d1a-6218-40f6-b0fd-0f93a0625f6f

Request Chain 261

https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D719ef7d6c453fa93%26uid%3D%24UID HTTP 302
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=719ef7d6c453fa93&uid=2010292523365572458

Request Chain 262

https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3D719ef7d6c453fa93%26uid%3D%24UID&partner=eplanning HTTP 302
https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=719ef7d6c453fa93&uid=ua-b2417b94-1c48-3964-97db-0ba5156b743c

Request Chain 265

https://cookies.nextmillmedia.com/sync?type=image&gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%5BNMUID%5D%26dc%3Db337141cfdc8cf59%26fi%3D719ef7d6c453fa93 HTTP 302
https://u-ams03.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=719ef7d6c453fa93

Request Chain 266

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu

Request Chain 267

https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D719ef7d6c453fa93%26uid%3D HTTP 302
https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D719ef7d6c453fa93%26uid%3D&s=190243&C=1

Request Chain 275

https://sync.admanmedia.com/pbs.gif?redir=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D9937b3fd6e9a979a%26fi%3D719ef7d6c453fa93%26uid%3D%5BUID%5D HTTP 302
https://u-ams03.e-planning.net/um?dc=9937b3fd6e9a979a&fi=719ef7d6c453fa93&uid=23203a34-96d5-4928-aeba-f249f1859c57

Request Chain 277

https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D719ef7d6c453fa93%26uid%3D%24UID HTTP 302
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=719ef7d6c453fa93&uid=2010292523365572458

Request Chain 278

https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3D719ef7d6c453fa93%26uid%3D%24UID&partner=eplanning HTTP 302
https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=719ef7d6c453fa93&uid=ua-b2417b94-1c48-3964-97db-0ba5156b743c

Request Chain 281

https://cookies.nextmillmedia.com/sync?type=image&gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%5BNMUID%5D%26dc%3Db337141cfdc8cf59%26fi%3D719ef7d6c453fa93 HTTP 302
https://u-ams03.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=719ef7d6c453fa93

Request Chain 282

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu

Request Chain 283

https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D719ef7d6c453fa93%26uid%3D HTTP 302
https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D719ef7d6c453fa93%26uid%3D&s=190243&C=1

Request Chain 287

https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_dbm HTTP 302
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEOSSwkB0MaqtCb1D0iD3E4Y&google_cver=1

Request Chain 288

https://cm.g.doubleclick.net/pixel?google_nid=adform_dbm&google_cm&google_dbm HTTP 302
https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESELAcz9oiUtr4S4jvJ0n8Ibg&google_cver=1&adform_v=1

Request Chain 299

https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D6ba0c5d9-c240-4ffd-510b-0571de52e190%26reqId%3Dc47aa08c-9212-4698-65a7-5ec66f6dc2a1%26zdid%3D1361 HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D6ba0c5d9-c240-4ffd-510b-0571de52e190%26reqId%3Dc47aa08c-9212-4698-65a7-5ec66f6dc2a1%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=23792f1e-5155-4657-8295-3ca526e3c4a5&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6ba0c5d9-c240-4ffd-510b-0571de52e190&reqId=c47aa08c-9212-4698-65a7-5ec66f6dc2a1&zdid=1361

Request Chain 306

https://dpm.demdex.net/ibs:dpid=199624&dpuuid=6ba0c5d9-c240-4ffd-510b-0571de52e190&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D6ba0c5d9-c240-4ffd-510b-0571de52e190%26reqId%3Dc47aa08c-9212-4698-65a7-5ec66f6dc2a1%26zdid%3D1361 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=6ba0c5d9-c240-4ffd-510b-0571de52e190&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D6ba0c5d9-c240-4ffd-510b-0571de52e190%26reqId%3Dc47aa08c-9212-4698-65a7-5ec66f6dc2a1%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=35334879380354041431483445415835073194&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6ba0c5d9-c240-4ffd-510b-0571de52e190&reqId=c47aa08c-9212-4698-65a7-5ec66f6dc2a1&zdid=1361

Request Chain 308

https://bn01.er.bemail.it/zeotap.php?_bid=6ba0c5d9-c240-4ffd-510b-0571de52e190&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6ba0c5d9-c240-4ffd-510b-0571de52e190&reqId=c47aa08c-9212-4698-65a7-5ec66f6dc2a1&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=BE1-2023060809-39543-0.057896001686210014-34a3a090514ef5cf2ce0a030db54e22e&zdid=533&env=mWeb

Request Chain 309

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D6ba0c5d9-c240-4ffd-510b-0571de52e190%26reqId%3Dc47aa08c-9212-4698-65a7-5ec66f6dc2a1%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=7242216864319404177&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6ba0c5d9-c240-4ffd-510b-0571de52e190&reqId=c47aa08c-9212-4698-65a7-5ec66f6dc2a1&zdid=1361

Request Chain 310

https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=6ba0c5d9-c240-4ffd-510b-0571de52e190 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=6ba0c5d9-c240-4ffd-510b-0571de52e190

Request Chain 311

https://idsync.frontend.weborama.fr/ids?key=zeotap&value=6ba0c5d9-c240-4ffd-510b-0571de52e190&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D6ba0c5d9-c240-4ffd-510b-0571de52e190%26reqId%3Dc47aa08c-9212-4698-65a7-5ec66f6dc2a1%26zdid%3D1361 HTTP 307
https://idsync.frontend.weborama.fr/ids?key=zeotap&value=6ba0c5d9-c240-4ffd-510b-0571de52e190&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D6ba0c5d9-c240-4ffd-510b-0571de52e190%26reqId%3Dc47aa08c-9212-4698-65a7-5ec66f6dc2a1%26zdid%3D1361&bounce=1&random=2405145683 HTTP 302
https://mwzeom.zeotap.com/mw?webouuid=XJB9knKKbp31WLxb/3fHmu&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6ba0c5d9-c240-4ffd-510b-0571de52e190&reqId=c47aa08c-9212-4698-65a7-5ec66f6dc2a1&zdid=1361

Request Chain 313

https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=6ba0c5d9-c240-4ffd-510b-0571de52e190?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6ba0c5d9-c240-4ffd-510b-0571de52e190&reqId=c47aa08c-9212-4698-65a7-5ec66f6dc2a1&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6ba0c5d9-c240-4ffd-510b-0571de52e190&reqId=c47aa08c-9212-4698-65a7-5ec66f6dc2a1&zdid=1361

Request Chain 314

https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
https://ups.analytics.yahoo.com/ups/58697/cms?partner_id=ZTAP HTTP 302
https://mwzeom.zeotap.com/mw?cid=y-_ggifLRE2ooLNzuePGuvqhWA5QYGaa1u_Q--~A&zpartnerid=570&env=mWeb

Request Chain 315

https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6ba0c5d9-c240-4ffd-510b-0571de52e190&reqId=c47aa08c-9212-4698-65a7-5ec66f6dc2a1&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=CZnoZ%2BZikE6t8U4SkgrjyOgNvnDfRZEg%2BS41iYitP1U%3D

Request Chain 319

https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D6ba0c5d9-c240-4ffd-510b-0571de52e190%26reqId%3Dc47aa08c-9212-4698-65a7-5ec66f6dc2a1%26zdid%3D1361 HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D6ba0c5d9-c240-4ffd-510b-0571de52e190%26reqId%3Dc47aa08c-9212-4698-65a7-5ec66f6dc2a1%26zdid%3D1361&_test=ZIGF3gAQJeglywAp

Request Chain 320

https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D6ba0c5d9-c240-4ffd-510b-0571de52e190%26reqId%3Dc47aa08c-9212-4698-65a7-5ec66f6dc2a1%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=48866481-85de-4f00-8fe9-3444e552210b&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6ba0c5d9-c240-4ffd-510b-0571de52e190&reqId=c47aa08c-9212-4698-65a7-5ec66f6dc2a1&zdid=1361

Request Chain 321

https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6ba0c5d9-c240-4ffd-510b-0571de52e190&reqId=c47aa08c-9212-4698-65a7-5ec66f6dc2a1&zdid=1361 HTTP 302
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6ba0c5d9-c240-4ffd-510b-0571de52e190&reqId=c47aa08c-9212-4698-65a7-5ec66f6dc2a1&zdid=1361

Request Chain 322

https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=6ba0c5d9-c240-4ffd-510b-0571de52e190&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6ba0c5d9-c240-4ffd-510b-0571de52e190&reqId=c47aa08c-9212-4698-65a7-5ec66f6dc2a1&zdid=1361 HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=6ba0c5d9-c240-4ffd-510b-0571de52e190&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6ba0c5d9-c240-4ffd-510b-0571de52e190&reqId=c47aa08c-9212-4698-65a7-5ec66f6dc2a1&zdid=1361&dcc=t

Request Chain 324

https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D6ba0c5d9-c240-4ffd-510b-0571de52e190%26reqId%3Dc47aa08c-9212-4698-65a7-5ec66f6dc2a1%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6ba0c5d9-c240-4ffd-510b-0571de52e190&reqId=c47aa08c-9212-4698-65a7-5ec66f6dc2a1&zdid=1361&puid=b4ae8750-05cf-11ee-8f69-d1554a111ef4

Request Chain 325

https://pixel.rubiconproject.com/token?pid=41544&puid=6ba0c5d9-c240-4ffd-510b-0571de52e190&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6ba0c5d9-c240-4ffd-510b-0571de52e190&reqId=c47aa08c-9212-4698-65a7-5ec66f6dc2a1&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=LIMTWKIL-5-GIAW&env=mWeb&zpartnerid=1770&gdpr=1

Request Chain 326

https://x.bidswitch.net/syncd?dsp_id=461&user_group=1&expires=5&user_id=6ba0c5d9-c240-4ffd-510b-0571de52e190&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BBSW_UID%7D%26env%3DmWeb%26zpartnerid%3D1771%26gdpr%3D1%26gdpr_consent%3D%7Bconsent_string%7D%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D6ba0c5d9-c240-4ffd-510b-0571de52e190%26reqId%3Dc47aa08c-9212-4698-65a7-5ec66f6dc2a1%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=395da4e5-7a73-425d-b97d-bc53dd5eb6ea&env=mWeb&zpartnerid=1771&gdpr=1&gdpr_consent={consent_string}&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6ba0c5d9-c240-4ffd-510b-0571de52e190&reqId=c47aa08c-9212-4698-65a7-5ec66f6dc2a1&zdid=1361

Request Chain 331

https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D79a64fcc-6cfc-4445-7207-8c3d4a87e46c%26reqId%3Dd1750281-8e96-4b45-64fd-e93f08f1e1c8%26zdid%3D1361 HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D79a64fcc-6cfc-4445-7207-8c3d4a87e46c%26reqId%3Dd1750281-8e96-4b45-64fd-e93f08f1e1c8%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=23792f1e-5155-4657-8295-3ca526e3c4a5&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=79a64fcc-6cfc-4445-7207-8c3d4a87e46c&reqId=d1750281-8e96-4b45-64fd-e93f08f1e1c8&zdid=1361

Request Chain 338

https://dpm.demdex.net/ibs:dpid=199624&dpuuid=79a64fcc-6cfc-4445-7207-8c3d4a87e46c&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D79a64fcc-6cfc-4445-7207-8c3d4a87e46c%26reqId%3Dd1750281-8e96-4b45-64fd-e93f08f1e1c8%26zdid%3D1361 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=79a64fcc-6cfc-4445-7207-8c3d4a87e46c&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D79a64fcc-6cfc-4445-7207-8c3d4a87e46c%26reqId%3Dd1750281-8e96-4b45-64fd-e93f08f1e1c8%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=35334879380354041431483445415835073194&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=79a64fcc-6cfc-4445-7207-8c3d4a87e46c&reqId=d1750281-8e96-4b45-64fd-e93f08f1e1c8&zdid=1361

Request Chain 340

https://bn01.er.bemail.it/zeotap.php?_bid=79a64fcc-6cfc-4445-7207-8c3d4a87e46c&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=79a64fcc-6cfc-4445-7207-8c3d4a87e46c&reqId=d1750281-8e96-4b45-64fd-e93f08f1e1c8&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=BE1-2023060809-14468-0.064534001686210014-d74a102689b7fbcd5705c0f79940faac&zdid=533&env=mWeb

Request Chain 341

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D79a64fcc-6cfc-4445-7207-8c3d4a87e46c%26reqId%3Dd1750281-8e96-4b45-64fd-e93f08f1e1c8%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=7242216864319142038&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=79a64fcc-6cfc-4445-7207-8c3d4a87e46c&reqId=d1750281-8e96-4b45-64fd-e93f08f1e1c8&zdid=1361

Request Chain 342

https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=79a64fcc-6cfc-4445-7207-8c3d4a87e46c HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=79a64fcc-6cfc-4445-7207-8c3d4a87e46c

Request Chain 343

https://idsync.frontend.weborama.fr/ids?key=zeotap&value=79a64fcc-6cfc-4445-7207-8c3d4a87e46c&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D79a64fcc-6cfc-4445-7207-8c3d4a87e46c%26reqId%3Dd1750281-8e96-4b45-64fd-e93f08f1e1c8%26zdid%3D1361 HTTP 307
https://idsync.frontend.weborama.fr/ids?key=zeotap&value=79a64fcc-6cfc-4445-7207-8c3d4a87e46c&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D79a64fcc-6cfc-4445-7207-8c3d4a87e46c%26reqId%3Dd1750281-8e96-4b45-64fd-e93f08f1e1c8%26zdid%3D1361&bounce=1&random=1112119810 HTTP 302
https://mwzeom.zeotap.com/mw?webouuid=XJB9knKKbp31WLxb/3fHmu&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=79a64fcc-6cfc-4445-7207-8c3d4a87e46c&reqId=d1750281-8e96-4b45-64fd-e93f08f1e1c8&zdid=1361

Request Chain 345

https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=79a64fcc-6cfc-4445-7207-8c3d4a87e46c?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=79a64fcc-6cfc-4445-7207-8c3d4a87e46c&reqId=d1750281-8e96-4b45-64fd-e93f08f1e1c8&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=79a64fcc-6cfc-4445-7207-8c3d4a87e46c&reqId=d1750281-8e96-4b45-64fd-e93f08f1e1c8&zdid=1361

Request Chain 346

https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
https://ups.analytics.yahoo.com/ups/58697/cms?partner_id=ZTAP HTTP 302
https://mwzeom.zeotap.com/mw?cid=y-_ggifLRE2ooLNzuePGuvqhWA5QYGaa1u_Q--~A&zpartnerid=570&env=mWeb

Request Chain 347

https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=79a64fcc-6cfc-4445-7207-8c3d4a87e46c&reqId=d1750281-8e96-4b45-64fd-e93f08f1e1c8&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=CZnoZ%2BZikE6t8U4SkgrjyOgNvnDfRZEg%2BS41iYitP1U%3D

Request Chain 351

https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D79a64fcc-6cfc-4445-7207-8c3d4a87e46c%26reqId%3Dd1750281-8e96-4b45-64fd-e93f08f1e1c8%26zdid%3D1361 HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D79a64fcc-6cfc-4445-7207-8c3d4a87e46c%26reqId%3Dd1750281-8e96-4b45-64fd-e93f08f1e1c8%26zdid%3D1361&_test=ZIGF3gAQHgeLVQBL

Request Chain 352

https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D79a64fcc-6cfc-4445-7207-8c3d4a87e46c%26reqId%3Dd1750281-8e96-4b45-64fd-e93f08f1e1c8%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=7e3b6481-85de-4000-a8c2-91825592050f&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=79a64fcc-6cfc-4445-7207-8c3d4a87e46c&reqId=d1750281-8e96-4b45-64fd-e93f08f1e1c8&zdid=1361

Request Chain 353

https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=79a64fcc-6cfc-4445-7207-8c3d4a87e46c&reqId=d1750281-8e96-4b45-64fd-e93f08f1e1c8&zdid=1361 HTTP 302
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=79a64fcc-6cfc-4445-7207-8c3d4a87e46c&reqId=d1750281-8e96-4b45-64fd-e93f08f1e1c8&zdid=1361

Request Chain 354

https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=79a64fcc-6cfc-4445-7207-8c3d4a87e46c&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=79a64fcc-6cfc-4445-7207-8c3d4a87e46c&reqId=d1750281-8e96-4b45-64fd-e93f08f1e1c8&zdid=1361 HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=79a64fcc-6cfc-4445-7207-8c3d4a87e46c&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=79a64fcc-6cfc-4445-7207-8c3d4a87e46c&reqId=d1750281-8e96-4b45-64fd-e93f08f1e1c8&zdid=1361&dcc=t

Request Chain 356

https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D79a64fcc-6cfc-4445-7207-8c3d4a87e46c%26reqId%3Dd1750281-8e96-4b45-64fd-e93f08f1e1c8%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=79a64fcc-6cfc-4445-7207-8c3d4a87e46c&reqId=d1750281-8e96-4b45-64fd-e93f08f1e1c8&zdid=1361&puid=b4b739e0-05cf-11ee-bd02-e17d6f4cfdd2

Request Chain 357

https://pixel.rubiconproject.com/token?pid=41544&puid=79a64fcc-6cfc-4445-7207-8c3d4a87e46c&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=79a64fcc-6cfc-4445-7207-8c3d4a87e46c&reqId=d1750281-8e96-4b45-64fd-e93f08f1e1c8&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=LIMTWKIL-5-GIAW&env=mWeb&zpartnerid=1770&gdpr=1

Request Chain 358

https://x.bidswitch.net/syncd?dsp_id=461&user_group=1&expires=5&user_id=79a64fcc-6cfc-4445-7207-8c3d4a87e46c&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BBSW_UID%7D%26env%3DmWeb%26zpartnerid%3D1771%26gdpr%3D1%26gdpr_consent%3D%7Bconsent_string%7D%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D79a64fcc-6cfc-4445-7207-8c3d4a87e46c%26reqId%3Dd1750281-8e96-4b45-64fd-e93f08f1e1c8%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=395da4e5-7a73-425d-b97d-bc53dd5eb6ea&env=mWeb&zpartnerid=1771&gdpr=1&gdpr_consent={consent_string}&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=79a64fcc-6cfc-4445-7207-8c3d4a87e46c&reqId=d1750281-8e96-4b45-64fd-e93f08f1e1c8&zdid=1361

Request Chain 368

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZIGF3crsBtBhjTc7KJhXoQAABKQAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEG6YoXu1aA3osC12s57wpwg&google_cver=1

Request Chain 369

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZIGF3crsBtBhjTc7KJhXoQAABKQAAAIB&gpp=&gpp_sid= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZIGF3crsBtBhjTc7KJhXoQAABKQAAAIB&gpp=&gpp_sid=&dcc=t

Request Chain 370

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZIGF3crsBtBhjTc7KJhXoQAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENyt3hOOk6kuIc5y0DQ_IcI&google_cver=1

Request Chain 371

https://x.bidswitch.net/sync?ssp=index HTTP 302
https://ads.avads.net/sync/bsw?bidswitch_ssp_id=index&bidswitch_param=395da4e5-7a73-425d-b97d-bc53dd5eb6ea&gdpr=&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=352&user_id=34a20656-135b-472d-a6d1-d1724b320c30&expires=15&ssp=index&bsw_param=395da4e5-7a73-425d-b97d-bc53dd5eb6ea HTTP 302
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=395da4e5-7a73-425d-b97d-bc53dd5eb6ea&gdpr=&gdpr_consent=&us_privacy=

Request Chain 373

https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=ZIGF3crsBtBhjTc7KJhXoQAA%261188&gpp=&gpp_sid= HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=8434d907-ece8-4b8b-b5d0-e37cf5319b13-tuctb7b0b5e

Request Chain 374

https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=D998252CA44F4710BFAB481463D50A6D

Request Chain 377

https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2010292523365572458

Request Chain 379

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=ZIGF3gAQGejc6AAn

Request Chain 380

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZIGF3crsBtBhjTc7KJhXoQAABKQAAAIB&gpp=&gpp_sid= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZIGF3crsBtBhjTc7KJhXoQAABKQAAAIB&gpp=&gpp_sid=&dcc=t

Request Chain 381

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1686296414

Request Chain 382

https://x.bidswitch.net/sync?ssp=index HTTP 302
https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=index HTTP 302
https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=index HTTP 302
https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=882165fd-8124-4f91-82f3-530e3c4e40ee&ssp=index HTTP 302
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=395da4e5-7a73-425d-b97d-bc53dd5eb6ea&gdpr=&gdpr_consent=&us_privacy=

Request Chain 383

https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=2010292523365572458

Request Chain 390

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D733849%26extuid%3D%24UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=733849&extuid=2010292523365572458

Request Chain 399

https://x.bidswitch.net/sync?ssp=themediagrid HTTP 302
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=themediagrid&bsw_custom_parameter=395da4e5-7a73-425d-b97d-bc53dd5eb6ea&gdpr=&gdpr_consent= HTTP 302
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=themediagrid&bsw_custom_parameter=395da4e5-7a73-425d-b97d-bc53dd5eb6ea&gdpr=&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=4&user_id=309d29a5-dbf4-4b1f-ae51-a2916d257dd7&ssp=themediagrid&expires=30&user_group=5&bsw_param=395da4e5-7a73-425d-b97d-bc53dd5eb6ea

Request Chain 400

https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=MDgyMjFhMzUtNTI2NS00Y2YxLTk2NjgtYzdiNTRlZTAwZDk3 HTTP 302
https://sync.go.sonobi.com/usg.gif?google_gid=CAESECwPsw2q22NQWjb4I49YEBg&google_cver=1

Request Chain 406

https://sync.admanmedia.com/pbs.gif?redir=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D9937b3fd6e9a979a%26fi%3D719ef7d6c453fa93%26uid%3D%5BUID%5D HTTP 302
https://u-ams03.e-planning.net/um?dc=9937b3fd6e9a979a&fi=719ef7d6c453fa93&uid=9a2e25f0-20cf-4c77-9dab-195c52e0b736

Request Chain 408

https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D719ef7d6c453fa93%26uid%3D%24UID HTTP 302
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=719ef7d6c453fa93&uid=2010292523365572458

Request Chain 409

https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3D719ef7d6c453fa93%26uid%3D%24UID&partner=eplanning HTTP 302
https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=719ef7d6c453fa93&uid=ua-b2417b94-1c48-3964-97db-0ba5156b743c

Request Chain 412

https://cookies.nextmillmedia.com/sync?type=image&gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%5BNMUID%5D%26dc%3Db337141cfdc8cf59%26fi%3D719ef7d6c453fa93 HTTP 302
https://u-ams03.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=719ef7d6c453fa93

Request Chain 414

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu

Request Chain 421

https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
https://usersync.gumgum.com/usersync?b=apn&i=2010292523365572458

Request Chain 422

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_a01540c4-6b8d-441e-aa49-6451ca6fa1fc&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://ads.betweendigital.com/match?bidder_id=43092&gdpr=&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dgumgum2%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D%26gdpr_consent%3D HTTP 302
https://ads.betweendigital.com/match?bidder_id=43092&gdpr=&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dgumgum2%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D%26gdpr_consent%3D&crf=1 HTTP 302
https://x.bidswitch.net/sync?dsp_id=429&user_id=9f633271-48a5-529f-8ec7-abbcea462e62&ssp=gumgum2&expires=30&user_group=1&gdpr=&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=bsw&i=395da4e5-7a73-425d-b97d-bc53dd5eb6ea&gdpr=&gdpr_consent=&us_privacy=

Request Chain 423

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=sta&i=0-f3637285-b477-5d23-47ec-f8e0e7db5f30$ip$80.255.7.108

Request Chain 424

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_a01540c4-6b8d-441e-aa49-6451ca6fa1fc&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
https://usersync.gumgum.com/usersync?b=zem&i=

Request Chain 425

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
https://usersync.gumgum.com/usersync?b=pln&i=ZodCt5L8SEDL&ev=1&pid=558355

Request Chain 426

https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
https://usersync.gumgum.com/usersync?b=obn&i=ENC%28imqH2P2mBjFbAJpyjJV5ttr86mXv6TmlOttTJjFSfsXj94NreWYgLBZze3MLnI1E%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28imqH2P2mBjFbAJpyjJV5ttr86mXv6TmlOttTJjFSfsXj94NreWYgLBZze3MLnI1E%29 HTTP 302
https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_3669e6a6-26f5-4699-9b14-91acccedbe01&obuid=ENC(imqH2P2mBjFbAJpyjJV5ttr86mXv6TmlOttTJjFSfsXj94NreWYgLBZze3MLnI1E) HTTP 302
https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51

Request Chain 428

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=oth&i=y-MzJs0xxE2pdjfmvBGlnlkqbRiIubzEB7UdSO~A

Request Chain 429

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
https://usersync.gumgum.com/usersync?b=vnt&i=ef42829d-4d1c-42b6-a969-46000a4e85ec

Request Chain 430

https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D HTTP 307
https://usersync.gumgum.com/usersync?b=snc&i=GDPR

Request Chain 432

https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
https://usersync.gumgum.com/usersync?b=idi&i=4f83d804-a17a-47e8-9910-870fa15f0259

Request Chain 435

https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
https://usersync.gumgum.com/usersync?b=apn&i=2010292523365572458

Request Chain 436

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_3669e6a6-26f5-4699-9b14-91acccedbe01&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=gumgum2 HTTP 302
https://x.bidswitch.net/sync?dsp_id=70&user_id=3774514616463086421&ssp=gumgum2 HTTP 302
https://usersync.gumgum.com/usersync?b=bsw&i=395da4e5-7a73-425d-b97d-bc53dd5eb6ea&gdpr=&gdpr_consent=&us_privacy=

Request Chain 437

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=sta&i=0-f3637285-b477-5d23-47ec-f8e0e7db5f30$ip$80.255.7.108

Request Chain 438

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_3669e6a6-26f5-4699-9b14-91acccedbe01&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
https://usersync.gumgum.com/usersync?b=zem&i=

Request Chain 439

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
https://usersync.gumgum.com/usersync?b=pln&i=fTnqCj4A4OGn&ev=1&pid=558355

Request Chain 440

https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
https://usersync.gumgum.com/usersync?b=obn&i=ENC%28nUK4wd7qsiEhPSmg2lcpvaEZ_Z2B8i3P4J5WR5XDfTodQXnunewmCd4oFv_ZsBrQ%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28nUK4wd7qsiEhPSmg2lcpvaEZ_Z2B8i3P4J5WR5XDfTodQXnunewmCd4oFv_ZsBrQ%29 HTTP 302
https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_3669e6a6-26f5-4699-9b14-91acccedbe01&obuid=ENC(nUK4wd7qsiEhPSmg2lcpvaEZ_Z2B8i3P4J5WR5XDfTodQXnunewmCd4oFv_ZsBrQ) HTTP 302
https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51

Request Chain 442

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=oth&i=y-MzJs0xxE2pdjfmvBGlnlkqbRiIubzEB7UdSO~A

Request Chain 443

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
https://usersync.gumgum.com/usersync?b=vnt&i=f4f230c0-4d04-4754-9ccb-a366018deb45

Request Chain 444

https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D HTTP 307
https://usersync.gumgum.com/usersync?b=snc&i=GDPR

Request Chain 446

https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
https://usersync.gumgum.com/usersync?b=idi&i=4f83d804-a17a-47e8-9910-870fa15f0259

Request Chain 451

https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2010292523365572458

Request Chain 453

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZIGF3crsBtBhjTc7KJhXoQAABKQAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
https://pr-bh.ybp.yahoo.com/sync/casale/ZIGF3crsBtBhjTc7KJhXoQAABKQAAAIB

Request Chain 456

https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=29 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=3774514616463086421&expiration=1687419614

Request Chain 457

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=829f6481-85de-4c00-be7d-06d6e712ce7d

Request Chain 474

https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D79a64fcc-6cfc-4445-7207-8c3d4a87e46c%26reqId%3D39c147d2-4c37-47cb-7311-d54e4abb00b8%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=79a64fcc-6cfc-4445-7207-8c3d4a87e46c&reqId=39c147d2-4c37-47cb-7311-d54e4abb00b8&zdid=1361&puid=b4ae8750-05cf-11ee-821a-9b29867dbf7b

Request Chain 481

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
https://usersync.gumgum.com/usersync?b=mmh&i=9cec6481-85de-4100-a882-2763fa3fa443&gdpr=&gdpr_consent=

Request Chain 482

https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent= HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=&_test=ZIGF3gAQJUIl8wAp HTTP 302
https://usersync.gumgum.com/usersync?b=atm&i=ZIGF3gAQJUIl8wAp&gdpr=&gdpr_consent=&_test=ZIGF3gAQJUIl8wAp

Request Chain 488

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
https://usersync.gumgum.com/usersync?b=mmh&i=1a106481-85dd-4f00-93b4-dd67057587d7&gdpr=&gdpr_consent=

Request Chain 489

https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=atm&i=ZIGF3gAQGejc6AAn&gdpr=&gdpr_consent=

Request Chain 491

https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
https://usersync.gumgum.com/usersync?b=sus&i=ZIGF3sCo5tEAANyoq6gAAAAA

Request Chain 497

https://creativecdn.com/cm-notify?pi=admatic HTTP 302
https://creativecdn.com/cm-notify?pi=admatic&tc=1 HTTP 302
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=N7fCtP1YxmCs0rveLB0j&pi=admatic&tc=1

Request Chain 499

https://ad.360yield.com/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D743408%26extuid%3D%7BPUB_USER_ID%7D%26gdpr%3D%5Breplace_me%5D%26gdpr_consent%3D%5Breplace_me%5D HTTP 302
https://ad.360yield.com/ul_cb/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D743408%26extuid%3D%7BPUB_USER_ID%7D%26gdpr%3D%5Breplace_me%5D%26gdpr_consent%3D%5Breplace_me%5D HTTP 302
https://sync.console.adtarget.com.tr/csync?t=a&ep=743408&extuid=4f83d804-a17a-47e8-9910-870fa15f0259&gdpr=[replace_me]&gdpr_consent=[replace_me]

Request Chain 501

https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=783f5571dd1dbd41

Request Chain 502

https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
https://usersync.gumgum.com/usersync?b=sus&i=ZIGF3sCo5ucAAOzzFLsAAAAA

Request Chain 505

https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
https://usersync.gumgum.com/usersync?b=rth&i=N7fCtP1YxmCs0rveLB0j&pi=gumgum&tc=1

Request Chain 506

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
https://eus.rubiconproject.com/usync.html?p=gumgum

Request Chain 509

https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
https://usersync.gumgum.com/usersync?b=rth&i=N7fCtP1YxmCs0rveLB0j&pi=gumgum&tc=1

Request Chain 510

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
https://eus.rubiconproject.com/usync.html?p=gumgum

Request Chain 511

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:48866481-85de-4f00-8fe9-3444e552210b&gdpr=0&gdpr_consent=

Request Chain 512

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1231002253622186881

Request Chain 513

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

Request Chain 514

https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5124322326816305658

Request Chain 515

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=F1189970-D5EB-4D10-A457-2B376BA0A465&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=F1189970-D5EB-4D10-A457-2B376BA0A465&redir=true&gdpr=0&gdpr_consent=&dcc=t

Request Chain 516

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=1vhTu9j5D-_N-gi90PlGvtepD-7N_Fq72a2_o3f7

Request Chain 517

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2010292523365572458&gdpr=0&gdpr_consent=

Request Chain 518

https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7242216864319142038&gdpr=0&gdpr_consent=

Request Chain 519

https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCVUpFN0pBd3dBQUNLVWs4aUJTZw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AABUJE7JAwwAACKUk8iBSg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=3688540480025365657&gdpr=0&gdpr_consent= HTTP 303
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AABUJE7JAwwAACKUk8iBSg&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D3688540480025365657%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 302
https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=3688540480025365657&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AABUJE7JAwwAACKUk8iBSg&pid=558502&do=add&gdpr=0 HTTP 303
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABUJE7JAwwAACKUk8iBSg&gdpr=0&gdpr_consent=

Request Chain 521

https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=82NyhbR3XSNH7Pjg59tfMFD_B2w&gdpr=0&gdpr_consent=

Request Chain 524

https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=16yp2tak7zyl

Request Chain 526

https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D0%26gdpr_consent%3D%25_gdpr_consent HTTP 302
https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DuroLIz3lVbhVUQggUQnbabgg%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3DuroLIz3lVbhVUQggUQnbabgg%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=uroLIz3lVbhVUQggUQnbabgg&gdpr=0&gdpr_consent=

Request Chain 527

https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent= HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=F1189970-D5EB-4D10-A457-2B376BA0A465&gdpr=0&gdpr_consent=

Request Chain 528

https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}

Request Chain 530

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=8RiZcNXrTRCkVys3a6CkZQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

Request Chain 532

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=F1189970-D5EB-4D10-A457-2B376BA0A465

Request Chain 533

https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=F1189970-D5EB-4D10-A457-2B376BA0A465 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=NjVhTW9tMGdRMnNUaVMwWU9yTHo0VmVZQQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
https://a.audrte.com/a?adform_uid=3774514616463086421&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
https://a.audrte.com/p

Request Chain 534

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RjExODk5NzAtRDVFQi00RDEwLUE0NTctMkIzNzZCQTBBNDY1&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 535

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOZpGakKsn2VDYyNzP-cro4&google_cver=1

Request Chain 537

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3774514616463086421

Request Chain 539

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=F1189970-D5EB-4D10-A457-2B376BA0A465&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-sr6aq1pE2uXKlhvbRZWlXe5QOG1Jh7M-~A&gdpr=0

Request Chain 541

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=395da4e5-7a73-425d-b97d-bc53dd5eb6ea HTTP 302
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=395da4e5-7a73-425d-b97d-bc53dd5eb6ea HTTP 302
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=2d70351a-f4af-4822-b3c9-9f8c985a601d&user_group=1&ssp=pubmatic&bsw_param=395da4e5-7a73-425d-b97d-bc53dd5eb6ea HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=395da4e5-7a73-425d-b97d-bc53dd5eb6ea&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 544

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7058944085178254639&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 545

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:0f88bb8b-5921-4474-8040-9794c72f09a8&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

Request Chain 546

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LIMTWKIL-5-GIAW

Request Chain 547

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TElNVFdLSUwtNS1HSUFX HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKCB7akRXzg_6YYmfrCKpHg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TElNVFdLSUwtNS1HSUFX&google_push=

Request Chain 549

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Um-yxoBNSEaGXrr9EpV1Xw&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=Um-yxoBNSEaGXrr9EpV1Xw

Request Chain 550

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/6RAsKWTE217n7bbqpuDpTw?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-BFiptOtE2oJqaSGPBjGTFcKBoQ0gpFnipm5wcw--~A

Request Chain 551

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=HW0q56YLQOmgdGpSpx3Y1g&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=HW0q56YLQOmgdGpSpx3Y1g

Request Chain 552

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAFCpBvGYjObe4lgYqY9jso&google_cver=1

Request Chain 553

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=M2E4ZGU4MDAyY2NiMzNlNDVmZDdjODQ3NGRiZGU2ZGE4YzI4ZmNiNQ

Request Chain 560

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D323548%26extuid%3D%24UID%26%5BGDPR_APPLIES%5D%26gdpr_consent%3D%5BGDPR_CONSENT_STRING%5D HTTP 302
https://sync.spotim.market/csync?t=a&ep=323548&extuid=2010292523365572458&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]

Request Chain 567

https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D743293%26extuid%3D%24UID%26gdpr%3D%5Breplace_me%5D%26gdpr_consent%3D%5Breplace_me%5D HTTP 303
https://sync.adtelligent.com/csync?t=a&ep=743293&extuid=3774514616463086421&gdpr=[replace_me]&gdpr_consent=[replace_me]

Request Chain 577

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D733849%26extuid%3D%24UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=733849&extuid=2010292523365572458

Request Chain 580

https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=MDgyMjFhMzUtNTI2NS00Y2YxLTk2NjgtYzdiNTRlZTAwZDk3 HTTP 302
https://sync.go.sonobi.com/usg.gif?google_gid=CAESECwPsw2q22NQWjb4I49YEBg&google_cver=1

Request Chain 582

https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
https://usersync.gumgum.com/usersync?b=apn&i=2010292523365572458

Request Chain 583

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_3669e6a6-26f5-4699-9b14-91acccedbe01&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgumgum2 HTTP 307
https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgumgum2 HTTP 302
https://x.bidswitch.net/sync?dsp_id=59&user_id=eb8be46f-aed6-4dc4-aa9d-aa40b5263471&ssp=gumgum2 HTTP 302
https://usersync.gumgum.com/usersync?b=bsw&i=395da4e5-7a73-425d-b97d-bc53dd5eb6ea&gdpr=&gdpr_consent=&us_privacy=

Request Chain 584

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=sta&i=0-f3637285-b477-5d23-47ec-f8e0e7db5f30$ip$80.255.7.108

Request Chain 585

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_3669e6a6-26f5-4699-9b14-91acccedbe01&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
https://usersync.gumgum.com/usersync?b=zem&i=

Request Chain 586

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
https://usersync.gumgum.com/usersync?b=pln&i=So7fVNA6LfTd&ev=1&pid=558355

Request Chain 587

https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
https://usersync.gumgum.com/usersync?b=obn&i=ENC%28imqH2P2mBjFbAJpyjJV5ttr86mXv6TmlOttTJjFSfsXj94NreWYgLBZze3MLnI1E%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28imqH2P2mBjFbAJpyjJV5ttr86mXv6TmlOttTJjFSfsXj94NreWYgLBZze3MLnI1E%29 HTTP 302
https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_3669e6a6-26f5-4699-9b14-91acccedbe01&obuid=ENC(imqH2P2mBjFbAJpyjJV5ttr86mXv6TmlOttTJjFSfsXj94NreWYgLBZze3MLnI1E) HTTP 302
https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51

Request Chain 589

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=oth&i=y-MzJs0xxE2pdjfmvBGlnlkqbRiIubzEB7UdSO~A

Request Chain 590

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
https://usersync.gumgum.com/usersync?b=vnt&i=f4f230c0-4d04-4754-9ccb-a366018deb45

Request Chain 591

https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D HTTP 307
https://usersync.gumgum.com/usersync?b=snc&i=GDPR

Request Chain 593

https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
https://usersync.gumgum.com/usersync?b=idi&i=4f83d804-a17a-47e8-9910-870fa15f0259

Request Chain 601

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
https://usersync.gumgum.com/usersync?b=mmh&i=48866481-85de-4f00-8fe9-3444e552210b&gdpr=&gdpr_consent=

Request Chain 602

https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=atm&i=ZIGF3gAQJUIl8wAp&gdpr=&gdpr_consent=

Request Chain 604

https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
https://usersync.gumgum.com/usersync?b=sus&i=ZIGF38Co5ukAAJL1eIgAAAAA

Request Chain 608

https://sync.admanmedia.com/pbs.gif?redir=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D9937b3fd6e9a979a%26fi%3D84e816764fcbc1fd%26uid%3D%5BUID%5D HTTP 302
https://u-ams03.e-planning.net/um?dc=9937b3fd6e9a979a&fi=84e816764fcbc1fd&uid=9a2e25f0-20cf-4c77-9dab-195c52e0b736

Request Chain 610

https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D84e816764fcbc1fd%26uid%3D%24UID HTTP 302
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=84e816764fcbc1fd&uid=2010292523365572458

Request Chain 611

https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3D84e816764fcbc1fd%26uid%3D%24UID&partner=eplanning HTTP 302
https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=84e816764fcbc1fd&uid=ua-b2417b94-1c48-3964-97db-0ba5156b743c

Request Chain 614

https://cookies.nextmillmedia.com/sync?type=image&gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%5BNMUID%5D%26dc%3Db337141cfdc8cf59%26fi%3D84e816764fcbc1fd HTTP 302
https://u-ams03.e-planning.net/um?uid=csuid_038148ae-9f03-4456-a7d3-49f8363efbfe&dc=b337141cfdc8cf59&fi=84e816764fcbc1fd

Request Chain 616

https://as.ck-ie.com/prebid.gif?limit=50&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsmartyads%26uid%3D%5BUID%5D HTTP 302
https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=277e93d456c19b933cab211609ac3880d2fca623cda996fa2448985973b87c36

Request Chain 618

https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
https://usersync.gumgum.com/usersync?b=rth&i=N7fCtP1YxmCs0rveLB0j&pi=gumgum

Request Chain 619

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
https://eus.rubiconproject.com/usync.html?p=gumgum

Request Chain 622

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D323548%26extuid%3D%24UID%26%5BGDPR_APPLIES%5D%26gdpr_consent%3D%5BGDPR_CONSENT_STRING%5D HTTP 302
https://sync.spotim.market/csync?t=a&ep=323548&extuid=2010292523365572458&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]

Request Chain 624

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu

Request Chain 629

https://creativecdn.com/cm-notify?pi=admatic HTTP 302
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=N7fCtP1YxmCs0rveLB0j&pi=admatic

Request Chain 630

https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID HTTP 303
https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=3774514616463086421

Request Chain 631

https://ad.360yield.com/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D743408%26extuid%3D%7BPUB_USER_ID%7D%26gdpr%3D%5Breplace_me%5D%26gdpr_consent%3D%5Breplace_me%5D HTTP 302
https://sync.console.adtarget.com.tr/csync?t=a&ep=743408&extuid=4f83d804-a17a-47e8-9910-870fa15f0259&gdpr=[replace_me]&gdpr_consent=[replace_me]

Request Chain 632

https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D743845%26extuid%3D%24UID HTTP 303
https://sync.console.adtarget.com.tr/csync?t=a&ep=743845&extuid=3774514616463086421

Request Chain 633

https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=783f5571dd1dbd41

Request Chain 640

https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2010292523365572458

Request Chain 642

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZIGF3gAQJUIl8wAp

Request Chain 643

https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=gIEClY6AXsGbg1mThoAXkIHQXsCbhQuVj9QwEdh8

Request Chain 644

https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=2010292523365572458

Request Chain 645

https://cm.ctnsnet.com/int/cm?exc=19 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=9f23cfbe9609412eb598ef1193740aa0&expiration=1688802015

Request Chain 648

https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D79a64fcc-6cfc-4445-7207-8c3d4a87e46c%26reqId%3D561114f0-056f-4902-6c2b-d25d22d55e81%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=79a64fcc-6cfc-4445-7207-8c3d4a87e46c&reqId=561114f0-056f-4902-6c2b-d25d22d55e81&zdid=1361&puid=b516bf00-05cf-11ee-8f69-d1554a111ef4

Request Chain 658

https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
https://usersync.gumgum.com/usersync?b=apn&i=2010292523365572458

Request Chain 659

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_3669e6a6-26f5-4699-9b14-91acccedbe01&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=gumgum2&gdpr=&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=gumgum2&&user_id=So14Z0SMJDNRjyNhTIxtYkvcJDJRiXFnRdgrZCTi HTTP 302
https://usersync.gumgum.com/usersync?b=bsw&i=395da4e5-7a73-425d-b97d-bc53dd5eb6ea&gdpr=&gdpr_consent=&us_privacy=

Request Chain 660

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=sta&i=0-f3637285-b477-5d23-47ec-f8e0e7db5f30$ip$80.255.7.108

Request Chain 661

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_3669e6a6-26f5-4699-9b14-91acccedbe01&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
https://usersync.gumgum.com/usersync?b=zem&i=

Request Chain 662

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
https://usersync.gumgum.com/usersync?b=pln&i=sVhBnn5kpWXX&ev=1&pid=558355

Request Chain 663

https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
https://usersync.gumgum.com/usersync?b=obn&i=ENC%28nUK4wd7qsiEhPSmg2lcpvaEZ_Z2B8i3P4J5WR5XDfTodQXnunewmCd4oFv_ZsBrQ%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28nUK4wd7qsiEhPSmg2lcpvaEZ_Z2B8i3P4J5WR5XDfTodQXnunewmCd4oFv_ZsBrQ%29 HTTP 302
https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_3669e6a6-26f5-4699-9b14-91acccedbe01&obuid=ENC(nUK4wd7qsiEhPSmg2lcpvaEZ_Z2B8i3P4J5WR5XDfTodQXnunewmCd4oFv_ZsBrQ) HTTP 302
https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51

Request Chain 665

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=oth&i=y-MzJs0xxE2pdjfmvBGlnlkqbRiIubzEB7UdSO~A

Request Chain 666

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
https://usersync.gumgum.com/usersync?b=vnt&i=f4f230c0-4d04-4754-9ccb-a366018deb45

Request Chain 667

https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D HTTP 307
https://usersync.gumgum.com/usersync?b=snc&i=GDPR

Request Chain 669

https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
https://usersync.gumgum.com/usersync?b=idi&i=4f83d804-a17a-47e8-9910-870fa15f0259

Request Chain 676

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
https://usersync.gumgum.com/usersync?b=mmh&i=829f6481-85de-4c00-be7d-06d6e712ce7d&gdpr=&gdpr_consent=

Request Chain 677

https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=atm&i=ZIGF3gAQJUIl8wAp&gdpr=&gdpr_consent=

Request Chain 679

https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
https://usersync.gumgum.com/usersync?b=sus&i=ZIGF38Co5ucAAOzzFQAAAAAA

Request Chain 683

https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
https://usersync.gumgum.com/usersync?b=rth&i=N7fCtP1YxmCs0rveLB0j&pi=gumgum

Request Chain 684

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
https://eus.rubiconproject.com/usync.html?p=gumgum

Request Chain 693

https://ssum.casalemedia.com/usermatchredir?s=194962&limit=50&cb=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
https://user-sync.adxpremium.services/setuid?bidder=ix&uid=ZIGF3crsBtBhjTc7KJhXoQAA%261188

Request Chain 705

https://cm.adform.net/cookie?limit=50&redirect_url=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dadform%26uid%3D%24UID HTTP 303
https://user-sync.adxpremium.services/setuid?bidder=adform&uid=3774514616463086421

Request Chain 709

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}

Request Chain 710

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1686210017142 HTTP 302
https://ad.turn.com/r/cs?pid=45&rndcb=6738148346 HTTP 302
https://sync.1rx.io/usersync/turn/7058944085178254639?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-066a66fc-e29c-4985-983a-818a7e1795f8-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-066a66fc-e29c-4985-983a-818a7e1795f8-003 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-066a66fc-e29c-4985-983a-818a7e1795f8-003

Request Chain 712

https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:D998252CA44F4710BFAB481463D50A6D&gdpr=0&gdpr_consent=

Request Chain 715

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=F1189970-D5EB-4D10-A457-2B376BA0A465&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=F1189970-D5EB-4D10-A457-2B376BA0A465&sInitiator=external&gdpr=0&gdpr_consent=

Request Chain 716

https://pixel.onaudience.com/?partner=214&mapped=F1189970-D5EB-4D10-A457-2B376BA0A465&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0

Request Chain 717

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2010292523365572458

Request Chain 722

https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D%24UID%26vid%3Da6f37f0123013099a595be2217fc435a%26dspid%3Dadf HTTP 303
https://a.vidoomy.com/api/rtbserver/pbscookie?uid=3774514616463086421&vid=a6f37f0123013099a595be2217fc435a&dspid=adf

Request Chain 723

https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D$%7BUID%7D%26vid%3Da6f37f0123013099a595be2217fc435a%26dspid%3Dopenx HTTP 302
https://a.vidoomy.com/api/rtbserver/pbscookie?uid=8464df2e-e98c-4dce-abb6-8bc9643cf375&vid=a6f37f0123013099a595be2217fc435a&dspid=openx

752 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request rudy_israel Show response
www.picuki.com/profile/ 99 KB
16 KB 1135ms
1046ms Document
text/html 172.67.68.160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.picuki.com/profile/rudy_israel
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.68.160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1214b9d9e53bee3269cb3021103388c665436f0f9ac93a4a301483971229879d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 7d3f7c27b8792c46-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 08 Jun 2023 07:40:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oQAyW74rZmBQlKnJiBxGAZYjwQFY0ZZdmtkjcSW%2Fttr7b4E74zS%2B%2FKb9TIsbK9NUE2pp7oYtbW8wYN1%2BkAYcpCn0bKBJOCfXgNh6%2B1EMCzh8VpPsIfKD0gNPqnRO%2F%2FbR"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 style.css
www.picuki.com/app/assets/css/ 123 KB
20 KB 487ms
485ms Stylesheet
text/css 172.67.68.160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.picuki.com/app/assets/css/style.css?v=1686210009
Requested by: Host: www.picuki.com
URL: https://www.picuki.com/profile/rudy_israel
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.68.160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f086e62a5ad212baa7d002ca0ec5611e2b1cf8ad5689d213aab9e14dfc844012

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/profile/rudy_israel
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:09 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Wed, 31 May 2023 11:58:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64773669-1eae2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nGvLjZGBNkhj76u4LnV9Zp5hCVKhESv%2BDH6B17vQK5twRVHebP6yZDrJQX%2BfWXcapYUxSOPyIFey1servbNVOdDGsK1d8xR1vvsI2A9B5K8BQZtmBiAbglgzn850m1JE"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 7d3f7c2e4f592c46-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fontello.css
www.picuki.com/app/assets/fonts/fontello/css/ 3 KB
1 KB 59ms
56ms Stylesheet
text/css 172.67.68.160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.picuki.com/app/assets/fonts/fontello/css/fontello.css?v=2
Requested by: Host: www.picuki.com
URL: https://www.picuki.com/profile/rudy_israel
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.68.160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69132eb2f05e13a4c63a410722925db45aee5c05b3cb792fcb602e890ee69860

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/profile/rudy_israel
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:09 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 21 Nov 2019 13:57:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 13145862
etag: W/"5dd697be-b3c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FYsJXkCM%2FVfOs3B4c%2FeB3w3Fs9NJ4RuQTkbbiXKcFAALYQKKrRqIiUa%2BqRrg8L5nrAa31HnNSUDIQqDwcYvEyXFAwnMhfr%2Bb%2FVTJKa8b%2BMo8KeAOadI4uAIWQF%2BOrDP0"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 7d3f7c2e4f5c2c46-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fontello-codes.css
www.picuki.com/app/assets/fonts/fontello/css/ 1 KB
667 B 47ms
45ms Stylesheet
text/css 172.67.68.160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.picuki.com/app/assets/fonts/fontello/css/fontello-codes.css?v=2
Requested by: Host: www.picuki.com
URL: https://www.picuki.com/profile/rudy_israel
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.68.160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a880ca860b0dfd58886aeb5566f01ed3e6824f4223c98c6bf839d1196047c42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/profile/rudy_israel
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:09 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 21 Nov 2019 13:57:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 13166632
etag: W/"5dd697bc-472"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CS6SgzXrJlSkn8dehUM0twLdlqUiTo5pQb%2BHMLxhyD%2FVm%2FGY5WgADbZXq9Z5RAC6kmYIp948ZrJsPVHpUQXAAgOJud3HHSXiDsiz5P1DS5iLOYFI5%2BM5XyXWBCyjG2x6"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 7d3f7c2e4f5e2c46-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 flaticon.css
www.picuki.com/app/assets/fonts/flaticon/ 25 KB
5 KB 48ms
46ms Stylesheet
text/css 172.67.68.160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.picuki.com/app/assets/fonts/flaticon/flaticon.css
Requested by: Host: www.picuki.com
URL: https://www.picuki.com/profile/rudy_israel
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.68.160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5be8e095e2fd0837f7ceefffaf25b2aa3579180714c27f2d9cacfb0cc9f87872

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/profile/rudy_israel
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:09 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 21 Nov 2019 13:56:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 13407553
etag: W/"5dd697a1-64e6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kgi2HEb885b63jsTy3VGx%2Fpf1HrhFhdvXH3vMsS5y9wh2eztiIOlTRZgQu8q4ONlUwTFiTQSpKDmI60mHaqyU%2BZeL7pv23UhGb0u5q1PdmBbqmMvQSvAHDPx%2BGuEVEDl"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 7d3f7c2e4f5f2c46-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 flaticon.css
www.picuki.com/app/assets/fonts/flat-comments/ 832 B
739 B 61ms
59ms Stylesheet
text/css 172.67.68.160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.picuki.com/app/assets/fonts/flat-comments/flaticon.css
Requested by: Host: www.picuki.com
URL: https://www.picuki.com/profile/rudy_israel
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.68.160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5592fb740954d5a92e2c24d18ddc4af2e53d42da3ad30e2a44c793d49a45f69

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/profile/rudy_israel
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:09 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 21 Nov 2019 13:56:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 13407554
etag: W/"5dd6979a-340"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oZcVWALiTyqY6P21IdIOku25KnVSSVtJHLno0AH6QdJ71ymgXP3IuQzmaSC%2F2obDtjpArIiYA3VtceCNnaN7h26uestd0E3e6N8m9UIDuoWKWycz11we9%2Fnh3645FYLv"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 7d3f7c2e4f612c46-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 123 KB
48 KB 145ms
49ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-153071106-1

Requested by

Host: www.picuki.com
URL: https://www.picuki.com/profile/rudy_israel

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6adcb5a4228db56fe8b22d0ef9dd538b16da2b7223965eae4f9c4a2a855b0ec4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 48521
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 08 Jun 2023 07:40:09 GMT

GET
H2 200 in-view.min.js Show response
cdn.jsdelivr.net/npm/in-view@0.6.1/dist/ 5 KB
3 KB 143ms
41ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/in-view@0.6.1/dist/in-view.min.js

Requested by

Host: www.picuki.com
URL: https://www.picuki.com/profile/rudy_israel

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ba92f31903d0ed43a15811c0506b1c357fa04ff643140a3c0e162dfc66cd37eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 08 Jun 2023 07:40:09 GMT
x-content-type-options: nosniff
content-encoding: br
age: 7324824
x-jsd-version: 0.6.1
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2213
x-served-by: cache-fra-eddf8230100-FRA
x-jsd-version-type: version
etag: W/"14be-WmlQIO/ElIG9SfA/X8UgGV8u+ls"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 75 KB
25 KB 189ms
94ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.picuki.com
URL: https://www.picuki.com/profile/rudy_israel

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

464082a18d12427498d9c87bd6e6af4887ee89b345253038f5ef3ebea7c6145c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25288
x-xss-protection: 0
server: cafe
etag: 397 / 19516 / 31075139 / config-hash: 9074073763038175863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 08 Jun 2023 07:40:09 GMT

GET
H2 200 3528 Show response
stpd.cloud/saas/ 462 KB
124 KB 189ms
98ms Script
text/javascript 2606:4700::6812:1f31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://stpd.cloud/saas/3528
Requested by: Host: www.picuki.com
URL: https://www.picuki.com/profile/rudy_israel
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1f31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f221adec10d37c10bb6e652f396f6918221183972ee951efe36da2ab9fd37387

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires: Thu, 08 Jun 2023 11:40:09 GMT
date: Thu, 08 Jun 2023 07:40:09 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 08 Jun 2023 07:36:17 GMT
server: cloudflare
age: 232
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 7d3f7c321d5f6958-FRA
stpdhash: cache

GET
H2 200 pt.js Show response
cdn.pubfuture-ad.com/v2/unit/ 6 KB
3 KB 138ms
51ms Script
application/javascript 2606:4700:20::681a:61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.pubfuture-ad.com/v2/unit/pt.js

Requested by

Host: www.picuki.com
URL: https://www.picuki.com/profile/rudy_israel

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74075ecdd502ca9121a9d6a11e8824771cea3c7e158726e01a2964c750766e1d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:09 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 94079
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control: off
content-encoding: br
x-xss-protection: 0
referrer-policy: no-referrer
cf-bgj: minify
server: cloudflare
etag: W/"19d4-fKxMfwaT/pKWztkbnqHGCyR1YAs"
expect-ct: max-age=0
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hBBBMoGIcch6AvW%2Fy4auuxpYSQjTPpsHkhck1ngojY3YHehHF%2FFcRqCPEzGfoRn8855CfFtKBTTtAI1Pya2jKwq5k6%2Fi7Xcsm1Qq1erNFSgMvoXEXqcPTXPxE4xKoQ5Jme6Rt5LnYQf16BO8%2F9FAqEpZ"}],"group":"cf-nel","max_age":604800}
x-download-options: noopen
cache-control: public, max-age=172800
cf-ray: 7d3f7c321bc4927a-FRA

GET
H2 200 sharethis.js Show response
platform-api.sharethis.com/js/ 201 KB
45 KB 141ms
44ms Script
text/javascript 99.84.88.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://platform-api.sharethis.com/js/sharethis.js

Requested by

Host: www.picuki.com
URL: https://www.picuki.com/profile/rudy_israel

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.84.88.82 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-88-82.muc50.r.cloudfront.net

Software

Resource Hash

47d522563a9f514094ee94ebcee33b1ab88ba91d5639393beecd18be1fd27c15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:36:52 GMT
content-encoding: gzip
via: 1.1 c7cdb483c2afdb721f3c8ba14cd43e86.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: MUC50-C1
age: 197
etag: W/"32234-AoJ3k+MJOOKcahR2z6uk+gkFH+s"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
edge-control: cache-maxage=60m,downstream-ttl=60m
cache-control: max-age=600, public
x-cache: Hit from cloudfront
x-amz-cf-id: rrkSbdEbPObYoUepthUdpauXDhpnJhYQ8qltuJ63iC2PuZwOggvHhg==

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 87 KB
88 KB 131ms
40ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: www.picuki.com
URL: https://www.picuki.com/profile/rudy_israel

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:33:07 GMT
x-content-type-options: nosniff
age: 25622
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 89501
x-xss-protection: 0
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 07 Jun 2024 00:33:07 GMT

GET
H2 200 imagesloaded.pkgd.js Show response
www.picuki.com/app/assets/js/ 16 KB
4 KB 59ms
57ms Script
application/javascript 172.67.68.160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.picuki.com/app/assets/js/imagesloaded.pkgd.js
Requested by: Host: www.picuki.com
URL: https://www.picuki.com/profile/rudy_israel
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.68.160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c2cd2a4097f44833817993ded2514b688066ac86d87a1e59a6b6f5369c15cfb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/profile/rudy_israel
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:09 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 21 Nov 2019 13:56:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 13407553
etag: W/"5dd69785-40a3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7l2GiEABrvPVGjrtxC%2BqVKpt5kbv650YZNTtmSCdcHUSZ0M1hTIJHr8PkD3JhEWXgxRnR8CbYCRQgwtN5UYHO2GA7BkNoXI6JQJHliTVfXzFn%2FjC4EC20Q7ApLc7FpPO"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7d3f7c2e4f642c46-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 isotope.pkgd.min.js Show response
www.picuki.com/app/assets/js/ 35 KB
10 KB 50ms
48ms Script
application/javascript 172.67.68.160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.picuki.com/app/assets/js/isotope.pkgd.min.js
Requested by: Host: www.picuki.com
URL: https://www.picuki.com/profile/rudy_israel
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.68.160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a931e5af561b1f0efaf6cdb96aeac4c035c30756dd6edd1091da1a68747d35bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/profile/rudy_israel
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:09 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 21 Nov 2019 13:56:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 13407554
etag: W/"5dd69785-8a80"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nT0Yg97TUgskWFV2aNgzKPC%2BYq%2BeSm7NuGvGYed7Y8aSEW%2F0jooA4q7azZOJYwZ8Ypn%2Flqml8RgFaZpo3PTaizXASmP%2BZwMI0WsK7aN4TLfny2wdu11qg4jT2%2FaCpRzm"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7d3f7c2e4f652c46-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 infinite-scroll.pkgd.js Show response
www.picuki.com/app/assets/js/ 56 KB
13 KB 53ms
51ms Script
application/javascript 172.67.68.160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.picuki.com/app/assets/js/infinite-scroll.pkgd.js
Requested by: Host: www.picuki.com
URL: https://www.picuki.com/profile/rudy_israel
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.68.160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d22341f68e20d3487a0f5ddb61f01a9303fd39b6025b0a9a4eb2ed7350bf442

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/profile/rudy_israel
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:09 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 01 May 2020 11:27:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 13407553
etag: W/"5eac079d-dee9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pddS0My1PtFuO04aGobdsGj%2BSsGSZzk4fJbEkCqi9KSLy%2F4vFhI1yKYWKgEUTiVNU7G0tBoUQccXm%2Bly8fXXNZ8C5s01xlqnAs8lhKR70hHqhi5z2bSgErKlvICThM1x"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7d3f7c2e4f672c46-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 imagesloaded.pkgd.min.js Show response
www.picuki.com/app/assets/js/ 5 KB
2 KB 85ms
84ms Script
application/javascript 172.67.68.160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.picuki.com/app/assets/js/imagesloaded.pkgd.min.js
Requested by: Host: www.picuki.com
URL: https://www.picuki.com/profile/rudy_israel
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.68.160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96abf166b3cbb5f7df525d86fdeeeccea4af3c120b19bc26b0613530a94e8b44

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/profile/rudy_israel
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:09 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 01 May 2020 11:27:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 13407553
etag: W/"5eac0792-15da"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sFUhgUOeeYGCNEWUDeplNiJcMv%2BD9oMb5TQIAzU8a5zLObTbzV2Q5RZ3DEUieWMFS3aTcHyFqss%2Fv1Y4gvLUqCEGk0imH7KTbWuMJ3MSj8rRQAASZF6I4vhpVrnuIXND"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7d3f7c2e8fa92c46-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 adblock.js Show response
www.picuki.com/app/assets/libs/ 7 KB
2 KB 90ms
89ms Script
application/javascript 172.67.68.160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.picuki.com/app/assets/libs/adblock.js
Requested by: Host: www.picuki.com
URL: https://www.picuki.com/profile/rudy_israel
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.68.160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7fc64440f3353cb63c713aa3271fd0850688ef47bb855d8533d103754811c15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/profile/rudy_israel
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:09 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 21 Nov 2019 13:56:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 13407553
etag: W/"5dd69788-1b0b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hgf2pIE17uqnUwey1IRJVvfrKFZrcUfAUdNhwX1YEUO%2FRBZ2P2oHOpgVG3Up%2FRqUcvy3GQ2Rlkp%2BTpBN%2BWvCpV2LevWeE9H%2By4VWMYf5e35WBOdkKrkQCuzUQKEIPI0L"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7d3f7c2e8faa2c46-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 main.js Show response
www.picuki.com/app/assets/js/ 105 KB
16 KB 508ms
507ms Script
application/javascript 172.67.68.160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.picuki.com/app/assets/js/main.js?v=1686210009
Requested by: Host: www.picuki.com
URL: https://www.picuki.com/profile/rudy_israel
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.68.160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08335652ca9474daca89a71e6cf534c7608a77a16af86bf56d1e63e764085b88

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/profile/rudy_israel
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:09 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 02 Jun 2023 09:13:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6479b2c3-1a246"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xuAgdHtKBIXuWR36zSqzVYyXLNQo4El03mY3NSrDS814NxV1Vv8wh8q%2ButcihA47ElHAtp2WH9eg4%2B2sFerF6WYNukXXd3Bi%2Fs6ewOdGLn0pdmfwjYBBck8ZOBWwcu3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7d3f7c2e8fab2c46-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 nude.min.js Show response
www.picuki.com/app/assets/libs/nude/ 927 B
845 B 90ms
88ms Script
application/javascript 172.67.68.160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.picuki.com/app/assets/libs/nude/nude.min.js?v=5
Requested by: Host: www.picuki.com
URL: https://www.picuki.com/profile/rudy_israel
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.68.160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ebe50d0db7b31a6fd68843827f50f1e6e4f960e5506ffbcf11867362d2e5b183

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/profile/rudy_israel
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:09 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 06 Mar 2020 11:49:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 11431651
etag: W/"5e6238d0-39f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G6jYh2X3x%2BiKvqDr4wH8nQhlIDwl6Qv7X44yw3YSH2nP1Pn4EttZnfv%2FwxRCwduA4vBtCbByOx3OLNaMPNqq8FoHN8SjsBFjsHQB4ugpm3JM%2FQIP%2B1h2bRj%2BMq4VxJnJ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7d3f7c2e8fad2c46-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 owl.carousel.min.js Show response
www.picuki.com/app/assets/libs/ 42 KB
11 KB 87ms
85ms Script
application/javascript 172.67.68.160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.picuki.com/app/assets/libs/owl.carousel.min.js
Requested by: Host: www.picuki.com
URL: https://www.picuki.com/profile/rudy_israel
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.68.160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b394d33b2a7ec654a6b037ebfda6618341b3f897a362be624c923c2711b54a43

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/profile/rudy_israel
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:09 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 21 Nov 2019 13:56:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 13145862
etag: W/"5dd69789-a70e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4By0P7wxtnUtrKdZu4XLz6y%2BpvmanTBbCJqnJDHVzYSYHkJBjd9ySiFnCBlabVUJ3xX68siuRtxtMT2vn3Gnd3TMhecCAhCDGYv1yXYRfG1tImDpzJlGGQDC6RiIlend"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7d3f7c2e8fae2c46-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 owl.carousel.min.css
www.picuki.com/app/assets/css/ 3 KB
1 KB 59ms
58ms Stylesheet
text/css 172.67.68.160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.picuki.com/app/assets/css/owl.carousel.min.css
Requested by: Host: www.picuki.com
URL: https://www.picuki.com/profile/rudy_israel
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.68.160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 016ab0bd0de4839680e4a717a57db9b182a8c2c5fdeec4c24db7a8df761fca4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/profile/rudy_israel
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:09 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 21 Nov 2019 13:56:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 13407553
etag: W/"5dd69771-b78"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SgrDXcxoG95XhGXVQb7I6V4QlvtxuOI2NLItTFbOUq5c5IKhRCIZ4JfjtzIx03wloO2%2FTGnC%2FczeyN0bbdBYjrAFFkWE6cy1dROy7L4WqQw9mWK0ZHUZQPvLm%2Ff3Y10k"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 7d3f7c2e4f622c46-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 owl.theme.default.css
www.picuki.com/app/assets/css/ 5 KB
2 KB 383ms
382ms Stylesheet
text/css 172.67.68.160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.picuki.com/app/assets/css/owl.theme.default.css?v=1686210009
Requested by: Host: www.picuki.com
URL: https://www.picuki.com/profile/rudy_israel
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.68.160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ee395b358a3541aab810e49c3848842b46f62de07981079da3b98ef3e21d84b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/profile/rudy_israel
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:09 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 16 Dec 2019 09:20:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5df74c4b-15f7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7pMf4B1RwB7NNR8yVDpERWEV6pWJz95%2BzXzHFuHykr6FuuCQyazh8aVJiq%2FUBeLq7BbUElvSk7fqBcEvbeKkONtuf9qjmxRUOWKCIT4cZAAqk1fiF4QkiHPemkCg0L6U"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 7d3f7c2e4f632c46-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
876 B 155ms
60ms Script
text/javascript 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: www.picuki.com
URL: https://www.picuki.com/profile/rudy_israel

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8e5488b0b92b5f015dfd5cf5a95c6b6881015da1d26d1caf76a6bf2dd41347de

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 556
x-xss-protection: 1; mode=block
expires: Thu, 08 Jun 2023 07:40:09 GMT

GET
H2 200 yep6IPkO1EBGZyPbcMURz+RTiaN0RQVF.jpeg
cdn1.picuki.com/hosted-by-instagram/q/ 9 KB
9 KB 153ms
135ms Image
image/jpeg 172.67.68.160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.picuki.com/hosted-by-instagram/q/yep6IPkO1EBGZyPbcMURz+RTiaN0RQVF.jpeg
Requested by: Host: www.picuki.com
URL: https://www.picuki.com/profile/rudy_israel
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.68.160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 941c63db5ac79fd4fb0c12b1df304c1ef103763b3a246a22a6c985c2a51a2df8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:09 GMT
cf-cache-status: MISS
last-modified: Thu, 08 Jun 2023 07:40:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K0iOd8%2FEu0pTEoIA8bEL%2BYIYjzUAw6rNjF7JQ6ly4dxIOOEjxTWh91IIYKdeAow7r9WaekJxcXqPqAO%2B9zW3lofUqFz7tox6mG29tojAhKIm8eNxQi7yfsG1A5xhkaa6rw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
content-disposition: inline; filename="5665765289.jpg";
accept-ranges: bytes
cf-ray: 7d3f7c31aad92c46-FRA
content-length: 8825

GET
H2 200 0exhNuNYnjBcaS3SYdxKjf8AzPR0WgxSZ60STLepjSVmIR1vLHOapZA0mpCj4yRwKwVlASuRYzxk7I4iV1VQDj19NEzXTLaOSzpc7aqQXe%7C%7CN1j1n9Z9onLowKXcXYHKq9cUkUQmYdSgIGaYDG7uo%7C%7CekT+OXucj8Dpi2bMrQT9zJBpY6uSKVKz8J13bH...
cdn1.picuki.com/hosted-by-instagram/q/ 71 KB
71 KB 305ms
288ms Image
image/jpeg 172.67.68.160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.picuki.com/hosted-by-instagram/q/0exhNuNYnjBcaS3SYdxKjf8AzPR0WgxSZ60STLepjSVmIR1vLHOapZA0mpCj4yRwKwVlASuRYzxk7I4iV1VQDj19NEzXTLaOSzpc7aqQXe%7C%7CN1j1n9Z9onLowKXcXYHKq9cUkUQmYdSgIGaYDG7uo%7C%7CekT+OXucj8Dpi2bMrQT9zJBpY6uSKVKz8J13bHR1Bv9vdBhGy5CoiVxfA8XrN7loi5XT%7C%7Cf%7C%7CPNpxq7U6QKUN34pUpezqlSy2AnkrfHx%7C%7CGn6ctYaHoOAAuiDpYGhpqzPheKc4EEMWggi5uCEnsJ4029eQYKxVgPxo6fKOCmMDUjFKiCU%7C%7Ck8SqtQLsSUHv3EBQnjeel%7C%7CW+eqN29qrRI9epeszOnSiYaJn4ELkbUnE2FcbBAU3jF++mDuxex6gaC8Js41Ox3SDvXpPjmhx0WWMe22CoWsYlBcKTx5C3+3ONhGreoVJs.jpeg
Requested by: Host: www.picuki.com
URL: https://www.picuki.com/profile/rudy_israel
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.68.160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4125d5df4cb6c3ed55f1992484aa69bf99b74d947ade67de8fc7fc05139e1254

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:10 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-digest: adler32=117669818
content-disposition: inline; filename="348596805_789852675837890_5811898544285452685_n.jpg";
content-length: 72381
last-modified: Thu, 08 Jun 2023 07:40:10 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C08aiNLDjDqBLB0oyFUo4j7p76ZXCCJYGy2trnuxHlEDOEmNJWrFbKrYnZIEMGA%2BiLYpdj%2BplCg%2FuX7h7IuMVJWJYzfSy%2BSs89Xtgi7R8bqxvVIUoD%2BX4H%2B8Mkq48ImHFg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7d3f7c31aad72c46-FRA

GET
H2 200 0exhNuNYnjBcaS3SYdxKjf8AzPR0WgxSZ60STLepjSVmIR1vLHOapZA0mpCj4yRwKwVlASuRYzxk7I4iU1RQDT14OUzZSb2MTjZc76+bXOzN0TRv8pRkkLswKXQeZn6m98YqVQmYdSgIGaYDG7uo%7C%7CesJ%7C%7CPrncjcFrjOMNbRKmDdttdCwFahlza4lsfe...
cdn1.picuki.com/hosted-by-instagram/q/ 45 KB
46 KB 280ms
263ms Image
image/jpeg 172.67.68.160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.picuki.com/hosted-by-instagram/q/0exhNuNYnjBcaS3SYdxKjf8AzPR0WgxSZ60STLepjSVmIR1vLHOapZA0mpCj4yRwKwVlASuRYzxk7I4iU1RQDT14OUzZSb2MTjZc76+bXOzN0TRv8pRkkLswKXQeZn6m98YqVQmYdSgIGaYDG7uo%7C%7CesJ%7C%7CPrncjcFrjOMNbRKmDdttdCwFahlza4lsfe4kx2xu5xncG114WNxahlw5OLUqQUCSKnjMcF6saR5UvoKmMZQpr6gmCG2GGM5b295BTGS9IjOkqg8iyDXdzQspjD2Fu8EIU8hjl246jUHoIALkraKEIFI+MZ1gfOAVVZBWmhm+jVBocW+xzTvSUGI%7C%7CgVRwGKOlf7kNPEu+8WgGtKbcdPK9gLrRpraTJ5HXitaFuvMXgb%7C%7Cc6KuFed4gL9oPq5A1Euj4Q7tJpfy+yI3CzAX1WDTXsEmG6jb+6GnzWTZhmCI91c6xZs=.jpeg
Requested by: Host: www.picuki.com
URL: https://www.picuki.com/profile/rudy_israel
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.68.160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f88ee37a411945bda0eab92ae5c6de1030a95568a3e4015cfa8ab4a57cdfdc8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:10 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-digest: adler32=399452973
content-disposition: inline; filename="348592906_259609429812383_2196354444113890561_n.jpg";
content-length: 46538
last-modified: Thu, 08 Jun 2023 07:40:10 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a4F5zuf6VVj740y68FJYwJRsLO3Yr%2FmLN1TYi06rbLT8wQW76Ll8pnkyAtH51CHQHPXOEJWrn3Bj5bSSWcxtfzXMePD6P7%2B4moUNeiFIDjIlKAq6C8S7QdcZQxbUMEJ5kQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7d3f7c31aad52c46-FRA

GET
H2 200 0exhNuNYnjBcaS3SYdxKjf8AzPR0WgxSZ60STLepjSVmIR1vLHOapZA0mpCj4yRwKwVlASuRYzxk44wsU1lWAz1zPkzeTLCATTtd6a2eVujN0jdl9JNlkrg2LnAabXKq8MElOzjYMTIfQeoEH%7C%7Cb2rvUV8PvwazQFuDSQNOUtzCVG%7C%7CMm0X51wm8Qf8fT...
cdn1.picuki.com/hosted-by-instagram/q/ 35 KB
35 KB 284ms
267ms Image
image/jpeg 172.67.68.160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.picuki.com/hosted-by-instagram/q/0exhNuNYnjBcaS3SYdxKjf8AzPR0WgxSZ60STLepjSVmIR1vLHOapZA0mpCj4yRwKwVlASuRYzxk44wsU1lWAz1zPkzeTLCATTtd6a2eVujN0jdl9JNlkrg2LnAabXKq8MElOzjYMTIfQeoEH%7C%7Cb2rvUV8PvwazQFuDSQNOUtzCVG%7C%7CMm0X51wm8Qf8fTT0FOzv9R3GzNJzWM1eVorrdPOrzQeEfLiM5s59O90QrkFhNQR6uj8mij2EmInPVFwFA+cu5+czr9Swxzmdwo382L6SrE8DG8v1gyzvz8QirMnvrb1G8to3fNlkI%7C%7CmHWVXSE5KhjVP1pe+lX6aJTXv0EsPkzDs47WVWv83spSmP+KwRcO+4nTyYLiTGetnX30nFeTnWX7%7C%7CK82eI9IJmrNZDOhq5hi69VvrIOimjDBSXHN1jTe0H5t0HvvKlK7xpQ==.jpeg
Requested by: Host: www.picuki.com
URL: https://www.picuki.com/profile/rudy_israel
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.68.160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e7dac83c7972ac2575a56427710edcd1406a0e2a3f219f99c16ac08b9f8d1d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:10 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-digest: adler32=3222914296
content-disposition: inline; filename="347772468_929154814970627_123044672355845729_n.jpg";
content-length: 35667
last-modified: Thu, 08 Jun 2023 07:40:10 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aH6mh%2Fpjyi%2FA6Xx%2F5cbDfWhVdW0tHB69Z6TZj8BIbhv%2FfRPHeATD2CZ%2F4rAHZcy%2F8lFUCX2Wbo%2F6FkyplTun079QUoFnDdC92GB%2BynK%2FpIkzw0jcSy3Xl%2FFxT4zLenRvxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7d3f7c31aad22c46-FRA

GET
H2 200 0exhNuNYnjBcaS3SYdxKjf8AzPR0WgxSZ60STLepjSVmIR1vLHOapZA0mpCj4yRwKwVlASuRYzxk44kjWVtTDD19OkHfS7CBRDdT7KmRUuvN2zJk%7C%7CZ9lnboyLXAZZX+v9cEpUQmYdSgIGaYDG7uo%7C%7CesJ+fPucjcBojOMNbBGmDdttdCwFahlza4lsfe...
cdn1.picuki.com/hosted-by-instagram/q/ 136 KB
137 KB 290ms
290ms Image
image/jpeg 172.67.68.160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.picuki.com/hosted-by-instagram/q/0exhNuNYnjBcaS3SYdxKjf8AzPR0WgxSZ60STLepjSVmIR1vLHOapZA0mpCj4yRwKwVlASuRYzxk44kjWVtTDD19OkHfS7CBRDdT7KmRUuvN2zJk%7C%7CZ9lnboyLXAZZX+v9cEpUQmYdSgIGaYDG7uo%7C%7CesJ+fPucjcBojOMNbBGmDdttdCwFahlza4lsfe4kx2xu5xncG114WNxahlw5OLUqQUCSKnjMcF6saR5UvoKmMZQpr6gmCG2GGM5b295BTGS9IjOkqg8iyDXdzQspjD3H+8EIU8hjl246iEWhdoZoteFYqRu+MZ1krOPXWpBWmhm+jVBocW+xzTvSUGI%7C%7CgVRwGKOlf7kNPEu+8WgGtKbdPnd1Sn5fYP8M5NlCXUHKPDvUG3zBe+YKuNmt5lkPvJM4Q6a+F+IbIje1zI3CzAX1WDTWcFRYqnb+6GnzWTZhmCI91c6xZs=.jpeg
Requested by: Host: www.picuki.com
URL: https://www.picuki.com/profile/rudy_israel
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.68.160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 283f4f0f1e57dd6bdab5321af3abf0bfc486de6ec2e3d565971313fd5af986c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:10 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-digest: adler32=897360293
content-disposition: inline; filename="347288637_764024988724964_8729849560560902255_n.jpg";
content-length: 139578
last-modified: Thu, 08 Jun 2023 07:40:10 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C4Keb1GBg8fM8TKvYyiqOqaKbneSP3BxsZ2A2i6iuuDalOzPvGchOgtXnT1ym4q5ohvPAX4JoQTNhXOa%2Fey0NNRwSdE7d%2BCUnMF%2Beu1oXmbpRhV7TJHRwPLV0gh0DVBqTg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7d3f7c31caef2c46-FRA

GET
H2 200 0exhNuNYnjBcaS3SYdxKjf8AzPR0WgxSZ60STLepjSVmIR1vLHOapZA0mpCj4yRwKwVlASuRYzxk4YMtUlpZDT17PETeS7OIRTZS6KqaUumqvD1g8pVnl7gyJHQXYnCo9cokVGepNWwSDv5PHL%7C%7Clo7gX5v%7C%7CvZSgEpjuSKrVCkGZTjse3TO9%7C%7C2p...
cdn1.picuki.com/hosted-by-instagram/q/ 64 KB
64 KB 269ms
268ms Image
image/jpeg 172.67.68.160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.picuki.com/hosted-by-instagram/q/0exhNuNYnjBcaS3SYdxKjf8AzPR0WgxSZ60STLepjSVmIR1vLHOapZA0mpCj4yRwKwVlASuRYzxk4YMtUlpZDT17PETeS7OIRTZS6KqaUumqvD1g8pVnl7gyJHQXYnCo9cokVGepNWwSDv5PHL%7C%7Clo7gX5v%7C%7CvZSgEpjuSKrVCkGZTjse3TO9%7C%7C2pYf5%7C%7CHSv1izv9QpcmkazXgpdAd4+pvlpDk1VOCtIc17q7VySKNBjNUEvqK%7C%7C1Sa8H2QkaHp%7C%7CECKet8XCkONFui3rSzY57zz2F%7C%7CF9EEIdvlqztEtmpogl2IOOGNpu8N8A6ZqCQ34CGWlvqklPv6XslHPaSkGI%7C%7CmIUwGPRn+T8J7gprsigdcy8U%7C%7Cn55yrVQ7buMJdWUFEENebHVm%7C%7CXC9+BMZBBh4UcJq5J1AyE9ReSIKDyiQt2QjpP3mLfVMAjE9jEgpCq8UjDiznTplBrkZns.jpeg
Requested by: Host: www.picuki.com
URL: https://www.picuki.com/profile/rudy_israel
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.68.160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 600aeed14460b511cf9bcf9be6aad5badd5df2929d6a9239f8080371974d3afb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:10 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-digest: adler32=1639806306
content-disposition: inline; filename="345863796_1011270996672668_8662637691876729801_n.jpg";
content-length: 65534
last-modified: Thu, 08 Jun 2023 07:40:10 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pcJUZ8AsZfqPy%2FY2x0mn6RG3bREbTpEZIUid2EcX6Qm80q4Vzq3xas8sSVhSmsj5H6pQgCqCn13Uux3oTX0IAOoAGoMX0dftqIRhfIlba7RRQTLCWVSZdfT3oQ6H3uEzzA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7d3f7c31caf02c46-FRA

GET
H2 200 0exhNuNYnjBcaS3SYdxKjf8AzPR0WgxSZ60STLepjSVmIR1vLHOapZA0mpCj4yRwKwVlASuRYzxk4IgvUFtZCD19OUPfTbaPSzlV6a+bXO%7C%7CN1jBg8pBklrs8KXcYZneq9MsvVwmYdSgIGaYDG7uo%7C%7CesJ+fPucjcBojOMNbBGmDdttdCwFahlza4lsfe...
cdn1.picuki.com/hosted-by-instagram/q/ 120 KB
121 KB 300ms
300ms Image
image/jpeg 172.67.68.160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.picuki.com/hosted-by-instagram/q/0exhNuNYnjBcaS3SYdxKjf8AzPR0WgxSZ60STLepjSVmIR1vLHOapZA0mpCj4yRwKwVlASuRYzxk4IgvUFtZCD19OUPfTbaPSzlV6a+bXO%7C%7CN1jBg8pBklrs8KXcYZneq9MsvVwmYdSgIGaYDG7uo%7C%7CesJ+fPucjcBojOMNbBGmDdttdCwFahlza4lsfe4kx2xu5xncG114WNxahlw5OLUqQUCSKnjMcF6saR5UvoKmMZQpr6gmCG2GGM5b295BTGS9IjOkqg8iyDXdzQspjD3H+8EIU8hjl246iIEpb0AmNauMLdU+MZ1uqTWRWhBWmhm+jVBocW+xzTvSUGI%7C%7CgVRwGKOlf7kNPEu+8WgGtKbd9LB2iLWX4bLMOtdbUU7KNrBSQ%7C%7CtGP6DCudcuaAbM+FI02uWpSqCduKt5TI3CzAX1WDTWcRVFK3b+6GnzWTZhmCI91c6xZs=.jpeg
Requested by: Host: www.picuki.com
URL: https://www.picuki.com/profile/rudy_israel
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.68.160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4e7dc2f4147576fc4ab42c7adcc24f49130ef3af15728075dc1eb6f5f3fe57f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:10 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-digest: adler32=1658483562
content-disposition: inline; filename="344341693_756042776172380_5566752484273153833_n.jpg";
content-length: 122962
last-modified: Thu, 08 Jun 2023 07:40:10 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a%2FPbwv2CsQsZOMMa2E1GhUiYYZ06%2BFKU3grpu%2BQivlhCL6zI%2BiVywIX7GPDW2DVnmK%2B04fk2BEs2N3Qmk74vQgQaxKpiM9YDZR5D%2BuIuxolSw4ZnhXOuna4tXYldMmRM%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7d3f7c327bcf2c46-FRA

GET
H2 200 0exhNuNYnjBcaS3SYdxKjf8AzPRyWgxSZ60STLepjSVmIR1vLHOapZA0mpCj4yRwKwVlASuRYzxk5oIqV1RQAj1zOU3bSbeLTj1U5qWdU+nN1jVn9Z9glrs8LnMWZnGt98orVgmYdSgIGaYDG7uo%7C%7CesJ+fPpcjINpi2WPLQT9zJBpY6uSKVKz8B1pJ2Jg3Tt...
cdn1.picuki.com/hosted-by-instagram/q/ 26 KB
26 KB 257ms
256ms Image
image/jpeg 172.67.68.160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.picuki.com/hosted-by-instagram/q/0exhNuNYnjBcaS3SYdxKjf8AzPRyWgxSZ60STLepjSVmIR1vLHOapZA0mpCj4yRwKwVlASuRYzxk5oIqV1RQAj1zOU3bSbeLTj1U5qWdU+nN1jVn9Z9glrs8LnMWZnGt98orVgmYdSgIGaYDG7uo%7C%7CesJ+fPpcjINpi2WPLQT9zJBpY6uSKVKz8B1pJ2Jg3Tt%7C%7C9kiJzJE5m4vMAQusNyJ52tEX%7C%7CD+O8BnsaBwVLYBxMQK5qnRlSaHEmw+Jj8uQ3agtIj+kOYA2BLyYA0X%7C%7CGifUa0SDnRTt0edrkR3t4gj1aSNBdxuiekakIH2bSAEXG428Fk71pu1ynOdV0Gv%7C%7CUVIx0zw06OrU+osjJrVdsqyBsrW7iuYPaDNMIpWdHIeN%7C%7CbQWEmRJPiaUN8fmY4SSqwWhnvholH7S7734wB4AGhM1GSKWcU=.jpeg
Requested by: Host: www.picuki.com
URL: https://www.picuki.com/profile/rudy_israel
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.68.160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6183f3532ebf27b9ad22503d9365fb4789d9522563316eab7e20723062ac4ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:10 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-digest: adler32=2948706221
content-disposition: inline; filename="342916909_958403322088576_5011812483693720972_n.jpg";
content-length: 26249
last-modified: Thu, 08 Jun 2023 07:40:10 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jSu0BUFbXhk5bX9YCCHNWs%2FdWVzJSPWE9ikX4Q3SdXI5YZ76XPXh7gZyIYPt7hCkOqkfE12A9HKGlUUnPjf72JAjpkHSNA2vMvBKhaPHliJvrarihsqQgW%2F%2BrvOE5tKqoA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7d3f7c329be72c46-FRA

GET
H2 200 0exhNuNYnjBcaS3SYdxKjf8AzPRyWgxSZ60STLepjSVmIR1vLHOapZA0mpCj4yRwKwVlASuRYzxk548oUl9QCT1zOUDZTLSLTDdd666ZUufN0Txl85ZikrwyKnEfZHSs8cEqUgmYdSgIGaYDG7uo%7C%7CesJ+fPucjcBojOMNbBGmDdttdCwFahlza4lsfe4kx2x...
cdn1.picuki.com/hosted-by-instagram/q/ 94 KB
94 KB 305ms
304ms Image
image/jpeg 172.67.68.160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.picuki.com/hosted-by-instagram/q/0exhNuNYnjBcaS3SYdxKjf8AzPRyWgxSZ60STLepjSVmIR1vLHOapZA0mpCj4yRwKwVlASuRYzxk548oUl9QCT1zOUDZTLSLTDdd666ZUufN0Txl85ZikrwyKnEfZHSs8cEqUgmYdSgIGaYDG7uo%7C%7CesJ+fPucjcBojOMNbBGmDdttdCwFahlza4lsfe4kx2xu5xncG114WNxahlw5OLUqQUCSKnjMcF6saR5UvoKmMZWpr6gmCG2GGM5b295BTGS9IjOkqg8iyDXdzQspjD3E+8EIU8hjl246jUQlNw8m6+kEZlc+MZ1grrZZWpBWmhm+jVBocW+xzTvSUGI%7C%7CgVRwGKOlf7kNPEu+8WgGtKbdsnQwBjOVuPKWZ1pdE0JKdKCBWrPI%7C%7CGfCd5VsplqKcxpgmutpCHoJujDzQQ3CzAX1WDTWcQnE9%7C%7Cb+6GnzWTZhmCI91c6xZs=.jpeg
Requested by: Host: www.picuki.com
URL: https://www.picuki.com/profile/rudy_israel
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.68.160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02cd2895a20078424998934cb2aa6268c4090e1faaac7016c41239385db5500d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:10 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-digest: adler32=2543291098
content-disposition: inline; filename="343433202_955650308953168_2937136367401236266_n.jpg";
content-length: 96182
last-modified: Thu, 08 Jun 2023 07:40:10 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=taneh6UyP46GyhJ%2Bn9kLKfOaBDWWLK%2Bw7uuSivchI3EgTGPWI92kfERTj3XUA5H3%2FOeq3PQCt8YpgVgp6toqhuARIeBwYhFnMJOAZK4SBcQNfhLORUISvPkdv9ZaJjXE%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7d3f7c329be82c46-FRA

GET
H2 200 0exhNuNYnjBcaS3SYdxKjf8AzPRyWgxSZ60STLepjSVmIR1vLHOapZA0mpCj4yRwKwVlASuRYzxk5owpVV9XDz1%7C%7COUDWSLKPRDZd562eVO7N0DFv9JJikbs2KncebXKt%7C%7CsYqXQmYdSgIGaYDG7uo+qhT5aGuO1lQpTb9d7JGmC4E5ZObS6olhMF4pJ2...
cdn1.picuki.com/hosted-by-instagram/q/ 104 KB
104 KB 321ms
321ms Image
image/jpeg 172.67.68.160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.picuki.com/hosted-by-instagram/q/0exhNuNYnjBcaS3SYdxKjf8AzPRyWgxSZ60STLepjSVmIR1vLHOapZA0mpCj4yRwKwVlASuRYzxk5owpVV9XDz1%7C%7COUDWSLKPRDZd562eVO7N0DFv9JJikbs2KncebXKt%7C%7CsYqXQmYdSgIGaYDG7uo+qhT5aGuO1lQpTb9d7JGmC4E5ZObS6olhMF4pJ2Jg3Tt%7C%7C9kiJzJE5m4vMAQusNyJ52tEX%7C%7CD+O8BnsaBwVLYBxMQK5qnRlSaHEmw+Jj8uQnagtIj+kOYA2CrBLANoy2KWY74KDnRGtWyXjRR3t4gj1aSNBdxuiekakIH2bSAEXG428Fk71pu1ynOdV0Gv%7C%7CRFg0Hbal+ToQqk8t4PVEuTFBs3I+Q3XfunqRLVZCSwEJsmPZAzkC%7C%7CiiDM8fmY4SSqwWgg%7C%7Ch1lD7S7734wB4AGhM1GSKWcU=.jpeg
Requested by: Host: www.picuki.com
URL: https://www.picuki.com/profile/rudy_israel
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.68.160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d36efd703746975255c0c39798c9a1f6af8fe05bb251f10f272a0a5899895f41

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:10 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-digest: adler32=710457389
content-disposition: inline; filename="342724274_555916789990601_3490535427218429569_n.jpg";
content-length: 106507
last-modified: Thu, 08 Jun 2023 07:40:10 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zCKYlVgUrTESTnoN2WqVrzhTVXft3UmxlSfWcO0o%2BhvFcpV2mDpB9wSrxIxYHVzgQFTK7vTzXof9Mp5OU3Vq4NigaIg1tmmjZgIc8oMvQbdUIXjIkRYD5yd%2Flz1ZYN4y5w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7d3f7c329bed2c46-FRA

GET
H2 200 0exhNuNYnjBcaS3SYdxKjf8AzPRyWgxSZ60STLepjSVmIR1vLHOapZA0mpCj4yRwKwVlASuRYzxk5ogsUFlQAz19OkLfQLSLSTtc7KSbXO3N0DJj%7C%7CZBhnbwxKHcWbHev8solOzjYMTIfQeoEH%7C%7Cb2rvUW8PvwbTIBpi2TMLBCyQlWotfpUrJy9ZRzt52...
cdn1.picuki.com/hosted-by-instagram/q/ 110 KB
110 KB 265ms
265ms Image
image/jpeg 172.67.68.160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.picuki.com/hosted-by-instagram/q/0exhNuNYnjBcaS3SYdxKjf8AzPRyWgxSZ60STLepjSVmIR1vLHOapZA0mpCj4yRwKwVlASuRYzxk5ogsUFlQAz19OkLfQLSLSTtc7KSbXO3N0DJj%7C%7CZBhnbwxKHcWbHev8solOzjYMTIfQeoEH%7C%7Cb2rvUW8PvwbTIBpi2TMLBCyQlWotfpUrJy9ZRzt52U1h+189JldAJZ+jtvdBFundPZlTIeAefzPcBgoK9jC7Eei5RIuqHtnyuxH34+emlsFj3RuYTM2dENhhzrdSFlqjD3AZY1LHMRiVbmuiUOtZ0G2NevO7hM4bNu%7C%7CKXRRSACW2E2hjtfwZftgAHsSUGImUBRwT2Ej+b3ffZ79sXPBPW5XNfOmXTDZ5fvWaldeFUHJazCHkrwKNygAexejp5ZP%7C%7CVLjgaPpAGlY6n7%7C%7CVV+AWgc12zeL7YjZ7uiyqyb4X7U3zvZ8AZuxw==.jpeg
Requested by: Host: www.picuki.com
URL: https://www.picuki.com/profile/rudy_israel
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.68.160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4f3e6ecda07bad63ba069fab25e9668723129857ac17b722fd9ed4d430f2f0b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:10 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-digest: adler32=2056958859
content-disposition: inline; filename="342371408_767090354829382_375970935529910599_n.jpg";
content-length: 112442
last-modified: Thu, 08 Jun 2023 07:40:10 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ycg05tu%2FBogKfngouXfz%2FugMEmeILfMz%2FZ4SZgVQ5PuezGehHqbB2PifqIUbx4lhA%2B8XYxKeaUWqM38ElH3N3sV8rlYDicJfXLFeYtws1OsZx8ZY8xze5fnAqAHSX7KN0w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7d3f7c329bea2c46-FRA

GET
H2 200 0exhNuNYnjBcaS3SYdxKjf8AzPRyWgxSZ60STLepjSVmIR1vLHOapZA0mpCj4yRwKwVlASuRYzxk5YgoVl9RAz17OkXdTLSBTD9U76+cVe%7C%7CN1jRi%7C%7CJZkkrk9LHUcYHet8MQoUAmYdSgIGaYDG7uo+qhT5aGuO1lQpTb9d7JGmC4E5ZObS6olhMF4pJ2...
cdn1.picuki.com/hosted-by-instagram/q/ 83 KB
84 KB 299ms
299ms Image
image/jpeg 172.67.68.160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.picuki.com/hosted-by-instagram/q/0exhNuNYnjBcaS3SYdxKjf8AzPRyWgxSZ60STLepjSVmIR1vLHOapZA0mpCj4yRwKwVlASuRYzxk5YgoVl9RAz17OkXdTLSBTD9U76+cVe%7C%7CN1jRi%7C%7CJZkkrk9LHUcYHet8MQoUAmYdSgIGaYDG7uo+qhT5aGuO1lQpTb9d7JGmC4E5ZObS6olhMF4pJ2Jg3Tt%7C%7C9kiJzJE5m4vMAQusNyJ52tEX%7C%7CD+O8BnsaBwVLYBxMQK5qnRlSaHEmw+Jj8vR3agtIj+kOYA2A3yYCAZ%7C%7CEy9fZ5rDnRG0Q2wkxl3t4gj1aSNBdxuiekakIH2bSAEXG428Fk71pu1ynOdV0Gv%7C%7CHlE01bc7+KIff8C9djnBPTKUu%7C%7C+6WzWO%7C%7Cz1IoxebFg7Ns2OWV30Dt+SPfkfmY4SSqwWggjkoiX7S7734wB4AGhM1GSKWcU=.jpeg
Requested by: Host: www.picuki.com
URL: https://www.picuki.com/profile/rudy_israel
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.68.160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3722a2dca1b5a2689ef3e58cd8cba9a884533d83772a3695780215e761241bb6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:10 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-digest: adler32=1690706225
content-disposition: inline; filename="341337218_160250900012410_5148156691035127744_n.jpg";
content-length: 85367
last-modified: Thu, 08 Jun 2023 07:40:10 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s43oREZjUQz1aVYazn%2BfIrt%2F5ktKGS7hhQe0TJrEAaS9HnkGoUDbb8bi06LqftPzPpgjzPbloh3VgpcmVImBkEhXe4bqPM4db5UaHAnMGMpf%2F9hd%2FMUMgsGPswItTwbegw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7d3f7c329bec2c46-FRA

GET
H2 200 0exhNuNYnjBcaS3SYdxKjf8AzPR0WgxSZ60STLepjSVmIR1vLHOapZA0mpCj4yRwKwVlASuRYzxi7YMqU19VCz17OULWTbOJSjld7K+eXOqqvDJn95dnlrY3L3IaYner%7C%7CsspU2WpNWwSDv5PHL%7C%7Clo7gX5vrpZSgEojeSKrVGnGZTjse3TO9%7C%7C2p...
cdn1.picuki.com/hosted-by-instagram/q/ 92 KB
92 KB 313ms
312ms Image
image/jpeg 172.67.68.160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.picuki.com/hosted-by-instagram/q/0exhNuNYnjBcaS3SYdxKjf8AzPR0WgxSZ60STLepjSVmIR1vLHOapZA0mpCj4yRwKwVlASuRYzxi7YMqU19VCz17OULWTbOJSjld7K+eXOqqvDJn95dnlrY3L3IaYner%7C%7CsspU2WpNWwSDv5PHL%7C%7Clo7gX5vrpZSgEojeSKrVGnGZTjse3TO9%7C%7C2pYf5%7C%7CHSv1izv9QpcmkazXgpdAd4+pvlpDk1VOCtIc17q7VySKNBjNUEvqK%7C%7C1Sa8H2QkaHp%7C%7CECKet8XCkONFui3rSzY57zz2F%7C%7Ct9EEIdvlqztEs8hp05oZyzYK9e1t8A6fPgGjQUGWlvqklPv6XslHPaSkGI%7C%7CmIUwGPRn+T8J7gprsigdcy8U%7C%7C%7C%7C5w3LSd7rxQI1YCGIATdrYfXzUN9uBIMJYk91CLethgnnt2hG1LL387Ud2QjpP3mLfVMQiEam8gpCq8UjDiznTplBrkZns.jpeg
Requested by: Host: www.picuki.com
URL: https://www.picuki.com/profile/rudy_israel
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.68.160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 141f535a9b0a37099a9b96e55922d90ee995382988944b82c33db7fd9bee291a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:10 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-digest: adler32=3589228220
content-disposition: inline; filename="329812250_1579471669226858_7130629327571498573_n.jpg";
content-length: 93861
last-modified: Thu, 08 Jun 2023 07:40:10 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uiiDsQIjOJMQpgESNxUEfd%2BaN%2B5DfttUs0KIuIjTEgSW%2BXwYSQH368tFpqBAqiJLaLnkuHEoLK%2FijQc5S%2Bj0ikkiokUD7L%2FUAsp2aTaL44CS84Mg2fcKmvOUqzdqx3x%2Fjg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7d3f7c329be62c46-FRA

GET
H2 200 adblock.js Show response
www.picuki.com/app/assets/js/ 110 B
503 B 51ms
51ms Script
application/javascript 172.67.68.160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.picuki.com/app/assets/js/adblock.js?v=2
Requested by: Host: www.picuki.com
URL: https://www.picuki.com/profile/rudy_israel
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.68.160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0bd42c5a4eb3f83ecaa7be69ee5b8a01dc012cbd76730d534ef3fd68964366f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/profile/rudy_israel
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:09 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 12 Dec 2019 13:42:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 13407553
etag: W/"5df243d5-6e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N40P3WbUqmxkeLzAAeq3Q%2F6ccqPJAUt2d5vIe9CnvEy%2F6Vbj0QsG4XZBJgXZxHddux7OLWU7XxR9hwBDu1Y1wWRNjiCXeUCFSKIKRq6jwOubAcvBwHRkdo8nlMcmifgE"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7d3f7c315a842c46-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 adx.js Show response
www.picuki.com/app/assets/js/ 110 B
371 B 82ms
73ms Script
application/javascript 172.67.68.160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.picuki.com/app/assets/js/adx.js?v=2
Requested by: Host: www.picuki.com
URL: https://www.picuki.com/profile/rudy_israel
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.68.160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0bd42c5a4eb3f83ecaa7be69ee5b8a01dc012cbd76730d534ef3fd68964366f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/profile/rudy_israel
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:09 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 12 Dec 2019 13:42:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 13407553
etag: W/"5df243d5-6e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BVBxb46gMaZqxagV%2FeJkniZD7RZQ3ZT3zjhcDJfxXYCrNcwsErKmEn%2BOmPqGsijc6%2FA%2B%2FLMcCiwDHfzx6PDfjr9kY3xRLIKP5Twlu771pg8yv4sDkmm5C%2FjXbAC1xeE7"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7d3f7c318aad2c46-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 firebase.js Show response
www.picuki.com/app/assets/js/web-push/ 298 KB
97 KB 55ms
46ms Script
application/javascript 172.67.68.160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.picuki.com/app/assets/js/web-push/firebase.js
Requested by: Host: www.picuki.com
URL: https://www.picuki.com/profile/rudy_israel
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.68.160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cea22d911e92222dbfede091756ddef209ca86a941285df534ee94e93fd31e3e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/profile/rudy_israel
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:09 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 02 Dec 2020 09:04:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 13407553
etag: W/"5fc7588d-4a75b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5b4FTaHhCaihyznqcK8aS88IpOpZFxxUJ21MxTUV0%2B46vwESg8LU4i%2BJ1es23uv5WQMm%2FxHyFvnCSFHokk7TXufB7GPviH6uhCjODWn%2FVX%2F3Z8txLVLyFdsCOYjeeiFH"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7d3f7c318aae2c46-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 app.js Show response
www.picuki.com/app/assets/js/web-push/ 4 KB
2 KB 77ms
73ms Script
application/javascript 172.67.68.160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.picuki.com/app/assets/js/web-push/app.js
Requested by: Host: www.picuki.com
URL: https://www.picuki.com/profile/rudy_israel
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.68.160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f225637a1bf45e162a500b29cfe8971759957b7881bff5b16c074f6f291f570d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/profile/rudy_israel
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:09 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 03 Mar 2021 12:41:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 13166631
etag: W/"603f8408-1155"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H45tPMIVR0T349%2FbXB0COYYX0NvxzbWarCZBQP%2FxrhUq9Ov%2BCSGjtMkdjAFZJAVpX0fsCvUtaPRSgXwrj1mAFoI51GKJRioHaAk2Kmq2HdYLso1a1H%2F5YXpCRk8c6R7d"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7d3f7c318aaf2c46-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Roboto-Bold.woff2
www.picuki.com/app/assets/fonts/Roboto/ 63 KB
64 KB 69ms
68ms Font
application/octet-stream 172.67.68.160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.picuki.com/app/assets/fonts/Roboto/Roboto-Bold.woff2
Requested by: Host: www.picuki.com
URL: https://www.picuki.com/app/assets/css/style.css?v=1686210009
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.68.160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de6f62c798f4ded375ac0963d17d281254a91029a44209f3b9c68d4d4ec514ed

Request headers

Referer: https://www.picuki.com/app/assets/css/style.css?v=1686210009
Origin: https://www.picuki.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:09 GMT
cf-cache-status: HIT
last-modified: Thu, 21 Nov 2019 13:57:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1163
etag: "fd24-597dbabe38540"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3uHRLKNY5hqSbEs6qI01HiaVYIVsSMqIBlIHGXnFWRxwqn3wEw6l18jvCiKFVdiNjfwFxDA2cmZSrMhqA47cNTegx%2BOgSXj6JkFuQHMxjA5HsDS4SYGRWu8w%2Ffc%2B45m0"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7d3f7c319aba2c46-FRA
content-length: 64804

GET
H2 200 Roboto-Regular.woff2
www.picuki.com/app/assets/fonts/Roboto/ 63 KB
64 KB 69ms
68ms Font
application/octet-stream 172.67.68.160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.picuki.com/app/assets/fonts/Roboto/Roboto-Regular.woff2
Requested by: Host: www.picuki.com
URL: https://www.picuki.com/app/assets/css/style.css?v=1686210009
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.68.160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 364103bc6bf5b67d5297c758dd3f07ebdcb05f33d36291cb6d0549fb51e78659

Request headers

Referer: https://www.picuki.com/app/assets/css/style.css?v=1686210009
Origin: https://www.picuki.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:09 GMT
cf-cache-status: HIT
last-modified: Thu, 21 Nov 2019 13:57:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1163
etag: "fcf0-597dbac3f12c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hq530ku9eXOPWbXHAqdCrOTqk1s8rLiylyJflTXgLGetF5tk1pQNf4Nyqqy24cnFm4pSafX1bXDZE674nnMkpwjy0ml%2FeDk0lE85O8b7nCJWeM%2B%2FmjkcrVcVepBnHMu0"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7d3f7c319abb2c46-FRA
content-length: 64752

GET
H2 200 Flaticon.woff2
www.picuki.com/app/assets/fonts/flat-comments/ 680 B
996 B 66ms
65ms Font
application/octet-stream 172.67.68.160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.picuki.com/app/assets/fonts/flat-comments/Flaticon.woff2
Requested by: Host: www.picuki.com
URL: https://www.picuki.com/app/assets/fonts/flat-comments/flaticon.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.68.160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d454836811751ba1e4aab9a00ef8a5655eb2d7989ab14ca4ba199704ae11e25

Request headers

Referer: https://www.picuki.com/app/assets/fonts/flat-comments/flaticon.css
Origin: https://www.picuki.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:09 GMT
cf-cache-status: HIT
last-modified: Thu, 21 Nov 2019 13:56:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1163
etag: "2a8-597dbaafea380"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mggO%2BtBLkyTwLFicU%2FXzoNwb8M%2BKqfG0H6uF4FA06QfoM%2F3Gu9n120jdi5J%2FzXJMe5h3ueJaNYXA81sK8I%2BW3HfQKB%2BKeSe6MJmr%2F%2BY1BveBZr6DvZlEuzcg4qO6puKf"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7d3f7c319ac22c46-FRA
content-length: 680

GET
H2 200 fontello.woff2
www.picuki.com/app/assets/fonts/fontello/font/ 5 KB
6 KB 63ms
63ms Font
application/octet-stream 172.67.68.160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.picuki.com/app/assets/fonts/fontello/font/fontello.woff2?78599879
Requested by: Host: www.picuki.com
URL: https://www.picuki.com/app/assets/fonts/fontello/css/fontello.css?v=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.68.160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea43af75a38f729cdf36f0ea31e0903f00d24bc2f84f7274d13a2094f4fef5c1

Request headers

Referer: https://www.picuki.com/app/assets/fonts/fontello/css/fontello.css?v=2
Origin: https://www.picuki.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:09 GMT
cf-cache-status: HIT
last-modified: Thu, 21 Nov 2019 13:57:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3667
etag: "1580-597dbad3336c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A%2Fplo%2BPiWmDPEazC7eiO%2B5pYTPztrbjQK1vF3Ev8bxsWm%2Fz3DNIlSerfXZulybrcx08ALFOoNseUwuyjHyzBE0HH1%2F3VWpSnlzJ6LXZ8k80g0GQ4JEA3ep3axN8kRE%2BG"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7d3f7c31bade2c46-FRA
content-length: 5504

GET
H2 200 Flaticon.woff
www.picuki.com/app/assets/fonts/flaticon/ 24 KB
24 KB 56ms
55ms Font
application/font-woff 172.67.68.160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.picuki.com/app/assets/fonts/flaticon/Flaticon.woff
Requested by: Host: www.picuki.com
URL: https://www.picuki.com/app/assets/fonts/flaticon/flaticon.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.68.160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10b43c2c0ec666e5e81b56e2ac9e26a39b81717530a813f7b25e2a23e6617d10

Request headers

Referer: https://www.picuki.com/app/assets/fonts/flaticon/flaticon.css
Origin: https://www.picuki.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:09 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 21 Nov 2019 13:56:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1199
etag: W/"5fbc-597dbab4aeec0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V%2FOdGIEIO17lP4lLNTwzrD8uItqLlYUE0TBlNudsw9zg91cUiyDslv4EtcDzBdw%2Frb1Qcqx9eAMyRFEPjvax0KkEfC%2BeoAiaH1xDgwbf1gAtgqpZ86BaBXyXx8jzPpIj"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
cache-control: max-age=14400
cf-ray: 7d3f7c325b942c46-FRA

GET
H2

200

invisible.js Show response
www.picuki.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/5da7637f/ Frame 3C0D
Redirect Chain

https://www.picuki.com/cdn-cgi/challenge-platform/scripts/invisible.js
https://www.picuki.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/5da7637f/invisible.js

28 KB
14 KB

45ms
45ms

Script
application/javascript

172.67.68.160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.picuki.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/5da7637f/invisible.js

Requested by

Host: www.picuki.com
URL: https://www.picuki.com/profile/rudy_israel

Protocol

Server

172.67.68.160 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2d093a8b29c0692ee394e2460f3cbec9609939483301e6c1b78a2c9e0336cc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jkxNig2wkEy7ThmkXCAy7oBv5mPy56%2BqL45IlZhwyO9I4XpEq1%2FjuC1KUe107Ctcc883ICDBMeV4aB9%2FBktH%2FZvTK2LT0h3MyFrH2M0zlbe9a3k36nGa3W5%2BfIFp6Av0"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 7d3f7c32dc402c46-FRA

Redirect headers

date: Thu, 08 Jun 2023 07:40:10 GMT
content-encoding: gzip
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w4%2Ftn2F4kg1FQ7wImJJ7ciPhtfb0AqLYWzyK38YXc5iazdVkoRUAybXnY%2B6OMuyk1c7%2BpTjtt%2BmQ3zkW9jZkvyaa9YTAUwjeu6DLN6Ko3zEGQ8d03SdKdFudxiihHqIX"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/5da7637f/invisible.js
cache-control: max-age=300, public
cf-ray: 7d3f7c327bd02c46-FRA

POST
H2 200 ajax.php Show response
www.picuki.com/app/controllers/ 10 KB
4 KB 577ms
563ms XHR
text/html 172.67.68.160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.picuki.com/app/controllers/ajax.php
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.68.160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20146d1e7c5fa2da9f32974691d13a0ae71741e0cabaad0b3b566c3a8f54b0a8

Request headers

Accept: */*
Referer: https://www.picuki.com/profile/rudy_israel
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Thu, 08 Jun 2023 07:40:10 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DNr4xYKDxDgh%2BjmY5hEAuBoLMeWdsWJ%2FhMcf81t%2BoHqnExPn5txPlWTyvxIN98fe79BcVj1ntszO3T5tpDhy%2BefDZHglqV30RG%2B%2FohrK5MzQt95tMP0H9hVpPA9R1JBA"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 7d3f7c32cc242c46-FRA

GET
H2 200 detail Show response
ip2geo.pubfuture-ad.com/ 40 B
918 B 491ms
398ms Fetch
application/json 2606:4700:20::ac43:4615
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ip2geo.pubfuture-ad.com/detail

Requested by

Host: cdn.pubfuture-ad.com
URL: https://cdn.pubfuture-ad.com/v2/unit/pt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3122df7910843fb514ae21081c9d2385a7b7eeb1013b03e817cc4aeea6f51765

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:10 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control: off
content-length: 40
x-xss-protection: 0
referrer-policy: no-referrer
server: cloudflare
etag: W/"28-3i9h4tKeE+k7WJ5NXtC1gT/sT0Y"
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hkGxAiCpeJQsP2%2BfWvJBnpKw0KBdkX%2BI8VJwDo1mj8LMIqjejKBLOBxYFQMwR8P9R9iTyXi7%2FHW5YEVLFOVFggXXjlqIj4EDAe8sTcdauCa2w9iQiQtBVUMTNBDRU%2FCSbvw3d67arhgHZEMBvT3N3Uwktfju"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-download-options: noopen
cf-ray: 7d3f7c334cc96903-FRA

GET
H2 200 detail Show response
ip2geo.pubfuture-ad.com/ 40 B
338 B 509ms
416ms Fetch
application/json 2606:4700:20::ac43:4615
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ip2geo.pubfuture-ad.com/detail

Requested by

Host: cdn.pubfuture-ad.com
URL: https://cdn.pubfuture-ad.com/v2/unit/pt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3122df7910843fb514ae21081c9d2385a7b7eeb1013b03e817cc4aeea6f51765

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:10 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control: off
content-length: 40
x-xss-protection: 0
referrer-policy: no-referrer
server: cloudflare
etag: W/"28-3i9h4tKeE+k7WJ5NXtC1gT/sT0Y"
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nwd2x3%2F7Let14iemE%2FORWT72%2B57G6E%2BazMPEe8jehNSEtubaSHnxZtVepRpegGOzBzj4JFC1EUuVrNm%2F5ey4tnORf5Gz3CrRwGlDc7yoxk%2FQyB%2Fr7j2jyKyPF11BIkV5u83eWVRH923QuzqRYUcmxYsAwhok"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-download-options: noopen
cf-ray: 7d3f7c334ccc6903-FRA

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/ 410 KB
164 KB 134ms
39ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73fcbeac0f15bb0d757c476b3f620154ac6ba5152ea55cc4c89e43cd9db55c46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.picuki.com/
Origin: https://www.picuki.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 19:28:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43919
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 167800
x-xss-protection: 0
last-modified: Tue, 30 May 2023 00:01:16 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 06 Jun 2024 19:28:11 GMT

GET
H2 200 6471d22f413e9c001905a2d8.js Show response
buttons-config.sharethis.com/js/ 1 KB
934 B 150ms
40ms Script
text/javascript 2600:9000:206f:a000:c:abe:f440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://buttons-config.sharethis.com/js/6471d22f413e9c001905a2d8.js

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:a000:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e547039b0ccff6e54f10b2f47d587febe1425133aade331f0b397a8d5e2f0bd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:39:50 GMT
content-encoding: gzip
via: 1.1 afb3db4ac63e94a7684b97827417941c.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Sat, 27 May 2023 10:13:07 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 21
x-amz-server-side-encryption: AES256
etag: W/"eb9cfc866c347298fcba2112b30e12ac"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=60
x-amz-cf-id: Oy7R1ODFna23EHEXjraE7JAofa5L5a5_DJ8gult-kNxeb2pdJRPF6A==

GET
H/1.1 204
No Content pview Show response
l.sharethis.com/ 0
401 B 174ms
40ms XHR
text/plain 52.57.54.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://l.sharethis.com/pview?event=pview&hostname=www.picuki.com&location=%2Fprofile%2Frudy_israel&product=inline-share-buttons&url=https%3A%2F%2Fwww.picuki.com%2Fprofile%2Frudy_israel&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=%40rudy_israel%20Instagram%20profile%20with%20posts%20and%20stories%20-%20Picuki.com&cms=unknown&publisher=6471d22f413e9c001905a2d8&sop=true&version=st_sop.js&lang=en&description=Explore%20%40rudy_israel%20Instagram%20profile%20with%20posts%20and%20stories%20-%20Picuki.com&ua=&ua_mobile=false&ua_full_version_list=

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.57.54.7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-57-54-7.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Thu, 08 Jun 2023 07:40:10 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: https://www.picuki.com
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 223 KB
79 KB 51ms
47ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-D9ZR5E8BN1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-153071106-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c389e9de7f204cae211974287123083e2f552b283238fa5f0c77ed6a92d07127

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 80719
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 08 Jun 2023 07:40:10 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 130ms
39ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-153071106-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 08 Jun 2023 06:35:27 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 3883
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Thu, 08 Jun 2023 08:35:27 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306050101/ 403 KB
124 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306050101/pubads_impl.js?cb=31075139

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f90e86e415fef9aea8d31405a00fde59f92c5968762d3f9fa78a2c386a32ff09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 10:36:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75820
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 126880
x-xss-protection: 0
server: cafe
etag: 5275185617162098568
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 06 Jun 2024 10:36:30 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 4 KB
717 B 155ms
75ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.picuki.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5b1b9309069093cfcbad3cf91aa853039ddf8a530a95b6013df288e539c1502d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:10 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 692
x-xss-protection: 0
expires: Thu, 08 Jun 2023 07:40:10 GMT

GET
H2 200 pica.js
www.picuki.com/cdn-cgi/challenge-platform/h/b/scripts/ Frame 3C0D 6 KB
3 KB 44ms
44ms Other
application/javascript 172.67.68.160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.picuki.com/cdn-cgi/challenge-platform/h/b/scripts/pica.js

Requested by

Host: www.picuki.com
URL: https://www.picuki.com/profile/rudy_israel

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.68.160 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

351c9f0cdb13e4a17c1fae2c05a4b21111f1f78785b2da29b2dc03b10ef7c613

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kReMGyUzSBtdQzAcMI2K8p7Gh08LCEk1FjP9dEUS1Ow0Fa9am7duzg2eFswVBCaLP1g%2BF4UMIN8MasyfeBlSipx3ko0IVB3U6KqPq2fZSckUDg3cVBfluX9HHTq5vq%2Bh"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 7d3f7c333c992c46-FRA

POST
H2 204 collect
region1.google-analytics.com/g/ 0
245 B 136ms
47ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-D9ZR5E8BN1&gtm=45je3650&_p=396024190&cid=1356459163.1686210010&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1686210010&sct=1&seg=0&dl=https%3A%2F%2Fwww.picuki.com%2Fprofile%2Frudy_israel&dt=%40rudy_israel%20Instagram%20profile%20with%20posts%20and%20stories%20-%20Picuki.com&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D9ZR5E8BN1&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 07:40:10 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.picuki.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 139ms
46ms Preflight
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.picuki.com%2F&domain=www.picuki.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.picuki.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.picuki.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Thu, 08 Jun 2023 07:40:09 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 221085
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 op.js Show response
tagan.adlightning.com/setupad/ 43 KB
17 KB 177ms
45ms Script
application/javascript 18.66.147.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/setupad/op.js
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-119.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 286a5fc75a6ebfd285c7585b3a4b97da3f61dad373b72595a622cca68718e03f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id: CcVl7mDVGdnbUHhM501DP1QGbrRq2ClC
content-encoding: gzip
via: 1.1 02cd8164e89a1598d410a9198582d47c.cloudfront.net (CloudFront)
date: Thu, 08 Jun 2023 06:40:28 GMT
x-amz-cf-pop: FRA60-P4
age: 3583
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 17374
x-amz-meta-git_commit: e09f10f
last-modified: Wed, 07 Jun 2023 11:26:35 GMT
server: AmazonS3
etag: "fa9446ab6dea0247ec247c6e6cc52e05"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: H-Ccl8v8kp2py38nhv0sv0f9iCSMlEv41S3jdkPEdvEhLsu9Y9enYA==

GET
H3 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 85ms
40ms XHR
application/json 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230608

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/saas/3528

Protocol

Security

QUIC, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d878317c914e200c9207ada2120a4ba768e1ff623ffbb1f3285e40e8bc427af8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.picuki.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 08 Jun 2023 07:40:10 GMT
x-content-type-options: nosniff
content-encoding: br
age: 13157
x-jsd-version: 1.0.1714
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 858
x-served-by: cache-fra-eddf8230043-FRA
x-jsd-version-type: version
etag: W/"639-ds1QznykaHiQoiMeOuDNJqelYts"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK localstore.js Show response
script.4dex.io/ 483 B
1014 B 130ms
46ms Script
application/javascript 2606:4700:20::681a:9a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Thu, 08 Jun 2023 07:40:10 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Last-Modified: Tue, 06 Jun 2023 12:52:55 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 152151
ETag: W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jf14IYqKuvUvS3DbYYKuPEpIcJjAc3cRwwGmaj2fqLc3vbgrYjDGUl8G82ieH1njFlswOELn5rKwBDgsjUwDoymDV3w11eSPkoVce1GC5dOPmzcjp7PxhRT08Jun10G%2B6vMW1hASpHZjqKw8"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1800
Connection: keep-alive
CF-RAY: 7d3f7c349db7bbad-FRA

POST
H/1.1 200 481.json Show response
id5-sync.com/g/v2/ 241 B
649 B 134ms
41ms XHR
application/json 162.19.138.119
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/481.json

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/saas/3528

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.119 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533570.ip-162-19-138.eu

Software

Resource Hash

2b505b9bb344970bfb6458f5519cd2a408cfb72c1a345700164c837e17f2a79e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.picuki.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.picuki.com
date: Thu, 08 Jun 2023 07:40:10 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H2 200 json Show response
gum.criteo.com/sid/ 2 B
373 B 138ms
45ms XHR
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.picuki.com%2F&domain=www.picuki.com&cw=1&lsw=1

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/saas/3528

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.picuki.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 07:40:09 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.picuki.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 250358
expires: 0

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
582 B 43ms
41ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306050101/pubads_impl.js?cb=31075139

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 08 Jun 2023 07:40:10 GMT
x-content-type-options: nosniff
content-encoding: br
age: 30036
x-jsd-version: master
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 439
x-served-by: cache-fra-eddf8230100-FRA
x-jsd-version-type: branch
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 2 KB
2 KB 130ms
40ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306050101/pubads_impl.js?cb=31075139
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 3b89401fea631023de67ae75bf8f246b1af109a9a4247c3862016949eacc462b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:18:17 GMT
via: 1.1 google
age: 1313
x-guploader-uploadid: ADPycdvzGYOefO1cAfm-rLGusXqmSLmTBra8KbnfOgVrnL73rwVA471Ke3vm1KcQGDFIofBypGQ4gFahpkFfo3Bgxv5Ny8gSzy3Y
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1938
last-modified: Thu, 27 Apr 2023 19:53:17 GMT
server: UploadServer
etag: "0a4a90264145ed4c5c647dae5dfb0429"
x-goog-generation: 1682625197861193
x-goog-hash: crc32c=jhvysQ==, md5=CkqQJkFF7UxcZH2uXfsEKQ==
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 1938
accept-ranges: bytes
expires: Thu, 08 Jun 2023 08:18:17 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 38 KB
12 KB 135ms
43ms Script
text/javascript 65.9.66.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306050101/pubads_impl.js?cb=31075139
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-122.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 01:47:30 GMT
content-encoding: gzip
via: 1.1 1c5b98f7bd5001d6fe1040daa237afc6.cloudfront.net (CloudFront)
last-modified: Wed, 31 May 2023 20:34:33 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 21161
x-amz-server-side-encryption: AES256
etag: W/"550ead3a95bd6cfcd917d45c5f8f4553"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: NjrPsZtv_Dp-p3MyQMr39ugzh6AbjmfMkM2DmNQqCWBfKdhig_yWeA==

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 59 KB
17 KB 145ms
49ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306050101/pubads_impl.js?cb=31075139

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6df03d6bd1a8ca1ce49d6b92d5fd80d5c1358191040696703718ce2054b1b2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:10 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 06 Jun 2023 14:15:50 GMT
server: cloudflare
x-amz-request-id: J3QZX6YQAX15C78F
age: 3182
etag: W/"8c1740edd46834c66e82586d99a9e74c"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7d3f7c34cc722c22-FRA
x-amz-id-2: 4kh+Xf1fV0gNwwyVM6y5cxsRoeG2Q16gGM9x2hcbhVNZsdgPt5Die3sr7MJbU+IyGzW6HjQKfytp6ofO8c1ZNA==

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 2 KB
2 KB 141ms
40ms Script
text/javascript 2600:9000:223d:ce00:a:e047:753:be1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306050101/pubads_impl.js?cb=31075139
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:ce00:a:e047:753:be1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Thu, 08 Jun 2023 05:58:55 GMT
Via: 1.1 63f629236e2f93bf1af732a50e42e586.cloudfront.net (CloudFront)
Last-Modified: Thu, 04 May 2023 00:14:06 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-P3
Age: 6076
x-amz-server-side-encryption: AES256
ETag: "4d5acbf33f4a0592ac0515db92fe88e6"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1858
X-Amz-Cf-Id: 77d1mnMaSaWp1FBcafdPZWI-fn_hqWIzCiZWIiIrXoIsj_GHqt1Qwg==

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 147ms
41ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306050101/pubads_impl.js?cb=31075139
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 19 May 2023 15:00:55 GMT
content-encoding: gzip
age: 1701555
x-guploader-uploadid: ADPycdsuws19q6gut2HVw5Cbtoy2R9nMFWEkfsW4j28cg71BlAh_maBVLR9J0a9wek9aI3l80Gjw2adcfLZSJ2do6Qt7pQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Sat, 18 May 2024 15:00:55 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 188ms
92ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306050101/pubads_impl.js?cb=31075139

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

839c424b188a9bdafd46e5b643a2c5afb4b7df5e51f0321ffafd5f23b118e259

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:10 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 31 May 2023 13:09:50 GMT
server: nginx
etag: W/"6477471e-a980"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 09 Jun 2023 07:40:10 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
206 B 50ms
49ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=396024190&t=pageview&_s=1&dl=https%3A%2F%2Fwww.picuki.com%2Fprofile%2Frudy_israel&ul=en-us&de=UTF-8&dt=%40rudy_israel%20Instagram%20profile%20with%20posts%20and%20stories%20-%20Picuki.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1867844720&gjid=2048130590&cid=1356459163.1686210010&tid=UA-153071106-1&_gid=409458181.1686210010&_r=1&gtm=457e3650&jsscut=1&z=1027873911

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.picuki.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 07:40:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.picuki.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 facebook.svg
platform-cdn.sharethis.com/img/ 301 B
745 B 137ms
39ms Image
image/svg+xml 2600:9000:225b:e800:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/facebook.svg

Requested by

Host: www.picuki.com
URL: https://www.picuki.com/profile/rudy_israel

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225b:e800:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 22 May 2023 04:35:32 GMT
via: 1.1 0f14828b89630f6555c6372e13fc999a.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: MUC50-P1
age: 1479879
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 301
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
server: AmazonS3
etag: "c6e9be45643e197ce1db1d7e24a99adc"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2592000
accept-ranges: bytes
x-amz-cf-id: MFKpjvU0SmnVqKVga-7C6uk2kzQEdns9Ap8wym_4vQPeKgtg0nTNVQ==

GET
H2 200 twitter.svg
platform-cdn.sharethis.com/img/ 731 B
1 KB 111ms
43ms Image
image/svg+xml 2600:9000:225b:e800:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/twitter.svg

Requested by

Host: www.picuki.com
URL: https://www.picuki.com/profile/rudy_israel

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225b:e800:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7c93346d4f681a0be90d1dfc19346382a4700f1810f41caa54415688dee1777f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 26 May 2023 14:48:07 GMT
via: 1.1 0f14828b89630f6555c6372e13fc999a.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 2137699
x-amz-server-side-encryption: AES256
etag: "0af2fb38987598376c99e21af17ade45"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 731
x-amz-cf-id: My_4VRRIVoPMxDS8_txOD4MyVRfjBjI4lvOzF8s2cWkrPwEGCnMrVg==

GET
H2 200 whatsapp.svg
platform-cdn.sharethis.com/img/ 832 B
1 KB 73ms
42ms Image
image/svg+xml 2600:9000:225b:e800:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/whatsapp.svg

Requested by

Host: www.picuki.com
URL: https://www.picuki.com/profile/rudy_israel

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225b:e800:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

847eb36b4dc4b05f94052dcd98077319e74d882334a106bb9ca451ba211c9c2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 11:47:52 GMT
via: 1.1 0f14828b89630f6555c6372e13fc999a.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: MUC50-P1
age: 1544443
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 832
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
etag: "afe7fc60ed757db39a88d2950fce69c9"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2592000
accept-ranges: bytes
x-amz-cf-id: jJuyREYl1NQ0eKd_lt6Wfr1GrlE2zwWArqajYQx5RzBcDDjuMWsexQ==

GET
H2 200 pinterest.svg
platform-cdn.sharethis.com/img/ 771 B
1 KB 54ms
40ms Image
image/svg+xml 2600:9000:225b:e800:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/pinterest.svg

Requested by

Host: www.picuki.com
URL: https://www.picuki.com/profile/rudy_israel

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225b:e800:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

efc737b4f58cfe73a9bd0e57d7570365701381da31e628b269e7217a0ce3359d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 18 May 2023 18:45:24 GMT
via: 1.1 0f14828b89630f6555c6372e13fc999a.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 1923272
x-amz-server-side-encryption: AES256
etag: "2b10a062e719c64b686e2e8fcdc216dc"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 771
x-amz-cf-id: Aegh3DlhnMaB-P9V2S1khV_d5nIXtwLlUvkP7639jZVSUZ4RcCizIw==

GET
H2 200 messenger.svg
platform-cdn.sharethis.com/img/ 372 B
798 B 51ms
42ms Image
image/svg+xml 2600:9000:225b:e800:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/messenger.svg

Requested by

Host: www.picuki.com
URL: https://www.picuki.com/profile/rudy_israel

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225b:e800:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

2986551fd9e82929eabb8cba7c44f74a28d8496c744893432f067b320dff55da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 20 May 2023 10:59:02 GMT
via: 1.1 0f14828b89630f6555c6372e13fc999a.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 2000074
x-amz-server-side-encryption: AES256
etag: "a5aa43fa302867d3e888ac2f69b7b288"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 372
x-amz-cf-id: -KR38nX0y6UAztWaxROorxv61Re9OYqKDDPJYxBfW9U-SbxSF23CHQ==

GET
H2 200 telegram.svg
platform-cdn.sharethis.com/img/ 858 B
1 KB 44ms
41ms Image
image/svg+xml 2600:9000:225b:e800:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/telegram.svg

Requested by

Host: www.picuki.com
URL: https://www.picuki.com/profile/rudy_israel

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225b:e800:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

03e42b95e9049816d901eabbe2a2247deda61a85972e3a50e3c8274e6c5fe39b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:35:38 GMT
via: 1.1 0f14828b89630f6555c6372e13fc999a.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 12 Aug 2022 01:07:51 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 274
x-amz-server-side-encryption: AES256
etag: "e3f5e90fa57764cd951db1b1bc688edd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
accept-ranges: bytes
content-length: 858
x-amz-cf-id: jLrgyhzU6fLQf9-aMAtDMsj-BUv6QSNmJaemacgIL5UeT6Tr23jgZA==

GET
H2 200 email.svg
platform-cdn.sharethis.com/img/ 343 B
767 B 40ms
39ms Image
image/svg+xml 2600:9000:225b:e800:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/email.svg

Requested by

Host: www.picuki.com
URL: https://www.picuki.com/profile/rudy_israel

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225b:e800:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5f5012132c752db2433e17712d91ef8689f1bc95167b2720e23224c2ae62e009

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 19 May 2023 01:11:03 GMT
via: 1.1 0f14828b89630f6555c6372e13fc999a.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 1751347
x-amz-server-side-encryption: AES256
etag: "5977437466e857c7ddcadda6f6d88c2a"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 343
x-amz-cf-id: n6DzKmq2VwK6MWrge_6W9hD8oR5Z9_LI8OrAtnglNcGhpsughV4_5w==

GET
H2 200 arrow_left.svg
platform-cdn.sharethis.com/img/ 565 B
989 B 40ms
40ms Image
image/svg+xml 2600:9000:225b:e800:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/arrow_left.svg

Requested by

Host: www.picuki.com
URL: https://www.picuki.com/profile/rudy_israel

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225b:e800:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5c833b1818762f1e134fbb158447fb0b92f2b018b15aa36f2e2405213f830d38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 12 May 2023 05:56:38 GMT
via: 1.1 0f14828b89630f6555c6372e13fc999a.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 2339013
etag: "b55d8d2b9321e381a3c38a4bddb74037"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 565
x-amz-cf-id: fsbeGIbMcDiJdGso-eOGGlZAOYF14LT455Wrl6J0SgK7TkVMW7-deQ==

GET
H2 200 arrow_right.svg
platform-cdn.sharethis.com/img/ 565 B
990 B 70ms
69ms Image
image/svg+xml 2600:9000:225b:e800:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/arrow_right.svg

Requested by

Host: www.picuki.com
URL: https://www.picuki.com/profile/rudy_israel

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225b:e800:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

1bae747c7fd090f56608956a97c870391e1c43f89d24d5766129b75628985c1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 17 May 2023 23:45:36 GMT
via: 1.1 0f14828b89630f6555c6372e13fc999a.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 1842875
etag: "9928d025bd5792b718ee0a185f62e67c"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 565
x-amz-cf-id: SMG5dyChh9k1hIOEAfVmaRwGScm_pxYFro4-24SyxLrpkT9CK3hbkw==

POST
H2 200 7d3f7c27b8792c46 Show response
www.picuki.com/cdn-cgi/challenge-platform/h/b/cv/result/ Frame 3C0D 2 B
484 B 94ms
91ms XHR
text/plain 172.67.68.160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.picuki.com/cdn-cgi/challenge-platform/h/b/cv/result/7d3f7c27b8792c46
Requested by: Host: www.picuki.com
URL: https://www.picuki.com/cdn-cgi/challenge-platform/scripts/invisible.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.68.160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 08 Jun 2023 07:40:10 GMT
content-encoding: gzip
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d3f7c35bf6b2c46-FRA
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rf4DKKwZEJOuetHkkHDi0ZXnWpvNRwwHcfpzuauF8fWOqROeDS2WoWvL%2B1crhek3NibNkc%2BZpQVQqPWDHsk06Z3Xms731RF5P4V4RzLg465x671owQcKlwX9qvI%2By2PW"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 129ms
38ms Preflight 37.157.6.254
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.254 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.picuki.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.picuki.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Thu, 08 Jun 2023 07:40:10 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 200 cookie_sync Show response
prebid-stag.setupad.net/ 42 B
555 B 171ms
67ms XHR
application/json 172.67.68.162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-stag.setupad.net/cookie_sync
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.68.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57ce2b08ef8da65d0f5627d6e41c7725efd32d3e377dea3c91025a375ae93fdf

Request headers

Referer: https://www.picuki.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 07:40:10 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2DdZ28p9CVeSJP1hFghg0ayDqDbpujaAOqp%2FBEsa7LTrlVNN21%2BbzUYVH6XMuZ%2BESyMO9Lwrfk9ce0UjKPZ9JZohlQaCgaMfJ9bD3fcjL4eLP0ZhNMf7mHAWqhxRzxaR%2BqC%2FGMJL7pj1"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.picuki.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 7d3f7c368c013632-FRA
content-length: 42
expires: 0

POST
H2 200 auction Show response
prebid-stag.setupad.net/openrtb2/ 18 KB
5 KB 421ms
318ms XHR
application/json 172.67.68.162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-stag.setupad.net/openrtb2/auction
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.68.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56c93ac373b05dd1a575559cf73865d72fd66f34ecb25d05d223833932e03977

Request headers

Referer: https://www.picuki.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 07:40:10 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-prebid: pbs-go/0.234.0-3-gde6ed827
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dZvqCHU6lb0Lgd0IAIYBVeh3EpVzBTM5LeFjvbcxof1dq4gurxQRi5YJMIw3Lr149zCPRfp8mr01E6m%2F2oGxPIwGIL7gGUYszX2i1v06whqkp6TyAABdOQqQ%2BC39%2BTl7DmXuUDsZPsXr"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.picuki.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 7d3f7c368c063632-FRA
expires: 0

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
276 B 171ms
65ms XHR
text/plain 147.75.84.158
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.picuki.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.picuki.com
date: Thu, 08 Jun 2023 07:40:10 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 22
server: envoy
vary: origin, Accept-Encoding

POST
H2 200 prebid Show response
mp.4dex.io/ 118 B
1 KB 191ms
96ms XHR
application/json 2606:4700::6812:372
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a602a3ef446af77c84c0a2703ed232ae87b191a438b6f754691f05ea53640543

Request headers

Referer: https://www.picuki.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

x-version: 3.0.0-gcp-ams
date: Thu, 08 Jun 2023 07:40:10 GMT
x-err: Shapings: no adunits with size and seat and mapping
via: 1.1 google
cf-cache-status: DYNAMIC
content-encoding: gzip
x-warn: Process Floors. 13 inventory rules not found for mediatype: banner and adUnitCode: picuki.com_1200x300_1, Process Floors. 13 inventory rules not found for mediatype: banner and adUnitCode: picuki.com_1200x300_2, Process Floors. 13 inventory rules not found for mediatype: banner and adUnitCode: picuki.com_1200x300_3, Process Floors. 4 inventory rules not found for mediatype: banner and adUnitCode: stpd-tl0xd, Process Floors. 4 inventory rules not found for mediatype: banner and adUnitCode: picuki.com_728x90_anchor, Process Floors. 5 inventory rules not found for mediatype: banner and adUnitCode: stpd-66lem, Process Floors. 5 inventory rules not found for mediatype: banner and adUnitCode: stpd-312ath, Process Floors. 5 inventory rules not found for mediatype: banner and adUnitCode: picuki_com_336x600_sticky_sidebar_desktop_1, Process Seats Booster. unable to get the seat booster engine for organization: 1053
pragma: no-cache
server: cloudflare
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.picuki.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 7d3f7c367dab90dd-FRA
expires: 0

POST
H2 204 openrtb Show response
adx.adform.net/adx/ 0
532 B 192ms
112ms XHR
text/plain 37.157.6.254
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/saas/3528

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.254 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.picuki.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 07:40:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://www.picuki.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
116 B 246ms
149ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.picuki.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.picuki.com
date: Thu, 08 Jun 2023 07:40:09 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST mvo
tag.1rx.io/rmp/247379/0/ 0
0

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
177 B 136ms
46ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.picuki.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.picuki.com
date: Thu, 08 Jun 2023 07:40:10 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
193 B 178ms
66ms XHR
text/plain 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.6.0&cb=14803539203

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/saas/3528

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.picuki.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.picuki.com
date: Thu, 08 Jun 2023 07:40:10 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
158 B 185ms
75ms XHR
text/plain 3.73.198.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.73.198.78 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-73-198-78.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.picuki.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.picuki.com
date: Thu, 08 Jun 2023 07:40:10 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
157 B 186ms
76ms XHR
text/plain 3.73.198.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.73.198.78 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-73-198-78.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.picuki.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.picuki.com
date: Thu, 08 Jun 2023 07:40:10 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
157 B 192ms
82ms XHR
text/plain 3.73.198.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.73.198.78 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-73-198-78.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.picuki.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.picuki.com
date: Thu, 08 Jun 2023 07:40:10 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
157 B 191ms
81ms XHR
text/plain 3.73.198.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.73.198.78 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-73-198-78.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.picuki.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.picuki.com
date: Thu, 08 Jun 2023 07:40:10 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
157 B 225ms
115ms XHR
text/plain 3.73.198.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.73.198.78 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-73-198-78.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.picuki.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.picuki.com
date: Thu, 08 Jun 2023 07:40:10 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
157 B 192ms
83ms XHR
text/plain 3.73.198.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.73.198.78 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-73-198-78.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.picuki.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.picuki.com
date: Thu, 08 Jun 2023 07:40:10 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
157 B 192ms
83ms XHR
text/plain 3.73.198.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.73.198.78 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-73-198-78.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.picuki.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.picuki.com
date: Thu, 08 Jun 2023 07:40:10 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
157 B 191ms
82ms XHR
text/plain 3.73.198.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.73.198.78 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-73-198-78.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.picuki.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.picuki.com
date: Thu, 08 Jun 2023 07:40:10 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 952 B
1 KB 314ms
226ms XHR
application/json 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/saas/3528

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

52075c311641f54fee9e155b218f6cc30fc5aeb88d875f3238a6bce71d081584

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.picuki.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 08 Jun 2023 07:40:10 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 12a2a815-0533-41ae-81a4-c548de0de8fd
Server: nginx/1.23.4
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.picuki.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK auction Show response
rtb.adxpremium.services/openrtb2/ 2 KB
2 KB 198ms
94ms XHR
application/json 185.106.140.18
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.adxpremium.services/openrtb2/auction
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.106.140.18 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 375d70bfc36dfb08360c5b1efc7c09ed21884ff9da1c16416f6c9956abcd21bd

Request headers

Referer: https://www.picuki.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 08 Jun 2023 07:40:10 GMT
Server: nginx
X-Prebid: pbs-go/unknown
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://www.picuki.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1983
Expires: 0

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
362 B 148ms
45ms XHR
application/json 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/saas/3528

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.picuki.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://www.picuki.com
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 200 auction Show response
tlx.3lift.com/header/ 67 KB
11 KB 425ms
337ms XHR
application/json 18.156.109.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=6.6.0&referrer=https%3A%2F%2Fwww.picuki.com%2Fprofile%2Frudy_israel&tmax=2000

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/saas/3528

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.156.109.169 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-109-169.eu-central-1.compute.amazonaws.com

Software

Resource Hash

72b15bb793edabe71c15064ea60c9bba066eb74935487b784f29d69ad6638be4

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.picuki.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 07:40:10 GMT
content-encoding: gzip
accept-ch: sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.picuki.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 10236
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
557 B 243ms
126ms XHR
application/json 5.196.111.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.196.111.65 Le Grau-du-Roi, France, ASN16276 (OVH, FR),
Reverse DNS: ip65.ip-5-196-111.eu
Software: /
Resource Hash: 8b9b81833890ca4d17a848f43d9e0a2f9901c114841bfda055c7b0855c8ba861

Request headers

Referer: https://www.picuki.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 07:40:10 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.picuki.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
557 B 254ms
138ms XHR
application/json 5.196.111.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.196.111.65 Le Grau-du-Roi, France, ASN16276 (OVH, FR),
Reverse DNS: ip65.ip-5-196-111.eu
Software: /
Resource Hash: 8b9b81833890ca4d17a848f43d9e0a2f9901c114841bfda055c7b0855c8ba861

Request headers

Referer: https://www.picuki.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 07:40:10 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.picuki.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
557 B 244ms
128ms XHR
application/json 5.196.111.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.196.111.65 Le Grau-du-Roi, France, ASN16276 (OVH, FR),
Reverse DNS: ip65.ip-5-196-111.eu
Software: /
Resource Hash: 8b9b81833890ca4d17a848f43d9e0a2f9901c114841bfda055c7b0855c8ba861

Request headers

Referer: https://www.picuki.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 07:40:10 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.picuki.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
557 B 294ms
179ms XHR
application/json 5.196.111.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.196.111.65 Le Grau-du-Roi, France, ASN16276 (OVH, FR),
Reverse DNS: ip65.ip-5-196-111.eu
Software: /
Resource Hash: 8b9b81833890ca4d17a848f43d9e0a2f9901c114841bfda055c7b0855c8ba861

Request headers

Referer: https://www.picuki.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 07:40:10 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.picuki.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
562 B 275ms
159ms XHR
application/json 5.196.111.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.196.111.65 Le Grau-du-Roi, France, ASN16276 (OVH, FR),
Reverse DNS: ip65.ip-5-196-111.eu
Software: /
Resource Hash: 8b9b81833890ca4d17a848f43d9e0a2f9901c114841bfda055c7b0855c8ba861

Request headers

Referer: https://www.picuki.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 07:40:10 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.picuki.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
557 B 268ms
153ms XHR
application/json 5.196.111.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.196.111.65 Le Grau-du-Roi, France, ASN16276 (OVH, FR),
Reverse DNS: ip65.ip-5-196-111.eu
Software: /
Resource Hash: 8b9b81833890ca4d17a848f43d9e0a2f9901c114841bfda055c7b0855c8ba861

Request headers

Referer: https://www.picuki.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 07:40:10 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.picuki.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
557 B 398ms
155ms XHR
application/json 5.196.111.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.196.111.65 Le Grau-du-Roi, France, ASN16276 (OVH, FR),
Reverse DNS: ip65.ip-5-196-111.eu
Software: /
Resource Hash: 8b9b81833890ca4d17a848f43d9e0a2f9901c114841bfda055c7b0855c8ba861

Request headers

Referer: https://www.picuki.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 07:40:10 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.picuki.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
562 B 387ms
144ms XHR
application/json 5.196.111.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.196.111.65 Le Grau-du-Roi, France, ASN16276 (OVH, FR),
Reverse DNS: ip65.ip-5-196-111.eu
Software: /
Resource Hash: 8b9b81833890ca4d17a848f43d9e0a2f9901c114841bfda055c7b0855c8ba861

Request headers

Referer: https://www.picuki.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 07:40:10 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.picuki.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame DF9C 53 KB
30 KB 80ms
73ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdcFkUaAAAAAHxmRBOJruwwR6lt9AfAQOWSgZMk&co=aHR0cHM6Ly93d3cucGljdWtpLmNvbTo0NDM.&hl=de&v=sNQO7xVld1CuA2hfFHvkpVL-&size=normal&cb=93nbcugn4g2q

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b4ffb2d8aea23208a28fcbf536efad1f0553619e3dadab7f3d68213a52aa57db

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-cjujPtLR1diOCONotFyW1A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.picuki.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 29955
content-security-policy: script-src 'report-sample' 'nonce-cjujPtLR1diOCONotFyW1A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 08 Jun 2023 07:40:10 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 0exhNuNYnjBcaS3SYdxKjf8K2fRyWg9SZ60STLepjSVmIR1vLHOapZA0mpCj4yRwKwVlASuRYzxl5okpU1tRCT18O0LXT7aPSDhQ7amcXe3N0Txh8ZBinLY1LnMaZ3au8cokUwmYdSgIGaYDG7uo+qhT5aGuO1lQpzaEW+oR9z5G7NCnV6xhz580r66AgRioucoyI...
cdn1.picuki.com/hosted-by-instagram/q/ 65 KB
66 KB 776ms
776ms Image
image/jpeg 172.67.68.160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.picuki.com/hosted-by-instagram/q/0exhNuNYnjBcaS3SYdxKjf8K2fRyWg9SZ60STLepjSVmIR1vLHOapZA0mpCj4yRwKwVlASuRYzxl5okpU1tRCT18O0LXT7aPSDhQ7amcXe3N0Txh8ZBinLY1LnMaZ3au8cokUwmYdSgIGaYDG7uo+qhT5aGuO1lQpzaEW+oR9z5G7NCnV6xhz580r66AgRioucoyIDND%7C%7CHg1JU46o9CUqTUHGsv+MfF3pLUqF+dUzPgL6NDhkyblCGYvdjZ%7C%7CNii2g4zgp7ZS3TbdZXM9%7C%7C2z6Zoc2Hxs5sHealjcQ9I8titj1edgr0PkHsqHURGM4VGly+jl0tYySoyiZRnquyG1I+jH+2JamXdoHvLvBYKC5EIjNgnONbbLcQ%7C%7CYZG3UHXayGbH7aA+S7IeRsht5sPsgXxHG+yCe0bpjT5hRIKGdB0TaAFJFWW%7C%7C6UlvyxyGDfsirIrwJmxpjjKOJ5mg8bzcuO1hVyfSHEVpoYbWM=.jpeg
Requested by: Host: www.picuki.com
URL: https://www.picuki.com/profile/rudy_israel
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.68.160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06a2ce7c795b000d1b600bb19c547e16e80f58fc76e8c8b6311d00a8479202a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:11 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-digest: adler32=1510904189
content-disposition: inline; filename="352222612_677862747434492_2975738913652016987_n.jpg";
content-length: 66859
last-modified: Thu, 08 Jun 2023 07:40:11 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8URyjz9ZHpw%2F8V%2FpHc1hYyuIvySLvnOvC1AYQ%2BNYV3iwTbHHhMeoL%2FG6pcDGTLB2uuuiRUjSIJKrWSZ0HsW81cIgUmnRthW9T9HLQCx4j6DnLQfCUA4tMPpbsDNfvmhqTw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7d3f7c36c8962c46-FRA

GET
H2 200 0exhNuNYnjBcaS3SYdxKjf8K2fRyWg9SZ60STLepjSVmIR1vLHOapZA0mpCj4yRwKwVlASuRYzxl5ootV19QAz19OETYTbCJRThd6K2aUu3N1TBi8ZdilLc3LHIcY3Ws%7C%7C8AoVgmYdSgIGaYDG7uo+qhT5aGuO1lQpzaEW+oR9z5G7NCnV6xhz580r66AgRio...
cdn1.picuki.com/hosted-by-instagram/q/ 61 KB
62 KB 721ms
720ms Image
image/jpeg 172.67.68.160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.picuki.com/hosted-by-instagram/q/0exhNuNYnjBcaS3SYdxKjf8K2fRyWg9SZ60STLepjSVmIR1vLHOapZA0mpCj4yRwKwVlASuRYzxl5ootV19QAz19OETYTbCJRThd6K2aUu3N1TBi8ZdilLc3LHIcY3Ws%7C%7C8AoVgmYdSgIGaYDG7uo+qhT5aGuO1lQpzaEW+oR9z5G7NCnV6xhz580r66AgRioucoyIDND%7C%7CHg1JU46o9CUqTUHGsv+MfF3pLUqF+dazPgL6NDhkyblJVcvQk1GFAO9rrLgp7cxpnPqV3M9%7C%7C2z6Zoc2Hxs5sHealjcQ9I8titj1edgr0PkHsqHURGM4VGly+jl0tY2QswLVRnqEj21I5jH95oqoX9oL8rjRYKC5EIjNgnONbbLcQ%7C%7CYZG3UHXayGbH7aA+2gJeFK26VmNNpD2nbm5TWQfLil3TtWMGNJohapOZ9nF%7C%7CaX1YGhyHD7hxzIrwJmxpjjKOB%7C%7Cnn0bzcuO1hVyfSHEVpoYbWM=.jpeg
Requested by: Host: www.picuki.com
URL: https://www.picuki.com/profile/rudy_israel
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.68.160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e1f39c711346d9be1bddfe27ee605314b1d366577e565cd11d19c11e9aa753e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:11 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-digest: adler32=3724346561
content-disposition: inline; filename="352166208_741744197960262_6545030831736338342_n.jpg";
content-length: 62907
last-modified: Thu, 08 Jun 2023 07:40:11 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Ke%2BMppZVzbYqCPEa8SpQkxwzEZS%2BaLq8a98bj%2FgR4Rr9pwxItFK0UMeCvnMF0YdSdnimjAWHV3D4TaV7U5OSde0Doj%2BCqmZWGUDtGRIp3QDsC6pPEhNbc3JAhzy%2B1Ebgw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7d3f7c36c8972c46-FRA

GET
H2 200 0exhNuNYnjBcaS3SYdxKjf8K2fRyWg9SZ60STLepjSVmIR1vLHOapZA0mpCj4yRwKwVlASuRYzxl5o8vVFxZCz14OkzXSLCIRDpS7qyRVujN2jRj%7C%7CJVonL4xLXIcbXKo98YtVgmYdSgIGaYDG7uo+qhT5aGuO1lQpzaEW+oR9z5G7NCnV6xhz580r66AgRio...
cdn1.picuki.com/hosted-by-instagram/q/ 87 KB
87 KB 832ms
831ms Image
image/jpeg 172.67.68.160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.picuki.com/hosted-by-instagram/q/0exhNuNYnjBcaS3SYdxKjf8K2fRyWg9SZ60STLepjSVmIR1vLHOapZA0mpCj4yRwKwVlASuRYzxl5o8vVFxZCz14OkzXSLCIRDpS7qyRVujN2jRj%7C%7CJVonL4xLXIcbXKo98YtVgmYdSgIGaYDG7uo+qhT5aGuO1lQpzaEW+oR9z5G7NCnV6xhz580r66AgRioucoyIDND%7C%7CHg1JU46o9CUqTUHGsv+MfF3pLUqF+ZdzPgL6NDhkyblG10ZXTtTACLJ7aLgp7Y80g7hXXM9%7C%7C2z6Zoc2Hxs5sHealjcQ9I8titj1edgr0PkHsqHURGM4VGly+jl0tY2QswLXR0SAxW525nn95pKmXcoL9rjBYKC5EIjNgnONbbLcQ%7C%7CYZG3UHXayGbH7aAv6gPd9suo5bRccX5U2%7C%7C+CKeJ5%7C%7CF0ixFHixQp3mZGYEiUOmb6IuG2kjXhxzIrwJmxpjjKZZ+nwsbzcuO1hVyfSHEVpoYbWM=.jpeg
Requested by: Host: www.picuki.com
URL: https://www.picuki.com/profile/rudy_israel
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.68.160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60660fac989086e0e444b0059abf5ac5e04a4237771bc4ef49b6664c4b1835be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:11 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-digest: adler32=2875022767
content-disposition: inline; filename="352445190_269814085601927_9158298150738470512_n.jpg";
content-length: 88696
last-modified: Thu, 08 Jun 2023 07:40:11 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u0lA4Jim4FU1S8Ag%2B3iq5DYNiKSFkwo9EVXepMHUIllT60mYtYZH342%2FJ5sIRWTQJw1A%2BUYqW8SQ8mfE6LZBnHQMfcAlEhgOkQjt2eNbTLddtQjpr5OszPsg231hNUisYA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7d3f7c36c8982c46-FRA

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/ 74 KB
23 KB 131ms
48ms Fetch
application/javascript 2606:4700:20::681a:9a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28eac36479c83ab5c1d7881ae078eff90ba02be1ac4f082b75505830e323b0be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Thu, 08 Jun 2023 07:40:10 GMT
Content-Encoding: br
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 152145
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 06 Jun 2023 12:52:54 GMT
Server: cloudflare
ETag: W/"845b176368f98c92daf7aa531dcbc491"
Vary: Origin, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HOlvECGz90S8m942QcQKCC%2Fc%2FNMti7S7Q0qa0Ln1T9VaIwiY4bGPNkdN%2BpDIQMWUKCd%2B4ZBkQp4X1ojNDdZO2wS284V7p40hUFEFdw54xKMa9xop0ghPIrSGx3LaLx1OdeTl0Aytk6%2FUhlxC"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers
Cache-Control: public, max-age=1800
CF-RAY: 7d3f7c378ef91e32-FRA

POST
H2 200 encrypt Show response
esp.rtbhouse.com/ 241 B
334 B 57ms
56ms Fetch
application/json 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Requested by: Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 7032bb2a43b0bcba971bb00932c4917c360f369ddc26534cddf41172ac39a896

Request headers

Referer: https://www.picuki.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 08 Jun 2023 07:40:10 GMT
via: 1.1 google, 1.1 google
server: Google Frontend
content-type: application/json
access-control-allow-origin: *
x-cloud-trace-context: 74a7c252e86ec0a42041c56afc9a8358
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 241

OPTIONS
H2 200 encrypt
esp.rtbhouse.com/ Frame 0
0 148ms
54ms Preflight
text/plain 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.picuki.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST, GET
access-control-allow-origin: https://www.picuki.com
access-control-max-age: 600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
content-type: text/plain; charset=utf-8
date: Thu, 08 Jun 2023 07:40:10 GMT
server: Google Frontend
vary: Origin
via: 1.1 google, 1.1 google
x-cloud-trace-context: 9dc190581f455cdc26f3f57b8f2f0658

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.picuki.com%2Fprofile%2Frudy_israel&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.picuki.com%2Fprofile%2Frudy_israel&rid=esp&cc=1

85 B
204 B

150ms
150ms

Fetch
application/json

34.120.135.53
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.picuki.com%2Fprofile%2Frudy_israel&rid=esp&cc=1
Requested by: Host: www.picuki.com
URL: https://www.picuki.com/profile/rudy_israel
Protocol: H2
Server: 34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 53.135.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 1571f74757712a610aa10ccabb6ef6cace5c9bcea340073fc946b469b05a8970

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:11 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-G+SplFrkWdPked+IGCRpjulL0Ys"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.picuki.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Thu, 08 Jun 2023 07:40:10 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://www.picuki.com
location: /esp?url=https%3A%2F%2Fwww.picuki.com%2Fprofile%2Frudy_israel&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
323 B 122ms
41ms XHR
text/plain 162.19.138.119
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.119 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533570.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.picuki.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.picuki.com
date: Thu, 08 Jun 2023 07:40:10 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2 200 b-e09f10f-032e20a2.js Show response
tagan.adlightning.com/setupad/ 94 KB
35 KB 48ms
46ms Script
application/javascript 18.66.147.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/setupad/b-e09f10f-032e20a2.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-119.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2e094b10a38f4a8bd2e1b7b98e0e4e3e9c8a7202c0ccd111f3d0e4ad20b7fa53

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 22 May 2023 17:35:44 GMT
content-encoding: gzip
via: 1.1 02cd8164e89a1598d410a9198582d47c.cloudfront.net (CloudFront)
x-amz-version-id: qVnETAV3utAEI0b7L.XBq7DES93QxBcw
x-amz-cf-pop: FRA60-P4
age: 1433067
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 35195
x-amz-meta-git_commit: e09f10f
last-modified: Mon, 22 May 2023 17:35:29 GMT
server: AmazonS3
etag: "479be8489e461d39dc7bde96878c138e"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: PCxesOVncXHP4nJMRf3Fbd08xv2mQU8duaKWkWQAIhH0KCuUvNSCEw==

GET
H2 200 bl-84d30c2-792a0745.js Show response
tagan.adlightning.com/setupad/ 43 KB
18 KB 61ms
59ms Script
application/javascript 18.66.147.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/setupad/bl-84d30c2-792a0745.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-119.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a2313a8caff0f28e51483dcc3ebbedb852aba3a8fc315e3e23715376302c4530

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 11:29:02 GMT
content-encoding: gzip
via: 1.1 02cd8164e89a1598d410a9198582d47c.cloudfront.net (CloudFront)
x-amz-version-id: K2zJyRPFjtfId_hW7wVACAE0BpWnqnKL
x-amz-cf-pop: FRA60-P4
age: 72669
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 18128
x-amz-meta-git_commit: 84d30c2
last-modified: Wed, 07 Jun 2023 11:25:59 GMT
server: AmazonS3
etag: "9fd005931afe09a7612bb6a8e6c51e76"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: HaQqpmHNP6rlpq6cm7M5FezF9vwgT7BN7vGiEqtj3hPnxsQkes1xtg==

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 2FB9 15 KB
6 KB 51ms
50ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.picuki.com

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.picuki.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 08 Jun 2023 07:40:10 GMT
server: Kestrel
server-processing-duration-in-ticks: 478476
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 6411f46224c2d3003df487a6 Show response
cdn.pubfuture-ad.com/v2/config/ 530 B
680 B 419ms
417ms Fetch
application/json 2606:4700:20::ac43:4615
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.pubfuture-ad.com/v2/config/6411f46224c2d3003df487a6?v=6&d=ZGVza3RvcF93aW5kb3dz&ip=MmEwMTo0YTA6MTMzODo5Mjo6NA==&c=&cc=REU=&s=cGljdWtpLmNvbS9wcm9maWxlL3J1ZHlfaXNyYWVs

Requested by

Host: cdn.pubfuture-ad.com
URL: https://cdn.pubfuture-ad.com/v2/unit/pt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d9710137633935670cbc61edffeb037b58991b5ce4004bb6e8376d9ee104bbac

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:11 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control: off
content-encoding: br
x-xss-protection: 0
referrer-policy: no-referrer
server: cloudflare
etag: W/"212-EZELpm9G6FKvTwX2wP66z4rgNp0"
x-download-options: noopen
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WGAoSCctXhO55tc2mmwukTHJxYGC5mH%2F4%2Fdd0BJSBDEWKkHNoHHhkyxVXOZihh5puGtVjdeBkNKzL39bhDR%2FhsQqFclZ9X9UqOgQayVpGMyHFRAw09x4V9s1wLMZJY7xC%2BcDA6dRHbwuDXcJHAv8WoCZ"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 7d3f7c37a9046903-FRA

GET
H2 200 6409e0c8e452af002775281c Show response
cdn.pubfuture-ad.com/v2/config/ 501 B
697 B 398ms
397ms Fetch
application/json 2606:4700:20::ac43:4615
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.pubfuture-ad.com/v2/config/6409e0c8e452af002775281c?v=6&d=ZGVza3RvcF93aW5kb3dz&ip=MmEwMTo0YTA6MTMzODo5Mjo6NA==&c=&cc=REU=&s=cGljdWtpLmNvbS9wcm9maWxlL3J1ZHlfaXNyYWVs

Requested by

Host: cdn.pubfuture-ad.com
URL: https://cdn.pubfuture-ad.com/v2/unit/pt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46f24fd8734ee6889d1350251cb339eb30ec571740d156410f36b8134d0f9c8d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:11 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control: off
content-encoding: br
x-xss-protection: 0
referrer-policy: no-referrer
server: cloudflare
etag: W/"1f5-Khq1pT9rYAN1qHHhKhyVER9wxV0"
x-download-options: noopen
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YRYtZFib0%2FXtB8viuW%2BO8jFgmxiYaRa%2F20L2BsHjGfWvpNe3Zdso8ULLTtE7aKDSsY6qtBBzllp28YM1Mm715KBw6XbBGKh0SSE94L25Yuc1UyNt1pcpJRMenZy2Pkcr%2BmUvvELG28NUVQ%2BPmobMbjNV"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 7d3f7c37a9056903-FRA

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
335 B 173ms
55ms XHR
application/json 54.217.89.185
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.217.89.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-217-89-185.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 8353d483c0ce87da93fb48b63641219255974263cd8c35bf97dc555d222212a1

Request headers

Referer: https://www.picuki.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 07:40:10 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.picuki.com
cache-control: no-cache
x-server: 10.45.27.251
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/ Frame DF9C 55 KB
24 KB 120ms
40ms Stylesheet
text/css 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdcFkUaAAAAAHxmRBOJruwwR6lt9AfAQOWSgZMk&co=aHR0cHM6Ly93d3cucGljdWtpLmNvbTo0NDM.&hl=de&v=sNQO7xVld1CuA2hfFHvkpVL-&size=normal&cb=93nbcugn4g2q

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 21:14:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37570
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Tue, 30 May 2023 00:01:16 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 06 Jun 2024 21:14:00 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/ Frame DF9C 410 KB
164 KB 119ms
40ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73fcbeac0f15bb0d757c476b3f620154ac6ba5152ea55cc4c89e43cd9db55c46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 19:28:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43919
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 167800
x-xss-protection: 0
last-modified: Tue, 30 May 2023 00:01:16 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 06 Jun 2024 19:28:11 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 2FB9
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=picuki.com&sn=ChromeSyncframe&so=0&topUrl=www.picuki.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=KpB4UHx4SjlTcTZUVnFCQTVNeGpJRW1TNGZOVXdFWEU1NmRUMCtEcTBwTmpnYWg0cWVSSUVsS3ZKYXlhbHZhWjIyUEFud3FWUEJQQXVSc1d3Vnh1dXhpMm9jS3o2amxlRGdLL0RlbXRsc0lvNEFDOFlXZHprV0IzQ2dwUD...

435 B
651 B

177ms
44ms

Fetch
application/json

178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=KpB4UHx4SjlTcTZUVnFCQTVNeGpJRW1TNGZOVXdFWEU1NmRUMCtEcTBwTmpnYWg0cWVSSUVsS3ZKYXlhbHZhWjIyUEFud3FWUEJQQXVSc1d3Vnh1dXhpMm9jS3o2amxlRGdLL0RlbXRsc0lvNEFDOFlXZHprV0IzQ2dwUDAxWEREZnRYL0RrbjI2Z21KN0Z2ZXFHMVJnYzRzVzdqc2RUa2NXNm1JMjg5Q1d1UzMxalNxOFNSSVUxWHZ0Z2M4b0JZKysyUTg4UVd4Yzd2eEFObGVVL0VLb1NONjkrd0NXd3B5V3ZoQ2VvVS9LQ1VrbzlTcUlNRGJTcDFVSXlLWEQxQ21wUEl1Nko4Zk9Rd3NlbW5iRWVwL3hZY2pIZz09fA&cppv=2

Requested by

Host: www.picuki.com
URL: https://www.picuki.com/profile/rudy_israel

Protocol

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

65abde757ae4c3d5a81be9711da96807096dafff92268e5998b808786bef85ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 07:40:11 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1575732
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 08 Jun 2023 07:40:10 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=KpB4UHx4SjlTcTZUVnFCQTVNeGpJRW1TNGZOVXdFWEU1NmRUMCtEcTBwTmpnYWg0cWVSSUVsS3ZKYXlhbHZhWjIyUEFud3FWUEJQQXVSc1d3Vnh1dXhpMm9jS3o2amxlRGdLL0RlbXRsc0lvNEFDOFlXZHprV0IzQ2dwUDAxWEREZnRYL0RrbjI2Z21KN0Z2ZXFHMVJnYzRzVzdqc2RUa2NXNm1JMjg5Q1d1UzMxalNxOFNSSVUxWHZ0Z2M4b0JZKysyUTg4UVd4Yzd2eEFObGVVL0VLb1NONjkrd0NXd3B5V3ZoQ2VvVS9LQ1VrbzlTcUlNRGJTcDFVSXlLWEQxQ21wUEl1Nko4Zk9Rd3NlbW5iRWVwL3hZY2pIZz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 275057
content-length: 0
expires: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 140ms
52ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.picuki.com

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 81 KB
14 KB 123ms
123ms XHR
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1130041999921449&correlator=1022872550806460&eid=31073866%2C31075065%2C31075139&output=ldjh&gdfp_req=1&vrg=202306050101&ptt=17&impl=fifs&iu_parts=22763003210%2Cpicuki.com_1200x300_desktop_1%2Cpicuki.com_728x90_anchor_desktop_3%2Cpicuki.com_336x600_sticky_sidebar_desktop_1%2Cpicuki.com_300x250_desktop_2%2Cpicuki.com_336x600_mobile_2&enc_prev_ius=%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F5&prev_iu_szs=970x250%7C728x90%7C970x90%7C1300x300%7C980x300%7C1200x200%7C1100x200%7C1000x200%7C1000x250%7C970x300%7C980x240%7C980x120%7C970x200%7C970x120%7C728x100%7C728x250%2C970x250%7C728x90%7C970x90%7C1300x300%7C980x300%7C1200x200%7C1100x200%7C1000x200%7C1000x250%7C970x300%7C980x240%7C980x120%7C970x200%7C970x120%7C728x100%7C728x250%2C970x250%7C728x90%7C970x90%7C1300x300%7C980x300%7C1200x200%7C1100x200%7C1000x200%7C1000x250%7C970x300%7C980x240%7C980x120%7C970x200%7C970x120%7C728x100%7C728x250%2C1000x100%7C970x90%7C728x90%7C970x50%7C960x90%7C950x90%2C300x600%7C336x600%7C160x600%7C300x250%7C336x336%7C336x320%7C320x320%7C300x300%7C336x280%7C320x250%7C320x336%2C300x250%7C336x336%7C336x320%7C320x320%7C300x300%7C336x280%7C320x250%7C320x336%2C300x600%7C336x600%7C160x600%7C300x250%7C336x336%7C336x320%7C320x320%7C300x300%7C336x280%7C320x250%7C320x336%2C300x600%7C336x600%7C160x600%7C300x250%7C336x336%7C336x320%7C320x320%7C300x300%7C336x280%7C320x250%7C320x336&ifi=1&adks=2785966052%2C2785966053%2C2785966054%2C29426976%2C2359949449%2C1920608300%2C1889301006%2C2303459336&didk=3162251899~3162251896~3162251897~975260230~1062014315~3215227030~2560763912~491247485&sfv=1-0-40&prev_scp=hb_format%3Dbanner%26hb_adid%3D168271a8af0c1c71%26hb_size%3D970x250%26hb_pb%3D0.11%26hb_bidder%3DtripleliftS2S%7Chb_format%3Dbanner%26hb_adid%3D1668947c6be923ce%26hb_size%3D970x250%26hb_pb%3D0.07%26hb_bidder%3DtripleliftS2S%7Chb_format%3Dbanner%26hb_adid%3D167d63d804b9e253%26hb_size%3D970x250%26hb_pb%3D0.04%26hb_bidder%3DtripleliftS2S%7Chb_format%3Dbanner%26hb_adid%3D171c947208313a7%26hb_size%3D970x90%26hb_pb%3D0.00%26hb_bidder%3Dtriplelift%7C%7C%7C%7C&eri=1&cust_params=origin%3Ddirect%26ECT%3D4g%26hb_rf%3D0&sc=1&cookie_enabled=1&abxe=1&dt=1686210011016&lmt=1686210011&dlt=1686210009306&idt=910&adxs=200%2C-9%2C-9%2C300%2C-9%2C-12245933%2C613%2C997&adys=72%2C-9%2C-9%2C1110%2C-9%2C-12245933%2C729%2C1773&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C-1%7C-1%7C0%7C-1%7C-1%7C0%7C1&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.picuki.com%2Fprofile%2Frudy_israel&frm=20&vis=1&psz=1200x0%7C0x-1%7C0x-1%7C1600x-1%7C0x-1%7C1200x0%7C374x-1%7C374x-1&msz=1200x0%7C0x-1%7C0x-1%7C1000x-1%7C0x-1%7C0x0%7C374x-1%7C374x-1&fws=4%2C2%2C2%2C512%2C2%2C132%2C0%2C0&ohw=1200%2C0%2C0%2C0%2C0%2C1200%2C0%2C0&ga_vid=1356459163.1686210010&ga_sid=1686210011&ga_hid=396024190&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYi7nLz4kxSABSAghkEhkKCnB1YmNpZC5vcmcYw7zLz4kxSABSAghqEhcKCHJ0YmhvdXNlGIu5y8-JMUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRiLucvPiTFIAFICCGQSGQoKdWlkYXBpLmNvbRiLucvPiTFIAFICCGQSFAoFb3BlbngYi7nLz4kxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjVvcvPiTFIAFICCGo.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306050101/pubads_impl.js?cb=31075139

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

657dcdddbdb31f6168f63dd60ccab9ce87e5c687342e5431fc8d9a0e819c0519

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:11 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14527
x-xss-protection: 0
google-lineitem-id: 6181562825,6181562819,6180957994,-2,-2,-2,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138417123676,138417123919,138417123898,-2,-2,-2,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.picuki.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
b24aa2873adffce44e55e180d9ae3331.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 389E 6 KB
3 KB 183ms
50ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b24aa2873adffce44e55e180d9ae3331.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306050101/pubads_impl.js?cb=31075139

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.picuki.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 08 Jun 2023 07:40:11 GMT
expires: Fri, 07 Jun 2024 07:40:11 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 b-e09f10f-032e20a2.js Show response
tagan.adlightning.com/setupad/ Frame C3DF 94 KB
35 KB 44ms
44ms Script
application/javascript 18.66.147.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/setupad/b-e09f10f-032e20a2.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-119.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2e094b10a38f4a8bd2e1b7b98e0e4e3e9c8a7202c0ccd111f3d0e4ad20b7fa53

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 22 May 2023 17:35:44 GMT
content-encoding: gzip
via: 1.1 02cd8164e89a1598d410a9198582d47c.cloudfront.net (CloudFront)
x-amz-version-id: qVnETAV3utAEI0b7L.XBq7DES93QxBcw
x-amz-cf-pop: FRA60-P4
age: 1433068
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 35195
x-amz-meta-git_commit: e09f10f
last-modified: Mon, 22 May 2023 17:35:29 GMT
server: AmazonS3
etag: "479be8489e461d39dc7bde96878c138e"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: eYJBosXrcd2-GE5rBgfDqU_xBa7E6rpw5z8P8dKjSG6aBNIGAuwCUg==

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C3DF 175 KB
55 KB 141ms
51ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d262b04633fbcfb934184c79a2d1786fa24576ad6f7ccc40c5ba0aa540de9d54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55943
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1686137816735621"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Jun 2023 07:40:11 GMT

POST
H2 200 node.php Show response
node.setupad.com/node/ 0
209 B 148ms
40ms XHR
text/html 159.89.25.223
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://node.setupad.com/node/node.php
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.picuki.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Thu, 08 Jun 2023 07:40:11 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET, POST
content-type: text/html; charset=UTF-8

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame DF9C 102 B
134 B 95ms
94ms Other
text/javascript 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=sNQO7xVld1CuA2hfFHvkpVL-

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1daa7d28de3f07e56e24af825644bef76478ce3c720de872e4e1dd5b386107c6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdcFkUaAAAAAHxmRBOJruwwR6lt9AfAQOWSgZMk&co=aHR0cHM6Ly93d3cucGljdWtpLmNvbTo0NDM.&hl=de&v=sNQO7xVld1CuA2hfFHvkpVL-&size=normal&cb=93nbcugn4g2q
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
x-xss-protection: 1; mode=block
expires: Thu, 08 Jun 2023 07:40:11 GMT

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame 3FF6 0
176 B 144ms
50ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.picuki.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Thu, 08 Jun 2023 07:40:11 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H/1.1 200
OK headerbid.js Show response
served-by.pixfuture.com/www/delivery/ 3 KB
3 KB 349ms
112ms Script
text/javascript 161.35.253.218
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://served-by.pixfuture.com/www/delivery/headerbid.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 161.35.253.218 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: b1bbcbe855eb69dbca752b0ccfdbf8d9015f37906a46763ac3aa8e54279de3c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:11 GMT
last-modified: Wed, 07 Jun 2023 14:19:33 GMT
accept-ranges: bytes
content-length: 3009
content-type: text/javascript; charset=utf-8

GET
H2 200 favicon.ico
s3.pubfuture.com/ 21 KB
21 KB 139ms
52ms Image
image/x-icon 2606:4700:20::681a:e7e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.pubfuture.com/favicon.ico
Requested by: Host: www.picuki.com
URL: https://www.picuki.com/profile/rudy_israel
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e7e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e649b7248c6654b2f9b8fbd1de068ac6ea88568a2a9f4e27c61de53db44ad0ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:11 GMT
x-amz-version-id: .n9JmlnexdK9ep5pVHKNkPpiL2sUy5ge
via: 1.1 a64e3ccdb085056758f4ef32e887b5dc.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: VIE50-C2
age: 2382717
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
last-modified: Thu, 22 Dec 2022 00:27:43 GMT
server: cloudflare
etag: W/"5a10f4d56ecc576aac7ab338278c298e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rAkHWl05JPNMSogEBZheN11ttcHNVbVLHEQugQXwYLrtNmQxoi98nb9wpIa69mR0bIbnMj42PbLxYMSa6sEudxRryJKQsljfobydwaotz6VVvL%2Bgb%2F8a4LBQ3ECEtUGNNejsrvN9X8XFy7r%2BGj0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/x-icon
cache-control: max-age=2592000
cf-ray: 7d3f7c3bca0fbb9d-FRA
x-amz-cf-id: HkJiW-tV70-8uFq9gTuRYMx17XxkFYP39Dx5ZHPSvJwURGdCc1wujw==

GET
H2 200 load-widget.js Show response
cdn.pixfuture.com/cw/ 53 KB
53 KB 136ms
50ms Script
application/javascript 2606:4700:20::681a:744
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pixfuture.com/cw/load-widget.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:744 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f13a8a652585934679b92ef7b5bceaeda7672269c9e8d6155e00d803dc359d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 128701
cf-bgj: minify
last-modified: Thu, 23 Feb 2023 17:10:52 GMT
server: cloudflare
etag: W/"63f79e1c-d202"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zP1XTsSZP0oVwz%2BstD8pkke9dH2uJPzKL%2BVI0zhIa4DwgbBbAtN71xigQsrEnbAsA85VzQL%2F64LeKbV%2F5dsTcTtrcsWUz5evGbI2eawoNUNNV0G92lYEkTBxSbeLYmZydBcxex4PpO5XApcyr1Eu"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=172800, no-transform
access-control-allow-credentials: true
cf-ray: 7d3f7c3bc90e8fe0-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Wed, 07 Jun 2023 22:34:19 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C3DF 0
0 79ms
79ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuOCPL74LXoC03n-5scADMWgffmqQVyWbzTBplvbDBhG0ipOPMTtgJLtAlH_JkIiEQ3R03Bt5t7Ufwwq829DSxrkN-XCtLFe8VeaPkc1fHjZeuBYZrBVfQdx7SH6MnRiXdDaAilUohhRWQ5RfkR63dAr-y4EkgXpzlosJ2iVJWiRsuurYfNvA0rJd6Rb-2zqWXcxKldSi0ZFp_C9jcXHCWsPEzBrJO3Gty-jm9MklonaodasMPJ81vQ24IACAuzRP742Jk5FNXBfrIubfBX_8ulPaMpsyvI7gHzJmCkVmlCruNhplrfL1QdHL1MFuiucj07XhlYPcaPC0-_ZSz6wDENL725F0s6eeP3_kc&sai=AMfl-YTb_xS4Ajxsk6CxKjfDY9VSOY9v-4nhCwST43kva9Q2Gbws4RklsuBjWug9ZgLECUBSJOroUe0eR42WBVYH3OqlGcswrSlV-Hqzg7C6waERs58200APY-mHsVugCVjcP7xXDnwZHEw3bqlKS2w&sig=Cg0ArKJSzANkUr00r4olEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-e09f10f-032e20a2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:11 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 08 Jun 2023 07:40:11 GMT

GET
H2 200 ttj Show response
ib.3lift.com/ Frame C3DF 16 KB
5 KB 132ms
42ms Script
application/javascript 18.66.97.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.3lift.com/ttj?inv_code=SETUPAD_RON_970x250_Prebid_s2s&tid=215
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-e09f10f-032e20a2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-37.fra56.r.cloudfront.net
Software: /
Resource Hash: b01b9768a1c70eb6bb53b43e4e2b4d95637914be5308297aeb05d6fdec9e85c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:29:24 GMT
content-encoding: gzip
via: 1.1 018ffb575888f1c9ec960e3e977c042e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 661
etag: "73c12f5feb98a6963b09ab2610f0cb3e009435bd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900
alt-svc: h3=":443"; ma=86400
content-length: 5057
x-amz-cf-id: nFh5SFpccc0kw48U4NE559j2uPpu4joiCXkeyKo1CXn_-3jTAz4EoA==

GET
H2 200 notify
tlx.3lift.com/s2s/ Frame C3DF 37 B
220 B 41ms
41ms Image
image/gif 18.156.109.169
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tlx.3lift.com/s2s/notify?px=1&pr=0.11715032191844733&ts=1686210010&aid=7356146016655524469660&ec=5563_66529_OADD2.7559525348658_1N8HH8ZPZ1RESYYH8N&n=GrcCaHR0cHM6Ly93d3cuYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MTE3MjI2OTgmYXVJZD1hYmRmYWE5NS1kM2M4LTQ5YTEtOTMzZC0yODVjZGJiY2FiY2YmY21FeHBJZD1MVjMmb0FkVW5pdD0xMTcyMjY5OCZwdWJsaXNoZXJJZD0yNTAxNTIyMzUmcklkPWFiZGZhYTk1LWQzYzgtNDlhMS05MzNkLTI4NWNkYmJjYWJjZiZydHlwZT1udXJsJnRhZ0lkPTQ1NzUxOCZ0cmFmZmljR3JvdXA9Z2V2Y3lyeXZzZ19wY3omdHJhZmZpY1N1Ykdyb3VwPWVyZnJlaXImYWlkPTczNTYxNDYwMTY2NTU1MjQ0Njk2Ni0yNzcmd3A9MC4zNzLyAvQBCAASFjczNTYxNDYwMTY2NTU1MjQ0Njk2NjAYACABKLsrMOGHBEABSABQAWABaApwgfshkAEAmAEAqAH%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F8BuAEFwAGXAsgB9ALwAdcB%2BAH0AoAClwKRAgAAAAAAAPA%2FmQIAAAAAAADQP6gCALACAcgCAtgCAPECZmZmZmZm5j%2F4AoU6kAMAmAMAoAMAuAP4qrYByAMA0gMmT0FERDIuNzU1OTUyNTM0ODY1OF8xTjhISDhaUFoxUkVTWVlIOE7gA7uz%2BEzpAwAAAAAAAAAA8AP0AvkDAAAAAAAAAACABAiJBAAAAAAAANA%2FwASVAvgCFIgDAZIDBDk4OTWYAwCgA672G6gDAA%3D%3D
Requested by: Host: www.picuki.com
URL: https://www.picuki.com/profile/rudy_israel
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.156.109.169 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-109-169.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 08 Jun 2023 07:40:11 GMT
cache-control: no-cache, no-store, must-revalidate, no-cache, no-store, must-revalidate
content-length: 37
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H2 200 pe
eb2.3lift.com/ Frame C3DF 37 B
140 B 121ms
40ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/pe?fid=1&peid=0&aid=7356146016655524469660
Requested by: Host: www.picuki.com
URL: https://www.picuki.com/profile/rudy_israel
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:11 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 8F76 7 KB
1 KB 53ms
52ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=sNQO7xVld1CuA2hfFHvkpVL-&k=6LdcFkUaAAAAAHxmRBOJruwwR6lt9AfAQOWSgZMk

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7a89d902b3fc8e6e58487efd529cd7dfde6f6bffe7263015e5aa7ff639ca7694

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-irsVobQ7qFwrlTPt8nRBjg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.picuki.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1151
content-security-policy: script-src 'report-sample' 'nonce-irsVobQ7qFwrlTPt8nRBjg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 08 Jun 2023 07:40:11 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H/1.1 200
OK gcws.php Show response
served-by.pixfuture.com/www/delivery/ 4 KB
4 KB 375ms
152ms XHR
application/json 161.35.253.218
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://served-by.pixfuture.com/www/delivery/gcws.php
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/cw/load-widget.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 161.35.253.218 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e26295dc80fbef5694a3fb508233ea40e6f84cde70e6aad7351312cbf3befd10

Request headers

Referer: https://www.picuki.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 08 Jun 2023 07:40:11 GMT
cache-control: no-cache, no-store, must-revalidate
expires: 0
transfer-encoding: chunked
content-type: application/json

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/ Frame 8F76 55 KB
24 KB 40ms
40ms Stylesheet
text/css 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=sNQO7xVld1CuA2hfFHvkpVL-&k=6LdcFkUaAAAAAHxmRBOJruwwR6lt9AfAQOWSgZMk

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 21:14:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37571
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Tue, 30 May 2023 00:01:16 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 06 Jun 2024 21:14:00 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/ Frame 8F76 410 KB
164 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=sNQO7xVld1CuA2hfFHvkpVL-&k=6LdcFkUaAAAAAHxmRBOJruwwR6lt9AfAQOWSgZMk

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73fcbeac0f15bb0d757c476b3f620154ac6ba5152ea55cc4c89e43cd9db55c46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 19:28:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43920
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 167800
x-xss-protection: 0
last-modified: Tue, 30 May 2023 00:01:16 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 06 Jun 2024 19:28:11 GMT

GET
H2 200 bundle.js Show response
ib.3lift.com/rev/a083e33b204ffec3aab20f302e54fdef3e77f2e6/dist/ Frame C3DF 183 KB
59 KB 45ms
45ms Script
text/javascript 18.66.97.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.3lift.com/rev/a083e33b204ffec3aab20f302e54fdef3e77f2e6/dist/bundle.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-e09f10f-032e20a2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-37.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a8f15d7e3248b85bd89d7ed891e065f97cb7daa7a5d064593dfabb7117359f82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 18:53:53 GMT
content-encoding: gzip
via: 1.1 018ffb575888f1c9ec960e3e977c042e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 132379
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 59573
last-modified: Tue, 06 Jun 2023 18:45:58 GMT
server: AmazonS3
etag: "5efb03519397dbe515e3ec0d334970b0"
content-type: text/javascript
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-amz-cf-id: ncK9OmYIleBITl-bLlREJU80waeR8oB60Bw2quKMvM055Nb221IPZQ==

GET
DATA 200
OK truncated
/ Frame C3DF 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c1e99246f2311da26759ec1a15fd7b4ce66810d9cc15812c56356fb8e0ad3125

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 hb_v2.js Show response
cdn.pixfuture.com/ 55 KB
56 KB 49ms
48ms Script
application/javascript 2606:4700:20::681a:744
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pixfuture.com/hb_v2.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:744 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e99637cc812b1a2d3322547fc6a30f96614121d497b28cba1fedd92eeaeded67

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 43295
cf-bgj: minify
last-modified: Mon, 10 Apr 2023 19:34:23 GMT
server: cloudflare
etag: W/"643464bf-dd67"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DJTJTJrpZt3kSTayL5vMKwOBfMXZZdAyAGpYk7bF0if4UACsLlhrreY1GVzZJ3m%2FcjbD78NzHt2wHutMJaRe76p8Ta30rZck5L5ovvgRgykJ0yssWgcfqCIYpkNEHEn0XEDW5O6ZdJQwWC3nYBGQ"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=172800, no-transform
access-control-allow-credentials: true
cf-ray: 7d3f7c3d7a6c8fe0-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Fri, 09 Jun 2023 19:37:20 GMT

GET
H2 200 notify
tlx.3lift.com/s2s/ 37 B
220 B 42ms
41ms Image
image/gif 18.156.109.169
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tlx.3lift.com/s2s/notify?px=1&pr=0.11715032191844733&ts=1686210010&aid=7356146016655524469660&ec=5563_66529_OADD2.7559525348658_1N8HH8ZPZ1RESYYH8N&n=GrcCaHR0cHM6Ly93d3cuYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MTE3MjI2OTgmYXVJZD1hYmRmYWE5NS1kM2M4LTQ5YTEtOTMzZC0yODVjZGJiY2FiY2YmY21FeHBJZD1MVjMmb0FkVW5pdD0xMTcyMjY5OCZwdWJsaXNoZXJJZD0yNTAxNTIyMzUmcklkPWFiZGZhYTk1LWQzYzgtNDlhMS05MzNkLTI4NWNkYmJjYWJjZiZydHlwZT1udXJsJnRhZ0lkPTQ1NzUxOCZ0cmFmZmljR3JvdXA9Z2V2Y3lyeXZzZ19wY3omdHJhZmZpY1N1Ykdyb3VwPWVyZnJlaXImYWlkPTczNTYxNDYwMTY2NTU1MjQ0Njk2Ni0yNzcmd3A9MC4zNzLyAvQBCAASFjczNTYxNDYwMTY2NTU1MjQ0Njk2NjAYACABKLsrMOGHBEABSABQAWABaApwgfshkAEAmAEAqAH%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F8BuAEFwAGXAsgB9ALwAdcB%2BAH0AoAClwKRAgAAAAAAAPA%2FmQIAAAAAAADQP6gCALACAcgCAtgCAPECZmZmZmZm5j%2F4AoU6kAMAmAMAoAMAuAP4qrYByAMA0gMmT0FERDIuNzU1OTUyNTM0ODY1OF8xTjhISDhaUFoxUkVTWVlIOE7gA7uz%2BEzpAwAAAAAAAAAA8AP0AvkDAAAAAAAAAACABAiJBAAAAAAAANA%2FwASVAvgCFIgDAZIDBDk4OTWYAwCgA672G6gDAA%3D%3D&b=1
Requested by: Host: www.picuki.com
URL: https://www.picuki.com/profile/rudy_israel
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.156.109.169 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-109-169.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 08 Jun 2023 07:40:11 GMT
cache-control: no-cache, no-store, must-revalidate, no-cache, no-store, must-revalidate
content-length: 37
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H2 200 r
eb2.3lift.com/ 37 B
139 B 41ms
40ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/r?inv_code=SETUPAD_RON_970x250_Prebid_s2s&aid=7356146016655524469660&rev=a083e33&pr=un&bc=0.372&bmid=5563&biid=7429&sid=66529&brid=556417&adid=&crid=161356219&ts=1686210010&bcud=372&ss=20&caid=0&unid=0&domain=www.picuki.com&ref=https%253A%252F%252Fwww.picuki.com%252Fprofile%252Frudy_israel&rr=creative&fid=1&rb=10&g=0&tmplid=215&cb=42272
Requested by: Host: www.picuki.com
URL: https://www.picuki.com/profile/rudy_israel
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:11 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2

200

c.gif
www.bing.com/aes/
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=11722698&auId=75b266bc-8ba7-4b64-904a-3735784b9a4f&cmExpId=LV3&oAdUnit=11722698&publisherId=250152235&rId=abdfaa95-d3c8-49a1-933d-285cdbbcabcf&...
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=01e7f56633f24591b65284b4a0ba47f5&SNR=1&GV=2&med=10

0
525 B

75ms
74ms

Image
text/plain

2a02:26f0:3500:1b::1724:a398
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=01e7f56633f24591b65284b4a0ba47f5&SNR=1&GV=2&med=10
Requested by: Host: www.picuki.com
URL: https://www.picuki.com/profile/rudy_israel
Protocol: H2
Server: 2a02:26f0:3500:1b::1724:a398 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 07:40:12 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F1B12E8C5A3E40EE81D73BFA353C7459 Ref B: FRA31EDGE0714 Ref C: 2023-06-08T07:40:12Z
x-cdn-traceid: 0.98a12417.1686210012.5db9692
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Thu, 08 Jun 2023 07:40:12 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0F60CC3B73F24CA8ADBA5DF38031279F Ref B: VIEEDGE3213 Ref C: 2023-06-08T07:40:11Z
x-cdn-traceid: 0.98a12417.1686210011.5db9620
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=01e7f56633f24591b65284b4a0ba47f5&SNR=1&GV=2&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 154
expires: 0

GET
H2 200 th
www.bing.com/ Frame C3DF 7 KB
8 KB 166ms
46ms Image
image/jpeg 2a02:26f0:3500:1b::1724:a398
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OADD2.7559525348658_1N8HH8ZPZ1RESYYH8N&pid=21.2&c=17&roil=0&roit=0.1264&roir=1&roib=0.8736&w=328&h=185&dynsize=1
Requested by: Host: www.picuki.com
URL: https://www.picuki.com/profile/rudy_israel
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:1b::1724:a398 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 5e46986cfdb3f1078447233580b81e9b94691affb6da87bd3c9bc45dfb98e5f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:11 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid: 0.98a12417.1686210011.5db9622
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
timing-allow-origin: *
access-control-allow-headers: *
content-length: 7517
alt-svc: h3=":443"; ma=93600

GET
H2 200 blank
img.3lift.com/ Frame C3DF 615 B
925 B 140ms
40ms Image
image/png 18.66.97.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.3lift.com/blank?width=328&height=185
Requested by: Host: www.picuki.com
URL: https://www.picuki.com/profile/rudy_israel
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-112.fra56.r.cloudfront.net
Software: /
Resource Hash: 7e677e4ae5d4bf2dfa8304d03888bf6c7304dc3dfec6cb1d5c29fa2273328857

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 16:03:02 GMT
via: 1.1 018ffb575888f1c9ec960e3e977c042e.cloudfront.net (CloudFront)
last-modified: Wed, 07 Jun 2023 16:03:02 GMT
x-amz-cf-pop: FRA56-P2
age: 56229
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=604800
alt-svc: h3=":443"; ma=86400
content-length: 615
x-amz-cf-id: xSzTNmZrXdEbH7NCHS9Diy2AtfUKMEkwWBACPltwqxV3NkxbVj_wnQ==

GET
H3 200 OBA_TRANS.png
ib.3lift.com/static/buttons/edaa/ Frame C3DF 3 KB
3 KB 41ms
41ms Image
image/png 18.66.97.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.3lift.com/static/buttons/edaa/OBA_TRANS.png
Requested by: Host: www.picuki.com
URL: https://www.picuki.com/profile/rudy_israel
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.97.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-37.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 04:27:51 GMT
via: 1.1 93b8205e2f07a7099af2e6fd126d9658.cloudfront.net (CloudFront)
last-modified: Thu, 05 Aug 2021 17:23:36 GMT
server: AmazonS3
age: 467717
x-amz-cf-pop: FRA56-P2
etag: "ddf020e069f1706b72b7698b28fede09"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=604800,s-maxage=604800,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 3125
x-amz-cf-id: ijcnyHDY4qYmtXH8eIxpE53zKF8xdyamo-l2ORoxzmuWqhV6kxNyQw==

GET
H3 200 OBA_UK.png
ib.3lift.com/static/buttons/edaa/ Frame C3DF 3 KB
4 KB 42ms
41ms Image
image/png 18.66.97.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.3lift.com/static/buttons/edaa/OBA_UK.png
Requested by: Host: www.picuki.com
URL: https://www.picuki.com/profile/rudy_israel
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.97.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-37.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08285afd2f0c11a2a9d89f00dce769479e4d164e62caa39eceea9f1eb551afa9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 21:59:55 GMT
via: 1.1 93b8205e2f07a7099af2e6fd126d9658.cloudfront.net (CloudFront)
last-modified: Thu, 05 Aug 2021 17:23:31 GMT
server: AmazonS3
age: 466817
x-amz-cf-pop: FRA56-P2
etag: "7ceab27af00fa466072a3c3360041755"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=604800,s-maxage=604800,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 3518
x-amz-cf-id: wCNgavxtZXB7mQQQy_i1RTbPq6VPRn9Rf5-J83OQ0DpRm0-i6SPM3w==

GET
H2 200 ctar
eb2.3lift.com/ 37 B
139 B 40ms
40ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/ctar?inv_code=SETUPAD_RON_970x250_Prebid_s2s&aid=7356146016655524469660&rev=a083e33&cta_render_method=2&cta_render_text=Learn%20more&cb=66941
Requested by: Host: www.picuki.com
URL: https://www.picuki.com/profile/rudy_israel
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:11 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 75 KB
25 KB 108ms
108ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f0009642758b885fc75fb07d7ac63db0a32c14a61992c8d1964c235fbc1316

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25253
x-xss-protection: 0
server: cafe
etag: 781 / 19516 / m202306010101 / config-hash: 9074073763038175863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 08 Jun 2023 07:40:11 GMT

GET
H2 200 pbix.js Show response
cdn.pixfuture.com/ 396 KB
397 KB 47ms
46ms Script
application/javascript 2606:4700:20::681a:744
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pixfuture.com/pbix.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:744 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e4196faa28def3b310eed8c11827e29b55f9f3d2bfdd31d3d72669fea7f8c92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 61183
cf-polished: origSize=406706
cf-bgj: minify
last-modified: Thu, 19 Jan 2023 19:53:47 GMT
server: cloudflare
etag: W/"63c99fcb-634b2"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wuhqlb7tbUvjZf2mNLPhedeW3q0CGRO1YgnJlWZIX53NKr32IEl1UVSOyiSGn3CCCo%2FKbvCsWaH659CwbRKRyINewOngWqBSNhx1Xk7pWjilRO6GHngFE%2BsSIu17iAGFtiPXdF2ODXCTZGBRcCtt"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=172800, no-transform
access-control-allow-credentials: true
cf-ray: 7d3f7c3e2b0b8fe0-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Thu, 08 Jun 2023 17:34:08 GMT

GET
H2 200 pixf_sync.html Show response
cdn.pixfuture.com/ Frame 7992 933 B
923 B 147ms
147ms Document
text/html 2606:4700:20::681a:744
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pixfuture.com/pixf_sync.html
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:744 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 549a5835347371afdcaeb8e3e8a05a6c28a8fff76586fc74041ac11b144c0426

Request headers

Referer: https://www.picuki.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 7d3f7c3e2b118fe0-FRA
content-encoding: br
content-type: text/html
date: Thu, 08 Jun 2023 07:40:11 GMT
last-modified: Wed, 07 Dec 2022 20:04:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EMZNfkvgKd%2BcfZ7Pwne2zc4JoQsqrm9wl9FTr9yl0jGYby0XObth8z2SnD4lIkktSoRor89Qq%2BEsfdPXWaYwd0qEssG%2FehV7o80pOF556jNxfjcx%2FieJ8k3DbBm%2BighMhwZPNZ5O4keXdwftNdIQ"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 r.js Show response
aa.agkn.com/adscores/ 0
463 B 161ms
40ms Script
application/javascript 18.194.199.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aa.agkn.com/adscores/r.js?sid=9112309848
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.199.66 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-199-66.eu-central-1.compute.amazonaws.com
Software: AAWebServer /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 07:40:11 GMT
server: AAWebServer
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type: application/javascript;charset=iso-8859-1
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length: 0
expires: 0

POST
H/1.1 200
OK hb_v2.php Show response
served-by.pixfuture.com/www/delivery/ 4 KB
5 KB 246ms
136ms XHR
application/json 161.35.253.218
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://served-by.pixfuture.com/www/delivery/hb_v2.php?dat=33973x300x250x5903x_ADSLOT1&keywords=rudy_israel,instagram,profile,posts,stories,picukicom&refUrl=&refresh=false&innerWidth=1600&cb=1686210011848
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 161.35.253.218 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 29b1a1d10f87a90e92aacc387bc24c24c6ccea4d702676b37b9b8cd87fff189c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 07:40:12 GMT
transfer-encoding: chunked
content-type: application/json
access-control-allow-origin: https://www.picuki.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Pragma,Access-Control-Max-Age,Expires,Vary,Cache-Control,Access-Control-Allow-Origin
expires: 0

GET
H2 200 pxf_5903x1146.min.css
cdn.pixfuture.com/content_widget/ 1 KB
1 KB 143ms
143ms Stylesheet
text/css 2606:4700:20::681a:744
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pixfuture.com/content_widget/pxf_5903x1146.min.css?pxft_v=3045295281597954
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:744 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eda395333e0d95ada41d7d39728123ac83269346b564641790417bdd0ff9404a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:12 GMT
content-encoding: gzip
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
last-modified: Thu, 13 Apr 2023 20:22:34 GMT
server: cloudflare
etag: W/"6438648a-5fa"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EXmBVOIWKEb0uSeMJfPAIcXLfc4MrBr5GoYC7188tHpC4QTwMP1TX2XcxJD085DmEiQhlzGGGtfQHsfMQLF1NE8bw%2FvZf3iE%2BbsR5gZuD6zM5qpKA%2BvD9II5PB04FSZqy%2BlLSwTQxAq8w9ZU3AHA"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=172800, no-transform
access-control-allow-credentials: true
cf-ray: 7d3f7c3edb9b8fe0-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Sat, 10 Jun 2023 07:40:12 GMT

GET
H2 200 v52afc6f149f6479b8c77fa569edb01181681764108816 Show response
static.cloudflareinsights.com/beacon.min.js/ Frame 7992 19 KB
7 KB 167ms
72ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pixf_sync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b

Request headers

Referer: https://cdn.pixfuture.com/
Origin: https://cdn.pixfuture.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:12 GMT
content-encoding: gzip
last-modified: Mon, 17 Apr 2023 20:41:48 GMT
server: cloudflare
etag: W/2023.4.2
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7d3f7c3fcfa09247-FRA

GET
H2 200 css
fonts.googleapis.com/ Frame C3DF 2 KB
661 B 142ms
52ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:600,900&display=swap

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-e09f10f-032e20a2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0b9ffac16148c8938c6d9f2df28a17207f62a7f92d3401a48a58c0b22f17b0b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 08 Jun 2023 07:40:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 08 Jun 2023 06:30:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 08 Jun 2023 07:40:12 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame C3DF 3 KB
1 KB 140ms
51ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans&display=swap

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-e09f10f-032e20a2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

94ff72f0e7d4d5fb406082c4572aeb6514c4e32266aec78e93edbb03e9cf9628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 08 Jun 2023 07:40:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 08 Jun 2023 06:38:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 08 Jun 2023 07:40:12 GMT

GET
H2 200 aop
eb2.3lift.com/ 37 B
139 B 40ms
39ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/aop?inv_code=SETUPAD_RON_970x250_Prebid_s2s&aid=7356146016655524469660&rev=a083e33&pr=un&bc=0.372&bmid=5563&biid=7429&sid=66529&brid=556417&adid=&crid=161356219&ts=1686210010&bcud=372&ss=20&caid=0&unid=0&domain=www.picuki.com&ref=https%253A%252F%252Fwww.picuki.com%252Fprofile%252Frudy_israel&rr=creative&fid=1&rb=10&g=0&tmplid=215&cb=50582
Requested by: Host: www.picuki.com
URL: https://www.picuki.com/profile/rudy_israel
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:12 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 dr
eb2.3lift.com/ 37 B
139 B 40ms
39ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/dr?inv_code=SETUPAD_RON_970x250_Prebid_s2s&aid=7356146016655524469660&rev=a083e33&disclosure_render_method=3&disclosure_render_text=Sponsored%20By&cb=97934
Requested by: Host: www.picuki.com
URL: https://www.picuki.com/profile/rudy_israel
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:12 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 ev1
eb2.3lift.com/ 37 B
139 B 42ms
42ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/ev1?inv_code=SETUPAD_RON_970x250_Prebid_s2s&aid=7356146016655524469660&rev=a083e33&pr=0.11715032191844733&bc=0.372&bmid=5563&biid=7429&sid=66529&brid=556417&adid=&crid=161356219&ts=1686210010&bcud=372&ss=20&caid=0&unid=0&cepos=0&ceid=-1&cb=50361
Requested by: Host: www.picuki.com
URL: https://www.picuki.com/profile/rudy_israel
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:12 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 47ms
46ms Preflight
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.picuki.com%2F&domain=www.picuki.com&bundle=4bhD2F94d2xNR00wVldtVzYzSWdmVmtISjVzR0o3RTklMkJhY1ZhRjl2WkFaTGlWb2VkSHQ3a2hWbzEzWndNSDduVkdEUmdMMTVSUUZXQTZlTWwxcXBWWWE4JTJGJTJCJTJGdTJyQmpMUyUyQmRXMERrb1N0Nk5sa0ptekU4ejFoRkQ2bDFIREd3SXRiRFBYdzh3dVV2MUhhRFV3JTJGJTJGM2t0TCUyRlBRJTNEJTNE&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.picuki.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.picuki.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Thu, 08 Jun 2023 07:40:11 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 294682
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 json Show response
gum.criteo.com/sid/ 2 B
372 B 46ms
46ms XHR
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.picuki.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 07:40:11 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.picuki.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 255716
expires: 0

GET f
fid.agkn.com/ 0
0

GET envelope
api.rlcdn.com/api/identity/ 0
0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
390 B 188ms
58ms XHR
application/json 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=yoni5uv&fmt=json
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: f386b57b9e1bb57870aa29a9dbe60e3e2d05999e470166453ee906b16a6903ba

Request headers

Referer: https://www.picuki.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 08 Jun 2023 07:40:12 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.picuki.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Sat, 08 Jul 2023 07:40:12 GMT

GET
H/1.1 200
OK seg Show response
secure.adnxs.com/ 0
1 KB 124ms
41ms Script
application/javascript 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/seg?add=27578921%2C27578921&t=1

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.2 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jun 2023 07:40:12 GMT
AN-X-Request-Uuid: df39124d-61de-4ca4-93fd-1097cad04b37
Server: nginx/1.23.2
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/javascript; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 80.255.7.108; 80.255.7.108; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
674 B 67ms
57ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@400

Requested by

Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/content_widget/pxf_5903x1146.min.css?pxft_v=3045295281597954

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e591140282de216623d2f7873b527f837606305ae597fb3ea3040ead240f384d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.pixfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 08 Jun 2023 07:40:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 08 Jun 2023 07:24:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 08 Jun 2023 07:40:12 GMT

POST
H2 204 rum Show response
cdn.pixfuture.com/cdn-cgi/ Frame 7992 0
163 B 42ms
42ms XHR
text/plain 2606:4700:20::681a:744
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.pixfuture.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:744 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://cdn.pixfuture.com/pixf_sync.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
content-type: application/json

Response headers

date: Thu, 08 Jun 2023 07:40:12 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://cdn.pixfuture.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 7d3f7c404cdc8fe0-FRA

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C3DF 15 KB
16 KB 133ms
40ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:600,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.picuki.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 15:11:34 GMT
x-content-type-options: nosniff
age: 404918
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15752
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 02 Jun 2024 15:11:34 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v35/ Frame C3DF 18 KB
18 KB 143ms
51ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.picuki.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 02:30:05 GMT
x-content-type-options: nosniff
age: 450607
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18664
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:19:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 02 Jun 2024 02:30:05 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C3DF 0
0 78ms
77ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu_-eHyoHrLD-Nto0HWxuftJcsZhUKmUImCjWM55v9Z0cVKpxgvEVdO7XGcT0sthqCyjm6-Z30XkUyG7_RYP1PRltbEFfo8b1dXrCXmE3LIq8yepaREgS3Fxt_Q2ZL-UtdVOU9uxdhUqVmsedH4hZIdV8sNHqvJCRMX8pouyl4k69ysrhShFsWXFz0DvA46h7r7NaMYfin94aczW_XF8E_MQqsT6W3nbUpKGgjgfTK0mhYhTWUMsxU6m1YmnPWSjRYoTc483HOPgu9Pc2WKVi0fsDH_J54xWtLipfaCAMjO9hNYGdLjba4h3K7GnqzXwqgI9OPNiQK3hOmDCtROfTRDZa-j8debJA1EMi11_A&sai=AMfl-YSr-4EsGMlUypsfKApBmfKJJbezTkX_9kn4JGR0u-72vZRUwe2hbRJc_Xpvcf7Y_D2liIt7p8Ez2pGWjkWE4gi8gXykNOWPjC0Gs_Ev5EgsBhkQRMnEidRrOgKm5e5aNgkzvkeobaa3RXsdUF8&sig=Cg0ArKJSzA4jek6RRXx6EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-e09f10f-032e20a2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:12 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 08 Jun 2023 07:40:12 GMT

GET
H2 200 cw_style.css
cdn.pixfuture.com/cw/ 28 KB
29 KB 46ms
45ms Stylesheet
text/css 2606:4700:20::681a:744
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pixfuture.com/cw/cw_style.css
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:744 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94f9dc3fe1126d55053b1638ed35e036916f5e407a2651e0222adf5f6ee8b75d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:12 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 60227
cf-polished: origSize=28765
cf-bgj: minify
last-modified: Thu, 02 Feb 2023 20:42:44 GMT
server: cloudflare
etag: W/"63dc2044-705d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bDhvvhNcJ5TqzHt3HtIm3yh9f4bYay18QX7NHB09Ih896z1geuh89Tq9elooqa189fzBRA4tStTmiZBnwJs%2BCQ8rerftCEqXuf%2FVhJzwHgGYovUr5Oc8h26SuJNThP4WF%2F5DkJFOyjx5nHPXnmqG"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=172800, no-transform
access-control-allow-credentials: true
cf-ray: 7d3f7c406cf48fe0-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Wed, 07 Jun 2023 22:34:04 GMT

POST
H/1.1 200
OK cookie_sync Show response
prebidserver.pixfuture.com/ 792 B
1 KB 383ms
127ms XHR
application/json 137.184.242.150
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://prebidserver.pixfuture.com/cookie_sync
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 137.184.242.150 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 1d6693b7186c190fb6f7b0f65ae79fd4fe3cc66281a3c322e1317b6860175e95

Request headers

Referer: https://www.picuki.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 07:40:12 GMT
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.picuki.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 792
expires: 0

POST
H/1.1 200
OK auction Show response
prebidserver.pixfuture.com/openrtb2/ 177 B
501 B 627ms
246ms XHR
application/json 137.184.242.150
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://prebidserver.pixfuture.com/openrtb2/auction
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 137.184.242.150 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 181b2157b0d510139ce5a2a65a5cfc21eb0c894ac4f526aca0e1691c995b841e

Request headers

Referer: https://www.picuki.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 07:40:12 GMT
x-prebid: pbs-go/unknown
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.picuki.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 177
expires: 0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 368 B
920 B 449ms
326ms XHR
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23564&site_id=400550&zone_id=2245168&size_id=15&p_pos=atf&rp_schain=1.0,1!pixfuture.com,5903,1,,,&eid_id5-sync.com=0%5E1%5E&eid_pubcid.org=dd440342-4b7d-4c0b-9152-0ed9341d1522%5E1&rf=https%3A%2F%2Fwww.picuki.com%2Fprofile%2Frudy_israel&kw=rudy_israel%2Cinstagram%2Cprofile%2Cposts%2Cstories%2Cpicukicom&tg_i.domain=picuki.com&tg_i.cat=IAB9&tg_i.sectioncat=IAB9&tg_i.pagecat=IAB9&tg_i.page=https%3A%2F%2Fwww.picuki.com%2Fprofile%2Frudy_israel&tk_flint=pbjs_lite_v7.16.0-pre&x_source.tid=3de00eb2-3bb5-4a68-afd3-cdf4aa78cdbe&l_pb_bid_id=87b2b76cdb710e&p_screen_res=1600x1200&rp_floor=0.1&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5398350583313329
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 7aabad4f39f20b7b1133a4b537dcdec45083712642462d8a6c4ab761de91946e

Request headers

Referer: https://www.picuki.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 07:40:12 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.picuki.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 368
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 arj Show response
pixfuture2-d.openx.net/w/1.0/ 73 B
293 B 64ms
55ms XHR
application/json 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://pixfuture2-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.picuki.com%2Fprofile%2Frudy_israel&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=3de00eb2-3bb5-4a68-afd3-cdf4aa78cdbe&nocache=1686210012237&id5id=0&pubcid=dd440342-4b7d-4c0b-9152-0ed9341d1522&schain=1.0%2C1!pixfuture.com%2C5903%2C1%2C%2C%2C&aus=300x250&divids=33973x300x250x5903x_ADSLOT1&aucs=&auid=540580840&tps=bXlrZXl3b3JkPXJ1ZHlfaXNyYWVsLGluc3RhZ3JhbSxwcm9maWxlLHBvc3RzLHN0b3JpZXMscGljdWtpY29tJm15b3RoZXJrZXl3b3JkPXJ1ZHlfaXNyYWVsLGluc3RhZ3JhbSxwcm9maWxlLHBvc3RzLHN0b3JpZXMscGljdWtpY29t
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 68ee8b4c9ee17335351b84ac06cb72a2b26da89f33aa86f62dbd6780b017ee30

Request headers

Referer: https://www.picuki.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 07:40:12 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: application/json
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.picuki.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 338 B
635 B 141ms
51ms XHR
application/json 34.120.63.153
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUIUMTP7
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 153.63.120.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: fb7862c8ef0a05693595930dd537fb67eb33ec85bfa75ff4cc3c8f5e55ecbbc2

Request headers

Referer: https://www.picuki.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 07:40:12 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.picuki.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 08 Jun 2023 07:40:12 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 139 B
1 KB 53ms
53ms XHR
application/json 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

650645ea331d5a0fc0f225cb9a170447bb624948c6aa5ffe1bdb2c0d82f93579

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.picuki.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 08 Jun 2023 07:40:12 GMT
AN-X-Request-Uuid: 4e74369a-a568-43b6-a2ce-f67efc9bf301
Server: nginx/1.23.4
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.picuki.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 139
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
157 B 105ms
104ms XHR
text/plain 3.73.198.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.73.198.78 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-73-198-78.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.picuki.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.picuki.com
date: Thu, 08 Jun 2023 07:40:12 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 24 B
401 B 502ms
394ms XHR
application/json 216.52.2.91
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.16.0-pre
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.91 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: 9b73972f3c2015e1efa58ab9d4641d6261f4d59a5f32ac1375a9f63f1bdd9044

Request headers

Referer: https://www.picuki.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 08 Jun 2023 07:40:12 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://www.picuki.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 24

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ 360 B
3 KB 572ms
179ms XHR
application/json 69.166.1.14
AS-XFERNET

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22203cd2e91c5d175%22%3A%22833199e4bd4003904bc3%7C300x250%7Cf%3D0.3%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.picuki.com%2Fprofile%2Frudy_israel&s=e69e09ea-a769-422c-b334-ee77f688e02f&pv=f470b2e7-b76c-4f4d-a9fa-8b6a7f9c8fc9&vp=desktop&lib_name=prebid&lib_v=7.16.0-pre&us=0&fpd=%7B%22site%22%3A%7B%22domain%22%3A%22picuki.com%22%2C%22cat%22%3A%5B%22IAB9%22%5D%2C%22sectioncat%22%3A%5B%22IAB9%22%5D%2C%22pagecat%22%3A%5B%22IAB9%22%5D%2C%22page%22%3A%22https%3A%2F%2Fwww.picuki.com%2Fprofile%2Frudy_israel%22%2C%22keywords%22%3A%22rudy_israel%2Cinstagram%2Cprofile%2Cposts%2Cstories%2Cpicukicom%22%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22pixfuture.com%22%2C%22sid%22%3A%225903%22%2C%22hp%22%3A1%7D%5D%7D&userid=%7B%22id5id%22%3A%220%22%2C%22pubcid%22%3A%22dd440342-4b7d-4c0b-9152-0ed9341d1522%22%7D&eids=%5B%7B%22source%22%3A%22id5-sync.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22linkType%22%3A0%7D%7D%5D%7D%2C%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22dd440342-4b7d-4c0b-9152-0ed9341d1522%22%2C%22atype%22%3A1%7D%5D%7D%5D&kw=rudy_israel%2Cinstagram%2Cprofile%2Cposts%2Cstories%2Cpicukicom&coppa=0

Requested by

Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

69.166.1.14 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

e290af9c92da520199583b6f272baac3b7d612d951cce95a71b59a421e67d194

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.picuki.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 08 Jun 2023 07:40:12 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-5-115
Content-Type: application/json
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.picuki.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Length: 292
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
556 B 528ms
527ms XHR
application/json 5.196.111.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.196.111.65 Le Grau-du-Roi, France, ASN16276 (OVH, FR),
Reverse DNS: ip65.ip-5-196-111.eu
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.picuki.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 07:40:11 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.picuki.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
60 B 48ms
48ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.picuki.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.picuki.com
date: Thu, 08 Jun 2023 07:40:10 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 25 Show response
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 0
149 B 391ms
282ms XHR
text/plain 2a02:fa8:8806:12::1460
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.picuki.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.picuki.com
pragma: no-cache
date: Thu, 08 Jun 2023 07:40:12 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: 0

POST
H/1.1 200
OK / Show response
ghb.adtelligent.com/v2/auction/ 2 KB
1 KB 507ms
277ms XHR
application/json 2a06:8640:799:0:ec4:7aff:fe6e:a48e
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/v2/auction/
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:8640:799:0:ec4:7aff:fe6e:a48e Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 62907b530c3d79e6025bc59bd87e2cdafa37a77b08eda15b5c0a7ec4a4c3646c

Request headers

Referer: https://www.picuki.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 08 Jun 2023 07:40:12 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://www.picuki.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 814

GET
H2 200 a533c92242fdc9e0adcefc699f36a602.png
cdn.pixfuture.com/content_widget/logos/ 10 KB
10 KB 48ms
47ms Image
image/png 2606:4700:20::681a:744
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.pixfuture.com/content_widget/logos/a533c92242fdc9e0adcefc699f36a602.png?pxft_v=105929293316490
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/content_widget/pxf_5903x1146.min.css?pxft_v=3045295281597954
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:744 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2cbe49b6a8bbe04b360ed7b011e74516a36d118a3a03d2f9595747e316f113e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.pixfuture.com/content_widget/pxf_5903x1146.min.css?pxft_v=3045295281597954
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:12 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 61173
content-length: 9827
last-modified: Thu, 13 Apr 2023 20:22:33 GMT
server: cloudflare
etag: "64386489-2663"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FiSuBY03p7iEdIFR1E9ueiDxlk47cng1MxDqSOeUfxESGz42S9DdOa9RjWrlhFAVyvJJ2cLwsMrTntJ92vESI2FRkgGSM%2FexLkIBCMR0yPaAejf5IsCUUMOxDyrJdpZV%2BQ8VupS8U%2B6PQmaAKS4D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=172800, no-transform
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7d3f7c40cd638fe0-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Thu, 08 Jun 2023 20:33:26 GMT

GET
H2 200 cw_ad.js Show response
cdn.pixfuture.com/cw/ 48 KB
48 KB 56ms
55ms Script
application/javascript 2606:4700:20::681a:744
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pixfuture.com/cw/cw_ad.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:744 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d94741d73e4500db83b9e05383f2ac96c80e5c6741314a7adb72312c3f405cf9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:12 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 60016
cf-bgj: minify
last-modified: Thu, 09 Mar 2023 20:35:22 GMT
server: cloudflare
etag: W/"640a430a-c03d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1%2BbK2tvFNODcFv8q%2BfSB5BuVMrB5UuhlTUHghvoJRnzQU0UqmV9bEzX%2BszAw67ckoSzZ8VPD0R%2FSAAM5qWDMAsJ2kLyoBUO5uWzocpSr6Df1DOKZoOd8XZGxL%2B5bljAm1Ty7DE16b%2FF%2FfttuMIJC"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=172800, no-transform
access-control-allow-credentials: true
cf-ray: 7d3f7c40dd6b8fe0-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Thu, 08 Jun 2023 16:34:27 GMT

GET
H2 200 81d8c0f9c64c53e7cc7b3c8ebe0ba927.png
cdn.pixfuture.com/content_widget/ 467 KB
468 KB 47ms
46ms Image
image/png 2606:4700:20::681a:744
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.pixfuture.com/content_widget/81d8c0f9c64c53e7cc7b3c8ebe0ba927.png
Requested by: Host: www.picuki.com
URL: https://www.picuki.com/profile/rudy_israel
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:744 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b4e67b5af3df566b6dffbb0fe53615be9ad13f80af74a3b1824620b56f71051

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:12 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 140044
content-length: 478714
last-modified: Fri, 07 Apr 2023 16:38:57 GMT
server: cloudflare
etag: "64304721-74dfa"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lrHil5wZhx156lDD%2Bi9BgdzTI9QhH%2FahBOcIHVv65AVMWY0%2FRNcmyxj%2BBaKS95xLZZmL2I5gcH5SbE7%2BXVk7vaWMaxSHxSkSb3jrwQ5YnYHnlmAJ4yZA8UZ7LxiIRfVzWixAmvHMezoLL4iERox4"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=172800, no-transform
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7d3f7c40dd6d8fe0-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Thu, 08 Jun 2023 16:42:11 GMT

GET
H2 200 2d442b42e67ccff7e4388192713cfb02.png
cdn.pixfuture.com/content_widget/ 606 KB
607 KB 58ms
56ms Image
image/png 2606:4700:20::681a:744
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.pixfuture.com/content_widget/2d442b42e67ccff7e4388192713cfb02.png
Requested by: Host: www.picuki.com
URL: https://www.picuki.com/profile/rudy_israel
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:744 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc094e0d8fee5b941e182b83fea4c5663bbeaae3e8cec5838dcdd85fa73dd52e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:12 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 128652
content-length: 620695
last-modified: Fri, 07 Apr 2023 16:38:00 GMT
server: cloudflare
etag: "643046e8-97897"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ndTxvevrx6JdOZSGkbjKhPSek%2BHhDiHSTIIiRK9Bp6%2B519QeAyyM1r4vf%2Fl%2Fdbnzao6Jy1SCJZy2T7XBmMoOsr5ZIPsEo4N7Vg7vye1W4VswnQxzZiPLT9ZEsorXNCfTQsy%2F161XvptyIBoV%2FGMg"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=172800, no-transform
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7d3f7c40ed798fe0-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Wed, 07 Jun 2023 22:49:46 GMT

GET
H2 200 1122f6d48dcd3e2db62a350a047e86d7.png
cdn.pixfuture.com/content_widget/ 479 KB
480 KB 53ms
52ms Image
image/png 2606:4700:20::681a:744
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.pixfuture.com/content_widget/1122f6d48dcd3e2db62a350a047e86d7.png
Requested by: Host: www.picuki.com
URL: https://www.picuki.com/profile/rudy_israel
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:744 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c9ea4050ed8821dfd43139cef538b38d29e15e237dd0fdc7293b1e15cf2505d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:12 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 140033
content-length: 490551
last-modified: Fri, 07 Apr 2023 16:37:02 GMT
server: cloudflare
etag: "643046ae-77c37"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EzSs44N0ormHqfS5jp5%2B4Toc58I%2Bkz4pJXkDHp9PE5eK1xGGpu%2FgGi88rQ5qiVXRhECoD1WR%2BnqW0EsFpi60PbG4hcLBys5Vu7c0raisr138Z%2F%2FxbDFByKUqfGWOjc2crEiRENbZagpYPPVDzMbn"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=172800, no-transform
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7d3f7c40ed7c8fe0-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Tue, 06 Jun 2023 16:59:28 GMT

GET
H2 200 64ed3fc37db0b18a0786e603e1f168e0.png
cdn.pixfuture.com/content_widget/ 524 KB
525 KB 53ms
52ms Image
image/png 2606:4700:20::681a:744
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.pixfuture.com/content_widget/64ed3fc37db0b18a0786e603e1f168e0.png
Requested by: Host: www.picuki.com
URL: https://www.picuki.com/profile/rudy_israel
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:744 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69d07556b8856f7587d3b325d827ed05b095933c25fc388f35964e7f0dbda610

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:12 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 140043
content-length: 536389
last-modified: Fri, 07 Apr 2023 16:36:07 GMT
server: cloudflare
etag: "64304677-82f45"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I%2FCSHslc0SBAxeHcwndPBXYE6In1m4tNC0LxoA79ISHjEi7etR%2FefzBJfBnzKfyQaC7o2VXiv1S0KBYkrkpg32lscLW%2B6xn1Q5Hm28YHA%2BWseZkVTce8QIhchlJ7pAYKi7Uc8jC4fM7IVf2O46Mw"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=172800, no-transform
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7d3f7c40ed7d8fe0-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Tue, 06 Jun 2023 16:49:27 GMT

GET
H2 200 fbc449e3915bda27f791327e49c13e94.png
cdn.pixfuture.com/content_widget/ 400 KB
401 KB 53ms
52ms Image
image/png 2606:4700:20::681a:744
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.pixfuture.com/content_widget/fbc449e3915bda27f791327e49c13e94.png
Requested by: Host: www.picuki.com
URL: https://www.picuki.com/profile/rudy_israel
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:744 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fbb0bbadd603de28104770b585ed6066942f1fc7b0f934865cd4bf28d7a51d4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:12 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 140055
content-length: 409240
last-modified: Fri, 07 Apr 2023 16:35:05 GMT
server: cloudflare
etag: "64304639-63e98"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T%2Fm4MHBtGzjMJQsLeefQ4PdqbiR8pVzOvq3vuVTO8gS%2FYAPOyY3Ls4rJMXqTnO3iv4bUN%2B5h6%2BpTyslKeU3K1tqowohGISwOZFgZzk2aeGoLEK5pCUCiM%2FwQqOujV%2FCiXf8YMHpggbV4oO990x4q"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=172800, no-transform
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7d3f7c40ed7e8fe0-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Wed, 07 Jun 2023 22:46:54 GMT

GET
H/1.1 200
OK cw_svtr.php Show response
served-by.pixfuture.com/www/headerbid/library/tracking/ 0
189 B 135ms
134ms XHR
text/plain 161.35.253.218
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://served-by.pixfuture.com/www/headerbid/library/tracking/cw_svtr.php?wid=1146&hid=81d8c0f9c64c53e7cc7b3c8ebe0ba927
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/cw/load-widget.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 161.35.253.218 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 08 Jun 2023 07:40:12 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H2 200 jquery.min.js Show response
cdn.pixfuture.com/ 85 KB
30 KB 124ms
122ms Script
application/javascript 2606:4700:20::681a:744
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pixfuture.com/jquery.min.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:744 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:12 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 131216
last-modified: Wed, 12 Aug 2020 19:49:59 GMT
server: cloudflare
etag: W/"5f3447e7-1538f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y%2FDBNXtOc4OPECti20szc0OzyCuxPvPPBrdouJ1SdOm0GrPL2OqOGaOD24vUCatX9DDzHLsJNaDFFdnLGEW3jEVW2V3p58nTo7M7Km0LHNOn%2Fa8kCXtxuHm12agbGgQrLQh%2BcZ6KbkgNMJa7GUHM"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=172800, no-transform
access-control-allow-credentials: true
cf-ray: 7d3f7c414dce8fe0-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Wed, 07 Jun 2023 22:29:18 GMT

GET
H2 200 pixf_sync.html Show response
cdn.pixfuture.com/ Frame 0EE3 933 B
926 B 165ms
163ms Document
text/html 2606:4700:20::681a:744
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pixfuture.com/pixf_sync.html
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:744 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d299789f710047a8621557f56d8023c4baf9093387e18c83165ae1fdc48f6d1d

Request headers

Referer: https://www.picuki.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 7d3f7c414dd58fe0-FRA
content-encoding: br
content-type: text/html
date: Thu, 08 Jun 2023 07:40:12 GMT
last-modified: Wed, 07 Dec 2022 20:04:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oUBiF2%2B6aPPw%2Bgg4c%2BC1%2FcvY59GjAuozlJr6yCafeyjMKc2lzj7lVl7j1P6aWFxdSS0ZwhvGGWWT3voFeWGxLUAXZrPyaiOoCObqGXNsq1Rcz0QZrDqnLeOP5X9WNg6%2FWvFEvYT%2FDxhxJiDZzxoi"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 r.js Show response
aa.agkn.com/adscores/ 0
462 B 68ms
66ms Script
application/javascript 18.194.199.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aa.agkn.com/adscores/r.js?sid=9112309848
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.199.66 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-199-66.eu-central-1.compute.amazonaws.com
Software: AAWebServer /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 07:40:12 GMT
server: AAWebServer
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type: application/javascript;charset=iso-8859-1
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length: 0
expires: 0

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 361 KB
121 KB 142ms
53ms Script
text/javascript 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a9863314577494b778cade4d77d719a27fca818d6091efe35b972cac31026f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 123120
x-xss-protection: 0
expires: Thu, 08 Jun 2023 07:40:12 GMT

GET
H2 200 v52afc6f149f6479b8c77fa569edb01181681764108816 Show response
static.cloudflareinsights.com/beacon.min.js/ Frame 0EE3 19 KB
7 KB 73ms
72ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pixf_sync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b

Request headers

Referer: https://cdn.pixfuture.com/
Origin: https://cdn.pixfuture.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:12 GMT
content-encoding: gzip
last-modified: Mon, 17 Apr 2023 20:41:48 GMT
server: cloudflare
etag: W/2023.4.2
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7d3f7c426ab49247-FRA

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ 87 KB
28 KB 61ms
61ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/saas/3528

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

78cf7f92ec9841d3afea2c9db9cc22e4ff8acc52bee7060b50a28a71cb262093

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:12 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 06 Apr 2023 09:13:32 GMT
server: nginx
etag: W/"642e8d3c-15c1d"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 09 Jun 2023 07:40:12 GMT

POST
H2 204 rum Show response
cdn.pixfuture.com/cdn-cgi/ Frame 0EE3 0
159 B 41ms
41ms XHR
text/plain 2606:4700:20::681a:744
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.pixfuture.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:744 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://cdn.pixfuture.com/pixf_sync.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
content-type: application/json

Response headers

date: Thu, 08 Jun 2023 07:40:12 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://cdn.pixfuture.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 7d3f7c42ef4d8fe0-FRA

GET
H/1.1

200
OK

setuid
prebidserver.pixfuture.com/
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%24%7BBSW_UUID%7D?gdpr=&gdpr_consent=&us_privacy=
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%24%7BBSW_UUID%7D?gdpr=&gdpr_consent=&us_privacy=
https://prebidserver.pixfuture.com/setuid?bidder=grid&gdpr=&gdpr_consent=&f=i&uid=395da4e5-7a73-425d-b97d-bc53dd5eb6ea

86 B
576 B

115ms
115ms

Image
image/png

137.184.242.150
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebidserver.pixfuture.com/setuid?bidder=grid&gdpr=&gdpr_consent=&f=i&uid=395da4e5-7a73-425d-b97d-bc53dd5eb6ea
Requested by: Host: www.picuki.com
URL: https://www.picuki.com/profile/rudy_israel
Protocol: HTTP/1.1
Server: 137.184.242.150 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires: 0
pragma: no-cache
date: Thu, 08 Jun 2023 07:40:12 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 86
vary: Origin
content-type: image/png

Redirect headers

location: https://prebidserver.pixfuture.com/setuid?bidder=grid&gdpr=&gdpr_consent=&f=i&uid=395da4e5-7a73-425d-b97d-bc53dd5eb6ea
date: Thu, 08 Jun 2023 07:40:12 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 pbixcw.js Show response
cdn.pixfuture.com/ 396 KB
397 KB 47ms
46ms Script
application/javascript 2606:4700:20::681a:744
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pixfuture.com/pbixcw.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:744 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7af7adebf7aa976a359422998a621b90b8a46a16f5373c05064c6184887a2872

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:12 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 60762
cf-polished: origSize=405416
cf-bgj: minify
last-modified: Thu, 09 Feb 2023 19:58:28 GMT
server: cloudflare
etag: W/"63e55064-62fa8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WjgygwvL74EDDUylTtcqZVRMtnAnbS8NSc1yBSRFCY8OLWdunFa0BZgkNjeV6iNO0sg9AJ%2FyveE8k3Z02HFusHKoW5CT%2B9WqABRuKSTnipGV3Q3eTG8tdfwZU50Nsj4yAcSmv3%2BdqzY9F4Sd%2FAu8"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=172800, no-transform
access-control-allow-credentials: true
cf-ray: 7d3f7c43c82c8fe0-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Wed, 07 Jun 2023 15:11:10 GMT

GET
H/1.1 200
OK cwc.php Show response
served-by.pixfuture.com/www/delivery/ 5 KB
5 KB 150ms
150ms XHR
application/json 161.35.253.218
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://served-by.pixfuture.com/www/delivery/cwc.php?d=5903x1146&keywords=rudy_israel,instagram,profile,posts,stories,picukicom&refUrl=https://www.picuki.com/profile/rudy_israel&refresh=false&innerWidth=1600&w=500&h=373
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/cw/cw_ad.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 161.35.253.218 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: af34801805c5272046b85ca11e3903115878ce888aa1d9aae390e4fa60506c86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 08 Jun 2023 07:40:12 GMT
cache-control: no-cache, no-store, must-revalidate
expires: 0
transfer-encoding: chunked
content-type: application/json

GET
H2 200 agent.js Show response
cdn.prplads.com/ Frame 3C0E 74 KB
21 KB 137ms
48ms Script
application/javascript 2606:4700:20::681a:333
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prplads.com/agent.js?publisherId=843634950ae7da8212d7bc65d4f0a97e:52301e0c24b64bee47e1918518ccf6ca04407559b11da94db7a58977efa6c61b600e63c341130ae129833a140151abb43deee7f045746681acde1e0accf71bc7
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:333 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23401528f492f6bfa62f707c9ae35d94e3f3b34a2865d7761422f9ae1d5cd2af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:12 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 2GDPJGKKF2DTFQ9C
age: 4476
x-amz-id-2: I/+iXCuPFIBMO8JMiE5zo85/E+Cl73+nUizufNG8EPhV5+xTnWrAPvHuCfVQeWx/url6JQF6zWE=
cf-bgj: minify
last-modified: Mon, 05 Jun 2023 08:22:39 GMT
server: cloudflare
etag: W/"9f6a25b3ee8c7fcabb6f72b386d37b66"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ouf%2BJyruyBsx%2F3vCD9osQfQKcI34%2BG6SP6j%2BLKpMUcir2aamrBXxi0sUG2FaaCUR%2F7iZGvVoJVHhQVRUJOyD4p8SF%2F%2FfvjMgkn3S4cAvhzu6p1rDPNNI8D6seXMGVJ8AVzd3aczoUgsQQysaGg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 7d3f7c451b8a6997-FRA

GET
H2 200 pxft_iel.js Show response
cdn.pixfuture.com/ 5 KB
5 KB 47ms
47ms Script
application/javascript 2606:4700:20::681a:744
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pixfuture.com/pxft_iel.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:744 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22de3cfef032de2d4fdb9617e21c37a4e1b94d3c388eacf661428139aac3e19c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:12 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 61216
cf-bgj: minify
last-modified: Fri, 09 Dec 2022 15:37:52 GMT
server: cloudflare
etag: W/"63935650-139c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8D9gByUlr3p3R2YtrC%2FsuLoEd9APtxrDzTvXgJakzKCcBqYMQpkk8WrWACIaAReez8BPR0HajVJyxRI17jVDAirETFeWUrJJ7NwIWBLDuiIde3J17ZoiMvBrCkTdaYNYqRJX7P0D4%2BtK8JNXfupX"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=172800, no-transform
access-control-allow-credentials: true
cf-ray: 7d3f7c4498da8fe0-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Wed, 07 Jun 2023 16:23:36 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/6a105cf8-5d47-4e0a-8c4b-7c60422256d2/ 26 KB
9 KB 137ms
40ms Script
text/javascript 18.66.192.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/6a105cf8-5d47-4e0a-8c4b-7c60422256d2/tag.min.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.192.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-192-107.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 04da339baae1948d51e6ffcd4f1f118fe304f7aef2884cd164714df856f0e7f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id: 0Wki3095rBiC8xDP56.qUYf2JNRTRIn7
content-encoding: gzip
via: 1.1 66ce4848bcf993e3c57b596461cd0b82.cloudfront.net (CloudFront)
date: Thu, 08 Jun 2023 04:39:51 GMT
last-modified: Mon, 07 Nov 2022 19:46:30 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 10836
etag: W/"34bbd675e8b425becff971d5a4756c10"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: NmBRiwgMOQz3RNDGLmNEGsu9q62vzefwS4sArV5s_yrFk9pkZsKl7Q==

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 46ms
45ms Preflight
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.picuki.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.picuki.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Thu, 08 Jun 2023 07:40:12 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 275666
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 r.js Show response
aa.agkn.com/adscores/ 0
462 B 40ms
40ms Script
application/javascript 18.194.199.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aa.agkn.com/adscores/r.js?sid=9112309848
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.199.66 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-199-66.eu-central-1.compute.amazonaws.com
Software: AAWebServer /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 07:40:13 GMT
server: AAWebServer
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type: application/javascript;charset=iso-8859-1
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length: 0
expires: 0

GET
H2 200 json Show response
gum.criteo.com/sid/ 2 B
372 B 46ms
45ms XHR
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.picuki.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 07:40:12 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.picuki.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 321271
expires: 0

GET f
fid.agkn.com/ 0
0

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ 555 B
964 B 224ms
39ms Fetch
application/json 18.66.112.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/6a105cf8-5d47-4e0a-8c4b-7c60422256d2/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-32.fra56.r.cloudfront.net
Software: /
Resource Hash: f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 03:13:38 GMT
via: 1.1 57eb57a4c7d431365ab5b2e18c495bf4.cloudfront.net (CloudFront), 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6, FRA56-P5
age: 15995
x-amzn-requestid: 8fc37680-0e0d-463c-8a3a-0046471f4608
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: GLgXYE_HiYcFTcQ=
content-length: 555
x-amz-cf-id: LypzTGHDxVUrR2TCIkTsw6PqDTDEOd5HfF7lzThqOGWN1lPhr2X5uA==

GET
H2 200 beacon.min.js Show response
signal-beacon.s-onetag.com/ 22 KB
7 KB 226ms
39ms Script
application/javascript 108.138.36.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://signal-beacon.s-onetag.com/beacon.min.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-81.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c37a134e735f9a3dc9916bbed8f5e576f89b9f26537a59544d74004962b1a8ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id: h0jfx2_ld0LSppgdK5454e6x8dlC_h3s
content-encoding: gzip
via: 1.1 cb64e02e44588dfd13b2a4b2483c404c.cloudfront.net (CloudFront)
date: Thu, 08 Jun 2023 02:24:05 GMT
last-modified: Wed, 01 Mar 2023 12:13:37 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
age: 18969
x-amz-server-side-encryption: AES256
etag: W/"fd89ceeda84b55780ed4e8f97b752a7a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: eBNg4_XEPFeKEmfuEGH0z2vonJmV4ZUCJEyHjQDJddQ92f_4j2EQAg==

GET
H2 200 %2Fprofile%2Frudy_israel Show response
signal-segments.s-onetag.com/desktop/www.picuki.com/ 1 KB
611 B 223ms
39ms Fetch
application/json 108.138.36.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://signal-segments.s-onetag.com/desktop/www.picuki.com/%2Fprofile%2Frudy_israel
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/6a105cf8-5d47-4e0a-8c4b-7c60422256d2/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-2.muc50.r.cloudfront.net
Software: /
Resource Hash: 7e8032445e68301bb2e3ff634f39a0c42f9f19b8b16a79831067054e6f7720a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 20:21:36 GMT
content-encoding: gzip
via: 1.1 beaace02cc7004781239800a1c484ca0.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P2
age: 40717
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400, public
x-amz-cf-id: -qnoMb15-9FcyeiSHITB-0BFtLnlDyLTNFiDf1C6PLQgIPiUlP0fKw==
apigw-requestid: GKkAqg-iiYcEJrQ=

GET
H2 200 www.picuki.com Show response
signal-segments.s-onetag.com/desktop/ 1 KB
601 B 223ms
39ms Fetch
application/json 108.138.36.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://signal-segments.s-onetag.com/desktop/www.picuki.com
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/6a105cf8-5d47-4e0a-8c4b-7c60422256d2/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-2.muc50.r.cloudfront.net
Software: /
Resource Hash: 7e8032445e68301bb2e3ff634f39a0c42f9f19b8b16a79831067054e6f7720a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 01:11:33 GMT
content-encoding: gzip
via: 1.1 beaace02cc7004781239800a1c484ca0.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P2
age: 23320
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400, public
x-amz-cf-id: v6F6Z1B6YOHuz5SKz0eOR3gSUAPwHanrFzbkjHGMRitm114JF1LRQw==
apigw-requestid: GLOe7hKXiYcEMhw=

OPTIONS
H2 200 init
api.purpleads.io/x/ Frame 0
0 369ms
116ms Preflight 34.205.5.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.purpleads.io/x/init?ts=1686210013024
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.205.5.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-205-5-140.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,x-purpleads-version,x-request-url
Access-Control-Request-Method: GET
Origin: https://www.picuki.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization,content-type,x-purpleads-version,x-request-url
access-control-allow-origin: https://www.picuki.com
access-control-expose-headers: pa-user-id
access-control-max-age: 86400
date: Thu, 08 Jun 2023 07:40:13 GMT

GET
H2 200 init Show response
api.purpleads.io/x/ Frame 3C0E 89 B
320 B 362ms
128ms Fetch
application/json 34.205.5.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.purpleads.io/x/init?ts=1686210013024
Requested by: Host: cdn.prplads.com
URL: https://cdn.prplads.com/agent.js?publisherId=843634950ae7da8212d7bc65d4f0a97e:52301e0c24b64bee47e1918518ccf6ca04407559b11da94db7a58977efa6c61b600e63c341130ae129833a140151abb43deee7f045746681acde1e0accf71bc7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.205.5.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-205-5-140.compute-1.amazonaws.com
Software: /
Resource Hash: 0922db680b6951385301ea921f64357700c286ed20d1a16beaf95ee8486d1b43

Request headers

x-request-url: aHR0cHM6Ly93d3cucGljdWtpLmNvbS9wcm9maWxlL3J1ZHlfaXNyYWVs
accept-language: de-DE,de;q=0.9
Authorization: Bearer 843634950ae7da8212d7bc65d4f0a97e:52301e0c24b64bee47e1918518ccf6ca04407559b11da94db7a58977efa6c61b600e63c341130ae129833a140151abb43deee7f045746681acde1e0accf71bc7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: application/json
Accept: application/json
Referer: https://www.picuki.com/
x-purpleads-version: 3.0.5

Response headers

date: Thu, 08 Jun 2023 07:40:13 GMT
etag: W/"59-wf/bp/+Cw03eNhYKAEF8JmndjTw"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.picuki.com
access-control-expose-headers: pa-user-id
access-control-allow-credentials: true
content-length: 89

POST
H/1.1 200
OK tracking.php Show response
served-by.pixfuture.com/www/headerbid/library/tracking/ 0
189 B 116ms
116ms XHR
text/plain 161.35.253.218
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://served-by.pixfuture.com/www/headerbid/library/tracking/tracking.php
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 161.35.253.218 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.picuki.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 08 Jun 2023 07:40:13 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H/1.1

200
OK

setuid Show response
prebidserver.pixfuture.com/ Frame 5B2B
Redirect Chain

https://onetag-sys.com/usync/?redir=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D
https://prebidserver.pixfuture.com/setuid?bidder=onetag&gdpr=&gdpr_consent=&f=b&uid=

0
489 B

123ms
112ms

Document
text/html

137.184.242.150
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://prebidserver.pixfuture.com/setuid?bidder=onetag&gdpr=&gdpr_consent=&f=b&uid=
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 137.184.242.150 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.picuki.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 0
content-type: text/html
date: Thu, 08 Jun 2023 07:40:13 GMT
expires: 0
pragma: no-cache
vary: Origin

Redirect headers

cache-control: no-store
content-length: 0
location: https://prebidserver.pixfuture.com/setuid?bidder=onetag&gdpr=&gdpr_consent=&f=b&uid=
strict-transport-security: max-age=15552000

GET
H2 200 ev
eb2.3lift.com/ 37 B
139 B 40ms
39ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/ev?inv_code=SETUPAD_RON_970x250_Prebid_s2s&aid=7356146016655524469660&rev=a083e33&pr=0.11715032191844733&bc=0.372&bmid=5563&biid=7429&sid=66529&brid=556417&adid=&crid=161356219&ts=1686210010&bcud=372&ss=20&caid=0&unid=0&cepos=0&ceid=-1&cb=15163
Requested by: Host: www.picuki.com
URL: https://www.picuki.com/profile/rudy_israel
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:13 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H3

200

c.gif
www.bing.com/aes/
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=11722698&auId=75b266bc-8ba7-4b64-904a-3735784b9a4f&cmExpId=LV3&oAdUnit=11722698&publisherId=250152235&rId=abdfaa95-d3c8-49a1-933d-285cdbbcabcf&...
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=01e7f56633f24591b65284b4a0ba47f5&tids=15000&med=10

0
18 B

86ms
85ms

Image
text/plain

2a02:26f0:3500:1b::1724:a398
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=01e7f56633f24591b65284b4a0ba47f5&tids=15000&med=10
Requested by: Host: www.picuki.com
URL: https://www.picuki.com/profile/rudy_israel
Protocol: H3
Server: 2a02:26f0:3500:1b::1724:a398 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 07:40:13 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7CFFF7958FD044DC8864553AEEDD2A0F Ref B: FRA31EDGE0707 Ref C: 2023-06-08T07:40:13Z
x-cdn-traceid: 0.98a12417.1686210013.5db9b37
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0
quic-version: 0x00000001

Redirect headers

expires: 0
pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Thu, 08 Jun 2023 07:40:13 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9BACD1226F59487E9A444101361F6414 Ref B: VIEEDGE2315 Ref C: 2023-06-08T07:40:13Z
x-cdn-traceid: 0.98a12417.1686210013.5db9ab8
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=01e7f56633f24591b65284b4a0ba47f5&tids=15000&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 146
quic-version: 0x00000001

POST
H/1.1 200
OK cookie_sync Show response
prebidserver.pixfuture.com/ 742 B
1 KB 113ms
112ms XHR
application/json 137.184.242.150
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://prebidserver.pixfuture.com/cookie_sync
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 137.184.242.150 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 042cbbbb8a7f99d55043ecb57f1af4750d16ac5363f76a5e2b4c70e1470230b5

Request headers

Referer: https://www.picuki.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 07:40:13 GMT
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.picuki.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 742
expires: 0

POST
H/1.1 200
OK auction Show response
prebidserver.pixfuture.com/openrtb2/ 297 B
621 B 233ms
233ms XHR
application/json 137.184.242.150
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://prebidserver.pixfuture.com/openrtb2/auction
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 137.184.242.150 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 738c44f3dcedae37e973047211f1c9992695a71e710e433bec10f2d0278d8b4d

Request headers

Referer: https://www.picuki.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 07:40:13 GMT
x-prebid: pbs-go/unknown
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.picuki.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 297
expires: 0

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
157 B 41ms
40ms XHR
text/plain 3.73.198.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.73.198.78 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-73-198-78.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.picuki.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.picuki.com
date: Thu, 08 Jun 2023 07:40:13 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ 286 B
2 KB 176ms
175ms XHR
application/json 69.166.1.14
AS-XFERNET

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%221491ac7e3260a71%22%3A%224e0678e42ba7153d83b4%7C%22%2C%221554849f8ade0af%22%3A%22833199e4bd4003904bc3%7C%7Cf%3D0.3%22%7D&ref=https%3A%2F%2Fwww.picuki.com%2Fprofile%2Frudy_israel&s=c5ddaed8-4b86-4a40-8f78-49d4ae58a62c&pv=c52c6f31-7e46-4b2c-a12d-131f71a0a6e3&vp=desktop&lib_name=prebid&lib_v=6.25.0-pre&us=0&fpd=%7B%22site%22%3A%7B%22content%22%3A%7B%22id%22%3A%225903x1146%22%2C%22url%22%3A%22https%3A%2F%2Fcdn.pixfuture.com%2Fcontent_widget_video%2Fvideo_5903_1146.mp4%22%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22pixfuture.com%22%2C%22sid%22%3A%225903%22%2C%22hp%22%3A1%7D%5D%7D&userid=%7B%22id5id%22%3A%220%22%2C%22pubcid%22%3A%22dd440342-4b7d-4c0b-9152-0ed9341d1522%22%7D&eids=%5B%7B%22source%22%3A%22id5-sync.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22linkType%22%3A0%7D%7D%5D%7D%2C%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22dd440342-4b7d-4c0b-9152-0ed9341d1522%22%2C%22atype%22%3A1%7D%5D%7D%5D&kw=rudy_israel%2Cinstagram%2Cprofile%2Cposts%2Cstories%2Cpicukicom&coppa=0

Requested by

Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

69.166.1.14 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

7a2af4d72a651950413c444e8ecc6da7c6558bbadebf7535b079505bdbbe8c73

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.picuki.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 08 Jun 2023 07:40:13 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-5-115
Content-Type: application/json
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.picuki.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Length: 311
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
60 B 48ms
47ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.picuki.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.picuki.com
date: Thu, 08 Jun 2023 07:40:12 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 arj Show response
pixfuture2-d.openx.net/w/1.0/ 73 B
145 B 52ms
52ms XHR
application/json 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://pixfuture2-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.picuki.com%2Fprofile%2Frudy_israel&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=2d4a4b9a-8721-45cf-934a-2af1b2ba0f08%2C2d4a4b9a-8721-45cf-934a-2af1b2ba0f08&nocache=1686210013103&id5id=0&pubcid=dd440342-4b7d-4c0b-9152-0ed9341d1522&schain=1.0%2C1!pixfuture.com%2C5903%2C1%2C%2C%2C&aus=300x250%2C320x50%2C640x480%7C300x250%2C320x50%2C640x480&divids=5903x1146%2C5903x1146&aucs=%2C&auid=542528368%2C540580840&tps=bXlrZXl3b3JkPXJ1ZHlfaXNyYWVsLGluc3RhZ3JhbSxwcm9maWxlLHBvc3RzLHN0b3JpZXMscGljdWtpY29tJm15b3RoZXJrZXl3b3JkPXJ1ZHlfaXNyYWVsLGluc3RhZ3JhbSxwcm9maWxlLHBvc3RzLHN0b3JpZXMscGljdWtpY29t%2CbXlrZXl3b3JkPXJ1ZHlfaXNyYWVsLGluc3RhZ3JhbSxwcm9maWxlLHBvc3RzLHN0b3JpZXMscGljdWtpY29tJm15b3RoZXJrZXl3b3JkPXJ1ZHlfaXNyYWVsLGluc3RhZ3JhbSxwcm9maWxlLHBvc3RzLHN0b3JpZXMscGljdWtpY29t
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 92813fc83e52b2ebc494465b144483d07e7552fc936261292c1ffa977d0118f3

Request headers

Referer: https://www.picuki.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 07:40:13 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: application/json
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.picuki.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 338 B
343 B 50ms
50ms XHR
application/json 34.120.63.153
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUIUMTP7
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 153.63.120.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 3e1bb5f844aed425ea2db4d5186accd6eff6898152edfe13eca5bc4ada23dfcd

Request headers

Referer: https://www.picuki.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 07:40:13 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.picuki.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 08 Jun 2023 07:40:13 GMT

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 173 B
405 B 152ms
47ms XHR
application/json 52.58.4.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.4.68 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-4-68.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 98a8b7a18e13ec8637b1d3b4b251ab8aa463bb729516edc2dc3fb5f6f5ede91c

Request headers

Referer: https://www.picuki.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 07:40:13 GMT
content-encoding: gzip
x-prebid: pbs-java/1.120.0
content-type: application/json
access-control-allow-origin: https://www.picuki.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 169
expires: 0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 12 KB
5 KB 169ms
169ms XHR
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23564&site_id=400550&zone_id=2245168&size_id=15&alt_size_ids=43%2C65&p_pos=atf&rp_schain=1.0,1!pixfuture.com,5903,1,,,&eid_id5-sync.com=0%5E1%5E&eid_pubcid.org=dd440342-4b7d-4c0b-9152-0ed9341d1522%5E1&rf=https%3A%2F%2Fwww.picuki.com%2Fprofile%2Frudy_israel&tk_flint=pbjs_lite_v6.25.0-pre&x_source.tid=2d4a4b9a-8721-45cf-934a-2af1b2ba0f08&l_pb_bid_id=27b517749cd712e&p_screen_res=1600x1200&rp_floor=0.1&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9233076339053863
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 08375cdc46e0a577ddc945eea319f931af6ac662015738956b7e3f6463a08161

Request headers

Referer: https://www.picuki.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 07:40:13 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.picuki.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
556 B 76ms
76ms XHR
application/json 5.196.111.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.196.111.65 Le Grau-du-Roi, France, ASN16276 (OVH, FR),
Reverse DNS: ip65.ip-5-196-111.eu
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.picuki.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 07:40:13 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.picuki.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
556 B 77ms
77ms XHR
application/json 5.196.111.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.196.111.65 Le Grau-du-Roi, France, ASN16276 (OVH, FR),
Reverse DNS: ip65.ip-5-196-111.eu
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.picuki.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 07:40:12 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.picuki.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK / Show response
ghb.adtelligent.com/v2/auction/ 2 KB
1 KB 260ms
259ms XHR
application/json 2a06:8640:799:0:ec4:7aff:fe6e:a48e
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/v2/auction/
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:8640:799:0:ec4:7aff:fe6e:a48e Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 8e8d1b84d90889ff0de395c4837ca2affef95d29e82b9b0f2253d75bfb20c240

Request headers

Referer: https://www.picuki.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 08 Jun 2023 07:40:13 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://www.picuki.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 794

POST
H2 204 25 Show response
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 0
148 B 42ms
42ms XHR
text/plain 2a02:fa8:8806:12::1460
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.picuki.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.picuki.com
pragma: no-cache
date: Thu, 08 Jun 2023 07:40:13 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: 0

GET
H/1.1

200
OK

setuid Show response
prebidserver.pixfuture.com/ Frame DA1B
Redirect Chain

https://onetag-sys.com/usync/?redir=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D
https://prebidserver.pixfuture.com/setuid?bidder=onetag&gdpr=&gdpr_consent=&f=b&uid=

0
489 B

182ms
113ms

Document
text/html

137.184.242.150
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://prebidserver.pixfuture.com/setuid?bidder=onetag&gdpr=&gdpr_consent=&f=b&uid=
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 137.184.242.150 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.picuki.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 0
content-type: text/html
date: Thu, 08 Jun 2023 07:40:13 GMT
expires: 0
pragma: no-cache
vary: Origin

Redirect headers

cache-control: no-store
content-length: 0
location: https://prebidserver.pixfuture.com/setuid?bidder=onetag&gdpr=&gdpr_consent=&f=b&uid=
strict-transport-security: max-age=15552000

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C3DF 42 B
404 B 179ms
76ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvLvrqzPdiu0Y6gXOhL6VGhn6tTXqHM1Iwq8K6kmbfVerngM80DP8vi4ZKK9mNKcmAme96-2TL9DmMCCJ42jWE0lUrJSM-cDZvH_hwM7CN5lXOVx6v1&sig=Cg0ArKJSzFb4EvmhdJxREAE&id=lidar2&mcvt=1002&p=72,315,322,1285&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20230607&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2785966052&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1686210011193&rpt=995&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-e09f10f-032e20a2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 07:40:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
api.purpleads.io/x/v2/b/ Frame 3C0E 4 KB
2 KB 350ms
152ms Fetch
application/json 34.205.5.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.purpleads.io/x/v2/b/?idx=0&pid=ca307ec1213448a0a7ea4c6e1522d041&sizes=[[300,250],[300,250],[200,200],[250,250],[300,100]]&slotid=7371cd68-d679-4b10-8c99-7053d823db67&ts=1686210013228
Requested by: Host: cdn.prplads.com
URL: https://cdn.prplads.com/agent.js?publisherId=843634950ae7da8212d7bc65d4f0a97e:52301e0c24b64bee47e1918518ccf6ca04407559b11da94db7a58977efa6c61b600e63c341130ae129833a140151abb43deee7f045746681acde1e0accf71bc7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.205.5.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-205-5-140.compute-1.amazonaws.com
Software: /
Resource Hash: 2a8ea770f8f8aaeeef42de4c5382cfa282da181bf50da0724ee08dde94a26f1a

Request headers

x-request-url: aHR0cHM6Ly93d3cucGljdWtpLmNvbS9wcm9maWxlL3J1ZHlfaXNyYWVs
accept-language: de-DE,de;q=0.9
Authorization: Bearer 843634950ae7da8212d7bc65d4f0a97e:52301e0c24b64bee47e1918518ccf6ca04407559b11da94db7a58977efa6c61b600e63c341130ae129833a140151abb43deee7f045746681acde1e0accf71bc7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: application/json
Accept: application/json
Referer: https://www.picuki.com/
x-purpleads-version: 3.0.5

Response headers

date: Thu, 08 Jun 2023 07:40:13 GMT
content-encoding: br
pa-user-id: fee7587b-87f1-48d9-b711-e5199e84e7d2
etag: W/"e69-+iwlcJDVwuoptW3O/z5rhUBEBxk"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.picuki.com
access-control-expose-headers: pa-user-id
access-control-allow-credentials: true

OPTIONS
H2 200 /
api.purpleads.io/x/v2/b/ Frame 0
0 201ms
152ms Preflight 34.205.5.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.purpleads.io/x/v2/b/?idx=0&pid=ca307ec1213448a0a7ea4c6e1522d041&sizes=[[300,250],[300,250],[200,200],[250,250],[300,100]]&slotid=7371cd68-d679-4b10-8c99-7053d823db67&ts=1686210013228
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.205.5.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-205-5-140.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,x-purpleads-version,x-request-url
Access-Control-Request-Method: GET
Origin: https://www.picuki.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization,content-type,x-purpleads-version,x-request-url
access-control-allow-origin: https://www.picuki.com
access-control-expose-headers: pa-user-id
access-control-max-age: 86400
date: Thu, 08 Jun 2023 07:40:13 GMT

GET
H2

200

/ Show response
ads.us.e-planning.net/uspd/1/ Frame 637C
Redirect Chain

https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID

3 KB
1 KB

43ms
43ms

Document
text/html

193.3.178.3
E-PLANNING-

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: af46bfc9d699a83ae8aeb7257b3f01302776ac050a83339474a5cb78c44f7eda

Request headers

Referer: https://www.picuki.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0, no-cache
content-encoding: gzip
content-type: text/html
date: Thu, 08 Jun 2023 07:40:13 GMT
expires: Thu, 08 Jun 2023 07:40:13 GMT
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server: openresty
x-sid: AMS-928

Redirect headers

content-type: text/html; charset=iso-8859-1
date: Thu, 08 Jun 2023 07:40:13 GMT
location: /uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server: openresty
x-sid: AMS-928

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 3C08 261 B
457 B 176ms
79ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYidrjwAEwAQ&v=APEucNUjPIlKo3Fvjwsuc79yOAVYjjgG3a-vI-CGpMzqfeLYeSthvn_hHr5McPINEkLWGLQZvobSTW1rngc3a-CRV0fal_LGZQSTw3NQmV93ECFnoHp6iNxPSlRdwhrZTOTaPKONC1rzkFtpiNLtMtczY5lXtSjIqLqDwTIBmtH_5U73hWrPbr8

Requested by

Host: www.picuki.com
URL: https://www.picuki.com/profile/rudy_israel

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8e7c0b0b1c36228ba736e564a00405f72bf3b6bcfe6ac826cde2b6b9c14e55ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.picuki.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 102
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 08 Jun 2023 07:40:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 2C97 78 KB
28 KB 180ms
93ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: www.picuki.com
URL: https://www.picuki.com/profile/rudy_israel

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 08 Jun 2023 07:40:13 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2C97 42 B
63 B 156ms
74ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Bdqt45s7L6KS9U2UlPPDpx8PMO5PyTclyau5kQqBe9paBaJmSq-4HSXQr2DeujCfNEtbSwU-Qj8L7N2mR-YDfSq9KJ5vHtDV48g7rmj4NWS0fOtsQ

Requested by

Host: www.picuki.com
URL: https://www.picuki.com/profile/rudy_israel

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 07:40:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2C97 0
20 B 156ms
75ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=2546406033580412154&x=8&ct=76

Requested by

Host: www.picuki.com
URL: https://www.picuki.com/profile/rudy_israel

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 07:40:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 d363abfc-2680-406e-9edb-a6f8146e848b
beacon-ams3.rubiconproject.com/beacon/d/ Frame 2C97 43 B
227 B 174ms
40ms Image
image/avif 2602:803:c003:200::57
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beacon-ams3.rubiconproject.com/beacon/d/d363abfc-2680-406e-9edb-a6f8146e848b?oo=0&accountId=23564&siteId=400550&zoneId=2245168&sizeId=43&e=6A1E40E384DA563BE891063F3F68EA66D77DF7E7BA7B293D202CE004F38B544E55BE925209DEDC2372505CC2413DC4645ABF4BC26238BE18097EC4D891C646EE5201212E06AC63A6028B41E57E026A86BC9995CA8FFF9ED1A37CDD3A0D7550FD1FADC277CD79CD5F7AF3217AC654A7360A946B48E097E6483F1499DD516D246E2605645952F60178B6DFE8E64FD9D57E5886B6535B5B57640BE0F378BD86BB5A6DC3E4741E24FB1D2C8603E315740EF07DF945C6A593AD86CDA10306204D320B

Requested by

Host: www.picuki.com
URL: https://www.picuki.com/profile/rudy_israel

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2602:803:c003:200::57 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),

Reverse DNS

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 07:40:12 GMT
x-content-type-options: nosniff
x-frame-options: DENY
content-type: image/avif
cache-control: private, max-age=0, no-cache
content-length: 43
x-xss-protection: 1; mode=block
expires: 01 Jan 1970 10:00:00 GMT

POST
H/1.1 200
OK cw_tracking.php Show response
served-by.pixfuture.com/www/headerbid/library/tracking/ 0
189 B 117ms
117ms XHR
text/plain 161.35.253.218
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://served-by.pixfuture.com/www/headerbid/library/tracking/cw_tracking.php
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/cw/cw_ad.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 161.35.253.218 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.picuki.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 08 Jun 2023 07:40:13 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H/1.1 204
No Content pixel
ap.lijit.com/ 0
277 B 56ms
56ms Image
text/plain 216.52.2.91
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID
Requested by: Host: www.picuki.com
URL: https://www.picuki.com/profile/rudy_israel
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.91 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 08 Jun 2023 07:40:13 GMT
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT

GET
H2

200

/ Show response
ads.us.e-planning.net/uspd/1/ Frame D5AC
Redirect Chain

https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID

3 KB
1 KB

42ms
37ms

Document
text/html

193.3.178.3
E-PLANNING-

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: af46bfc9d699a83ae8aeb7257b3f01302776ac050a83339474a5cb78c44f7eda

Request headers

Referer: https://www.picuki.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0, no-cache
content-encoding: gzip
content-type: text/html
date: Thu, 08 Jun 2023 07:40:13 GMT
expires: Thu, 08 Jun 2023 07:40:13 GMT
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server: openresty
x-sid: AMS-928

Redirect headers

content-type: text/html; charset=iso-8859-1
date: Thu, 08 Jun 2023 07:40:13 GMT
location: /uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server: openresty
x-sid: AMS-928

GET
H2 204 pixelSync
pixel.sitescout.com/dmp/ Frame 637C 0
187 B 143ms
42ms Image
text/plain 98.98.134.241
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D719ef7d6c453fa93
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: A /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Thu, 08 Jun 2023 07:40:13 GMT
cache-control: max-age=0,no-cache,no-store
server: A
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

um
u-ams03.e-planning.net/ Frame 637C
Redirect Chain

https://sync.admanmedia.com/pbs.gif?redir=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D9937b3fd6e9a979a%26fi%3D719ef7d6c453fa93%26uid%3D%5BUID%5D
https://u-ams03.e-planning.net/um?dc=9937b3fd6e9a979a&fi=719ef7d6c453fa93&uid=512c8d1a-6218-40f6-b0fd-0f93a0625f6f

42 B
103 B

40ms
38ms

Image
image/gif

193.3.178.3
E-PLANNING-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-ams03.e-planning.net/um?dc=9937b3fd6e9a979a&fi=719ef7d6c453fa93&uid=512c8d1a-6218-40f6-b0fd-0f93a0625f6f
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol: H2
Server: 193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

server: openresty
date: Thu, 08 Jun 2023 07:40:14 GMT
content-type: image/gif

Redirect headers

Location: https://u-ams03.e-planning.net/um?dc=9937b3fd6e9a979a&fi=719ef7d6c453fa93&uid=512c8d1a-6218-40f6-b0fd-0f93a0625f6f
Date: Thu, 08 Jun 2023 07:40:13 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked

GET
H2 200 lotame20230117.js Show response
s.e-planning.net/esb/4/0/1992d/876bf12ed75fef1e/ Frame 637C 676 B
575 B 146ms
39ms Script
application/x-javascript 193.3.178.2
E-PLANNING-

General

Check archive.org

Show headers Download Go to

Full URL: https://s.e-planning.net/esb/4/0/1992d/876bf12ed75fef1e/lotame20230117.js
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.178.2 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: s.e-planning.net
Software: openresty /
Resource Hash: 631e4c0cb82e03a77dbf7111e8303534d183747050352701d0483b4bdbd3ec81

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:12 GMT
content-encoding: gzip
last-modified: Tue, 17 Jan 2023 20:00:05 GMT
server: openresty
etag: W/"63c6fe45-2a4"
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=157680000
expires: Tue, 06 Jun 2028 07:40:12 GMT

GET
H2

200

um
u-ams03.e-planning.net/ Frame 637C
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D719ef7d6c453fa93%26uid%3D%24UID
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=719ef7d6c453fa93&uid=2010292523365572458

42 B
104 B

138ms
39ms

Image
image/gif

193.3.178.3
E-PLANNING-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=719ef7d6c453fa93&uid=2010292523365572458
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol: H2
Server: 193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

server: openresty
date: Thu, 08 Jun 2023 07:40:13 GMT
content-type: image/gif

Redirect headers

Date: Thu, 08 Jun 2023 07:40:13 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 9d475546-1a77-4e48-a812-d283b3f3303b
Server: nginx/1.23.4
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=719ef7d6c453fa93&uid=2010292523365572458
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

um
u-ams03.e-planning.net/ Frame 637C
Redirect Chain

https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3D719ef7d6c453fa93%26uid%3D%24UID&partner=eplanning
https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=719ef7d6c453fa93&uid=ua-b2417b94-1c48-3964-97db-0ba5156b743c

42 B
103 B

39ms
38ms

Image
image/gif

193.3.178.3
E-PLANNING-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=719ef7d6c453fa93&uid=ua-b2417b94-1c48-3964-97db-0ba5156b743c
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol: H2
Server: 193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

server: openresty
date: Thu, 08 Jun 2023 07:40:14 GMT
content-type: image/gif

Redirect headers

location: https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=719ef7d6c453fa93&uid=ua-b2417b94-1c48-3964-97db-0ba5156b743c
pragma: no-cache
date: Thu, 08 Jun 2023 07:40:13 GMT
cache-control: no-store
content-length: 0
expires: 0

GET
H/1.1 200
OK us
sync.go.sonobi.com/ Frame 637C 0
498 B 524ms
121ms Image
text/plain 69.166.1.10
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=%0A%0Ahttps%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De52415579699e09f%26fi%3D719ef7d6c453fa93%26uid%3D%5BUID%5D

Requested by

Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jun 2023 07:40:14 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-5-29
Content-Type: text/plain; charset=utf8
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 prebid
rtb.openx.net/sync/ Frame 637C 43 B
245 B 156ms
50ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D719ef7d6c453fa93%26uid%3D%24%7BUID%7D
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 07:40:13 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H2

400

um
u-ams03.e-planning.net/ Frame 637C
Redirect Chain

https://cookies.nextmillmedia.com/sync?type=image&gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%5BNMUID%5D%26dc%...
https://u-ams03.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=719ef7d6c453fa93

0
0

40ms
37ms

Image
text/html

193.3.178.3
E-PLANNING-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-ams03.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=719ef7d6c453fa93
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol: H2
Server: 193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Redirect headers

location: https://u-ams03.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=719ef7d6c453fa93
date: Thu, 08 Jun 2023 07:40:13 GMT
server: fasthttp
content-length: 0

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 3BBC
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu

281 B
554 B

146ms
46ms

Document
text/html

23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 08 Jun 2023 07:40:13 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Thu, 08 Jun 2023 07:40:13 GMT
location: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
server: AkamaiGHost
server-timing: ak_p; desc="1686210013684_390277187_9868107_92_566_39_0_255";dur=1

GET
H/1.1

200
OK

usermatch Show response
ssum.casalemedia.com/ Frame 11DD
Redirect Chain

https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D719ef7d6c453fa93%26uid%3D
https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D719ef7d6c453fa93%26uid%3D&s=190243&C=1

2 KB
2 KB

43ms
43ms

Document
text/html

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D719ef7d6c453fa93%26uid%3D&s=190243&C=1
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: 4b4aa1d5474097fdf9630085daa177eca372e5cbb48086b20937b6eee37c698d

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache
Connection: Keep-Alive
Content-Length: 1818
Content-Type: text/html
Date: Thu, 08 Jun 2023 07:40:13 GMT
Expires: 0
Keep-Alive: timeout=1, max=499
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Server: Apache

Redirect headers

Cache-Control: no-cache
Connection: Keep-Alive
Content-Length: 0
Date: Thu, 08 Jun 2023 07:40:13 GMT
Expires: 0
Keep-Alive: timeout=1, max=500
Location: /usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D719ef7d6c453fa93%26uid%3D&s=190243&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Server: Apache

GET
H2 200 navegg_2022_01_br.html Show response
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame 2B4D 1 KB
999 B 140ms
39ms Document
text/html 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 Cantonment, United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=157680000
cf4age: 0
cf4ttl: 157680000.000
content-encoding: gzip
content-length: 624
content-type: text/html
date: Thu, 08 Jun 2023 07:40:13 GMT
etag: W/"61ddbb71-5f5"
expires: Thu, 02 Mar 2028 17:17:56 GMT
last-modified: Tue, 11 Jan 2022 17:16:33 GMT
server: CFS 0215
x-cf-reqid: 614cd6e6569f05da4958527e8bb7b5fd
x-cf-tsc: 1677950277
x-cf1: 29080:fJ.fra2:co:1585621119:cacheN.fra2-01:H
x-cf2: H
x-cf3: M
x-cff: B

GET
H2 204 /
onetag-sys.com/usync/ Frame 13FD 0
0 48ms
43ms Document
text/plain 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=5927d926323dc2c

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 200 / Show response
spl.zeotap.com/ Frame EC63 9 KB
2 KB 157ms
57ms Document
text/html 2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e0eee7b1d72692e66abf92dd915509aa6132737cf324f50ed32db0f76042bfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://ads.us.e-planning.net
cf-cache-status: DYNAMIC
cf-ray: 7d3f7c49df86902e-FRA
content-encoding: br
content-type: text/html
date: Thu, 08 Jun 2023 07:40:13 GMT
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
via: 1.1 google
x-content-type-options: nosniff

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2C97 0
20 B 74ms
73ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=510740750058&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 07:40:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2C97 0
20 B 74ms
74ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=510740750058&version=m202301230201&ct=76&x=8&cor=2546406033580412000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 07:40:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 2C97 93 KB
37 KB 96ms
95ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DfX50in7o-4DJpx4kjK3Ht3k76LhMUEPrji_n8qeDHoMeZNRr2rx6Mxsh_RNxt-d8WYe90Lcde5SfDepF7RKTN57Npe3hPhWNymHpd_JLm6e81F8_H0JxHkBC38cUrVnKcmfcA64X-0QcRwKmd37BqWTIvoV3EOmvtJI6kGygNESuTg5M&dbm_d=AKAmf-BhiN54I83_43RWOEuycdlgWdqHXRBEKxHYenJGTrnCMQQNAClY9UDPEs0yYcMQE1oka4X5DMuw96O4-TNQ_t81lX34ASeEYo8Ep9FrHQyKWdd172iFG7Wn_tw-LP28G8gbsZlG02xqYUNX_ni8p5uE2gWDh1_6eY1kSrT3kYsSS8eYprz4wbePwWWlj5m4TcTr6lVLHyRFtLt8UdTax5vVHewE3M7QCmglQVJL2rGMt4tBIUTDAPBXrWWf9DKj7Lx-61V68orP1JkJtd8J22P_5EAcSY1NIC1e4UMSWv1PGLM6q0CuPBBbIrpS2ADzkSaHiUevjdeSy8z47-8Ksp0t2CzznaV0rEqMKsn0tcbduPOBshzTkTAc9Dz0w9equzf5Xzi6KPYz0dSNQ7TTwJxBqpsUPgxaaguuKDgQ_j8_G2UiACBzmLS5FR1S__V7Nw3JGXAk0Ff9bjRdMo0nktVm-8nznQNECFLiXG5oYWmdQrui2MwhRFHFvDLMo8BFR7m8UkzzdrNhoLYEn50TbZ92ZfpxV4OcQ2ckwTiTEgbeZ3J0U7YGdBw_ehKqO0iNyD2GSCt9y67VH0RnHYH5a6wBH4GwF8edUDaMez8z9IaKCyPRqwK0jr_Rjb_-9XTIdcKs90OOaDu8x2s1n3eZHAdQUCdG4BrL5TCyxcx-KmQTxX6y2N_czYlynH9agfdM6TVnNNa54uy52vzXCY4t-gAG2XXIQKfUJTS6KZCyq8O8TeuOffJpnupJBLg1q3rWofjZ82oAoIS9T1R_nSchXc7iiN4Ymi6pHwHWb-VjfbGEN09PWUDU_UU85UgeSkDTxii8ZToJrP1OUuJxBp5SkqbedTyGqzmqjYmwbFWnFcxCaV0a_MtG5Tion5aR8YsQrZ7U5OMuqAegL9lXmfoGENIBCuZy8avG-sqYUxfAubqLyZ-pN4-L2-Zl1b6kiclpz4crFfMPHIOZB3h7pqjQ_mWAaIQ327SFXU-DWQ-QYj4qXhiVFrNFYNurSQhvVNqrWUB_qWYDtcZIkVzA91yDJqBxr2kxeJ1m5_Ys37L7YcmoVYmZiQifbZ0wFmDt2yCaRk796hJyM-u15js4hd4ZgEVev7OOpDq2ntUcdNRoypwLfJkZ-Q_rXOY67mrCe6dWQAgwazq4U7ukMHe-_h2DG3cpUCGeKt9K532KimitYdi3X6NLNFXY--jME-dUErtOw_MAtvnbWWoHKZPlpG86ovumdCOnElWfaXvTh9Y6CZOlWXf4GyPthRkCiK0o8V6nCnKnidQHl9y4effhG8wHwdhieMXe541R54KKkm8RouGLpzkRUsOVXnCNSepTeCjslxte1AaQBNXU0MsmgBFmkTQjLDZgzgYmaTlD1dDQy-iTO_Su0N-AoOcYWJXrn2q3JtCVRm3o_B6QkasW17tX0qf7mLXCD8lKPcn6iPXiyMr7a7KKR8bEwt7NDHwkANRM76SOsWocc-BBFFLaVBNbnBHrT394qazCVy5hPqIIRkRxt8MJTXm6rSv0AJcehtxwtwfeOfqRVBoJ1CCa724fbHCS_Yt-ISZjZG7FrUISq0T5CuUyJniJD8pZH7Uv8qqwxh2blvpD1iqw8J6zdmRhgj7Os-8U7atCzVznIcXHg7b2UIHSf6qHNNSFiMcpDmlVa9rCPkewqqPdnvOj-Bi_NJVni0nnucOodMhi2WjRtrZ1F_qLyJRq4kTVpQtgp4CX_HB_MWCx6StjtV3rTqTxpLfOWRM1F6ZnkvlnkTnKReKANuuRWDUY31oWd3wvqHigYrtZ9tkYiuTqiNbQ9hRtarfVpzvQ45YC0b5ZgTJqn8IWLaw9z8HG3eGyq0MvqLRTz-jM3w9L2dozLBLWq0fER_yhdwyhFH4ezR9iWuuXnrYbuAibAGFzTkY80rZCZPS7suf45PgPc2n3jD0dOYYJ3I7H02FpzlE6QArIbNA4hmjgW4oz8eXKNTAkdHSLMM_QZJ4pqUB5IvB5ATV5p1XF6TE340a-h0OLSPSUBvhXmihmO6KoXyEBAFxM-q0Dea5WIuYB3OYj0cInd0bHLESVs0QV4ETlAYox8FQm2VJYEFQyYPCgZ5wriL3GJRmq805FVW1Y8UVSeorxY6SYgLyFUkNmEdMyDdmdYosNaEj6uuI-C-WKz5eKIaG1tJ5xaxkKV3OINXHtshqywAfJynsTLpGIrTb2p2e0vAVKw-nEEnap0xdHwTd1Hr3MGqjLoI2NWiOzxJuBG1etsaCKt7Px6a4qsZcVmKDIYo_nO6jca1bdh9zmWspJaqNDP7mQygIsrtpbGDQxlHdS7wwmKC_1zgR6Gpbcum93MTSKAJfus4FbIKI9GBdAJoGOFvhXQiKSVjYhwN9SdhqbNAZC6tAtBuRINwoXUHkGDVJqCGuvU8BZO5nlRNOlcmvYOlNjIjiE_2h2bs_K_dPzRaWWJvV8Ih_TBXtzR5aQKgSYiGB4ZSP2hdLOUNf3F8uA_NvcajrVhWUNL-AvHQbyB3W2w2sEUS3aocA1-j2zoFf4bAvSucovK8AVm6zw0m1rKW4K3UP64F9BObPZ-wCpFI6aIiSR8sMUSKB-6QeFgprr-dFzJLBmHPQB7JADA1lXxCLrrLK49xeFd8gGn4G4TxZURXhkyeCTDD9D0DeTLFeZvbViP9-b2T9tqTQYDU05InGGLG3LH7pn58DcoN5EA1DRDPy0mZkatdNFeCVvbd62d32CKy-Y7tdW_EwUbOjSRE6c_daiFh7_e7tHcFT7UCChjXtkAtDSzUTII8CoYl7aqcfftqXCRbgjIc_fvRfUvYM6lpjKMlrHPHzn4_aRu4LiIEhrQmPq620rZiwsm3eoheAkvUn6LAKPAvPiONdaLCzAVHNczjedaQSkP3rX8abLZ_diwSzbsk23A7bVnWdjt0MQB5tPt6ijvZDpaWkypjHSRKC__PFr5Mu1cRXkE2fHqh3SsQK_p3W0-bo0OPq4FXm_QFaNQfBikBk-jjjPQ_RJ_gai5EggBg-3Rbh7aqRN5FjNs12lJfxtxWhaOXQb7Pzh5iq0aE3lAMo3EXWoUkiLBkj8IS5wZ7PtUn1g1yW3TgA8FPc6NJuXd0cfqXANnVdRsq8dpIwYUXjO-x0BUed-niVwJ1FdEOMR-8ilLwiOX6Kiks6-augd66S-FBR68waEleUZsO6xFq-KTEqQ6jk-3zFAuaps2kzczSRyTlT0qmInFTykgZ2o5sGk4L4lmz785Gmd2iQR2cwxz1YXw8opF7DK-kVTPJh3J4vaG4sP438wiTUBQF4UrbUuaw0BTFlyq8yI5JxpUyg0nJNm2nYOySGWXYxygrEv0IvpvMdDclC6aoP5FI3-XhjUBca-IPU1U8foAZPAWmutvQEjffjoHO6EVSDzGy5M&pr=8%3AD73E50BD9878A329&cid=CAQSMgBygQiDovgQTslmFd8N_IrejDiw2CNNfOjntqZ7rKJbbw7v99Gk_F0mtGBhGuElPPOPGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.picuki.com%2Fprofile%2Frudy_israel&ds=l&xdt=0&iif=1&cor=2546406033580412000&adk=228305431&idt=221&cac=0&dtd=56

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b52a8fbe42adbf76a7913564e0ed4591fd6352c4fb356c0040c80125b0dfb5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 07:40:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37978
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 pixelSync
pixel.sitescout.com/dmp/ Frame D5AC 0
187 B 60ms
42ms Image
text/plain 98.98.134.241
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D719ef7d6c453fa93
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: A /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Thu, 08 Jun 2023 07:40:13 GMT
cache-control: max-age=0,no-cache,no-store
server: A
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

um
u-ams03.e-planning.net/ Frame D5AC
Redirect Chain

https://sync.admanmedia.com/pbs.gif?redir=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D9937b3fd6e9a979a%26fi%3D719ef7d6c453fa93%26uid%3D%5BUID%5D
https://u-ams03.e-planning.net/um?dc=9937b3fd6e9a979a&fi=719ef7d6c453fa93&uid=23203a34-96d5-4928-aeba-f249f1859c57

42 B
103 B

52ms
42ms

Image
image/gif

193.3.178.3
E-PLANNING-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-ams03.e-planning.net/um?dc=9937b3fd6e9a979a&fi=719ef7d6c453fa93&uid=23203a34-96d5-4928-aeba-f249f1859c57
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol: H2
Server: 193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

server: openresty
date: Thu, 08 Jun 2023 07:40:14 GMT
content-type: image/gif

Redirect headers

Location: https://u-ams03.e-planning.net/um?dc=9937b3fd6e9a979a&fi=719ef7d6c453fa93&uid=23203a34-96d5-4928-aeba-f249f1859c57
Date: Thu, 08 Jun 2023 07:40:13 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked

GET
H2 200 lotame20230117.js Show response
s.e-planning.net/esb/4/0/1992d/876bf12ed75fef1e/ Frame D5AC 676 B
574 B 61ms
40ms Script
application/x-javascript 193.3.178.2
E-PLANNING-

General

Check archive.org

Show headers Download Go to

Full URL: https://s.e-planning.net/esb/4/0/1992d/876bf12ed75fef1e/lotame20230117.js
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.178.2 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: s.e-planning.net
Software: openresty /
Resource Hash: 631e4c0cb82e03a77dbf7111e8303534d183747050352701d0483b4bdbd3ec81

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:12 GMT
content-encoding: gzip
last-modified: Tue, 17 Jan 2023 20:00:05 GMT
server: openresty
etag: W/"63c6fe45-2a4"
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=157680000
expires: Tue, 06 Jun 2028 07:40:12 GMT

GET
H2

200

um
u-ams03.e-planning.net/ Frame D5AC
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D719ef7d6c453fa93%26uid%3D%24UID
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=719ef7d6c453fa93&uid=2010292523365572458

42 B
103 B

84ms
39ms

Image
image/gif

193.3.178.3
E-PLANNING-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=719ef7d6c453fa93&uid=2010292523365572458
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol: H2
Server: 193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

server: openresty
date: Thu, 08 Jun 2023 07:40:13 GMT
content-type: image/gif

Redirect headers

Date: Thu, 08 Jun 2023 07:40:13 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 53d8555f-3a61-432c-8592-a89ea594e34b
Server: nginx/1.23.4
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=719ef7d6c453fa93&uid=2010292523365572458
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

um
u-ams03.e-planning.net/ Frame D5AC
Redirect Chain

https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3D719ef7d6c453fa93%26uid%3D%24UID&partner=eplanning
https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=719ef7d6c453fa93&uid=ua-b2417b94-1c48-3964-97db-0ba5156b743c

42 B
103 B

39ms
38ms

Image
image/gif

193.3.178.3
E-PLANNING-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=719ef7d6c453fa93&uid=ua-b2417b94-1c48-3964-97db-0ba5156b743c
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol: H2
Server: 193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

server: openresty
date: Thu, 08 Jun 2023 07:40:14 GMT
content-type: image/gif

Redirect headers

location: https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=719ef7d6c453fa93&uid=ua-b2417b94-1c48-3964-97db-0ba5156b743c
pragma: no-cache
date: Thu, 08 Jun 2023 07:40:13 GMT
cache-control: no-store
content-length: 0
expires: 0

GET
H/1.1 200
OK us
sync.go.sonobi.com/ Frame D5AC 0
498 B 511ms
127ms Image
text/plain 69.166.1.10
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=%0A%0Ahttps%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De52415579699e09f%26fi%3D719ef7d6c453fa93%26uid%3D%5BUID%5D

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jun 2023 07:40:14 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-5-38
Content-Type: text/plain; charset=utf8
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 prebid
rtb.openx.net/sync/ Frame D5AC 43 B
103 B 72ms
50ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D719ef7d6c453fa93%26uid%3D%24%7BUID%7D
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 07:40:13 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H2

400

um
u-ams03.e-planning.net/ Frame D5AC
Redirect Chain

https://cookies.nextmillmedia.com/sync?type=image&gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%5BNMUID%5D%26dc%...
https://u-ams03.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=719ef7d6c453fa93

0
0

40ms
38ms

Image
text/html

193.3.178.3
E-PLANNING-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-ams03.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=719ef7d6c453fa93
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol: H2
Server: 193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Redirect headers

location: https://u-ams03.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=719ef7d6c453fa93
date: Thu, 08 Jun 2023 07:40:13 GMT
server: fasthttp
content-length: 0

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 87C5
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu

281 B
554 B

134ms
43ms

Document
text/html

23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 08 Jun 2023 07:40:13 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Thu, 08 Jun 2023 07:40:13 GMT
location: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
server: AkamaiGHost
server-timing: ak_p; desc="1686210013728_390277187_9868108_21_774_39_44_255";dur=1

GET
H/1.1

200
OK

usermatch Show response
ssum.casalemedia.com/ Frame 01D9
Redirect Chain

https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D719ef7d6c453fa93%26uid%3D
https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D719ef7d6c453fa93%26uid%3D&s=190243&C=1

2 KB
2 KB

43ms
43ms

Document
text/html

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D719ef7d6c453fa93%26uid%3D&s=190243&C=1
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: 216f533805929fff10f7f5a77658ffc3d27e400be31f4aced7c6f40b427ccdaa

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache
Connection: Keep-Alive
Content-Length: 1678
Content-Type: text/html
Date: Thu, 08 Jun 2023 07:40:13 GMT
Expires: 0
Keep-Alive: timeout=1, max=499
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Server: Apache

Redirect headers

Cache-Control: no-cache
Connection: Keep-Alive
Content-Length: 0
Date: Thu, 08 Jun 2023 07:40:13 GMT
Expires: 0
Keep-Alive: timeout=1, max=500
Location: /usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D719ef7d6c453fa93%26uid%3D&s=190243&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Server: Apache

GET
H2 200 navegg_2022_01_br.html Show response
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame 8388 1 KB
997 B 54ms
39ms Document
text/html 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 Cantonment, United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=157680000
cf4age: 0
cf4ttl: 157680000.000
content-encoding: gzip
content-length: 624
content-type: text/html
date: Thu, 08 Jun 2023 07:40:13 GMT
etag: W/"61ddbb71-5f5"
expires: Thu, 02 Mar 2028 17:17:56 GMT
last-modified: Tue, 11 Jan 2022 17:16:33 GMT
server: CFS 0215
x-cf-reqid: 0223e7c2a2065a152f98a680e47236a8
x-cf-tsc: 1677950277
x-cf1: 29080:fJ.fra2:co:1585621119:cacheN.fra2-01:H
x-cf2: H
x-cf3: M
x-cff: B

GET
H2 204 /
onetag-sys.com/usync/ Frame 1460 0
0 40ms
40ms Document
text/plain 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=5927d926323dc2c

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 200 / Show response
spl.zeotap.com/ Frame 0DA3 9 KB
2 KB 68ms
55ms Document
text/html 2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd22e5f82e8b3af4ce795195e8bd906dcf46345292aa2e9e2e8a9e175d2d048f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://ads.us.e-planning.net
cf-cache-status: DYNAMIC
cf-ray: 7d3f7c49df87902e-FRA
content-encoding: br
content-type: text/html
date: Thu, 08 Jun 2023 07:40:13 GMT
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
via: 1.1 google
x-content-type-options: nosniff

GET
H/1.1

204
No Content

m
ad.yieldlab.net/ Frame 3C08
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_dbm
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEOSSwkB0MaqtCb1D0iD3E4Y&google_cver=1

0
400 B

165ms
61ms

Image
text/plain

2.17.187.27
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEOSSwkB0MaqtCb1D0iD3E4Y&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYidrjwAEwAQ&v=APEucNUjPIlKo3Fvjwsuc79yOAVYjjgG3a-vI-CGpMzqfeLYeSthvn_hHr5McPINEkLWGLQZvobSTW1rngc3a-CRV0fal_LGZQSTw3NQmV93ECFnoHp6iNxPSlRdwhrZTOTaPKONC1rzkFtpiNLtMtczY5lXtSjIqLqDwTIBmtH_5U73hWrPbr8
Protocol: HTTP/1.1
Server: 2.17.187.27 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-17-187-27.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jun 2023 07:40:14 GMT
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Expires: Wed, 07 Jun 2023 07:40:13 GMT

Redirect headers

pragma: no-cache
date: Thu, 08 Jun 2023 07:40:13 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEOSSwkB0MaqtCb1D0iD3E4Y&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 288
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.adform.net/ Frame 3C08
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adform_dbm&google_cm&google_dbm
https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESELAcz9oiUtr4S4jvJ0n8Ibg&google_cver=1&adform_v=1

43 B
163 B

134ms
39ms

Image
image/gif

37.157.6.254
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESELAcz9oiUtr4S4jvJ0n8Ibg&google_cver=1&adform_v=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYidrjwAEwAQ&v=APEucNUjPIlKo3Fvjwsuc79yOAVYjjgG3a-vI-CGpMzqfeLYeSthvn_hHr5McPINEkLWGLQZvobSTW1rngc3a-CRV0fal_LGZQSTw3NQmV93ECFnoHp6iNxPSlRdwhrZTOTaPKONC1rzkFtpiNLtMtczY5lXtSjIqLqDwTIBmtH_5U73hWrPbr8
Protocol: H2
Server: 37.157.6.254 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:13 GMT
last-modified: Fri, 18 Nov 2022 14:39:11 GMT
server: nginx
accept-ranges: bytes
etag: "6377990f-2b"
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 08 Jun 2023 07:40:13 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESELAcz9oiUtr4S4jvJ0n8Ibg&google_cver=1&adform_v=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 312
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 15581 Show response
rtb.gumgum.com/usync/ Frame 0548 4 KB
2 KB 198ms
57ms Document
text/html 52.51.107.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D719ef7d6c453fa93%26uid%3D
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.107.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-107-69.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cb617b10a79ec4d66602780648c21213134061f0706dbc683c09c56e1fce21b6

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Thu, 08 Jun 2023 07:40:13 GMT
etag: W/"0693bcd30bd164bb077e37204535fe699"
server: nginx
timing-allow-origin: *

GET
H2 200 sync Show response
eb2.3lift.com/ Frame F16C 37 B
139 B 40ms
40ms Document
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Thu, 08 Jun 2023 07:40:13 GMT

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame A560 16 KB
6 KB 150ms
48ms Document
text/html 23.32.184.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D719ef7d6c453fa93%26uid%3D
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=59533
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Thu, 08 Jun 2023 07:40:13 GMT
expires: Fri, 09 Jun 2023 00:12:26 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H/1.1 200
OK setuid Show response
prebidserver.pixfuture.com/ Frame 5602 0
597 B 122ms
116ms Document
text/html 137.184.242.150
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://prebidserver.pixfuture.com/setuid?bidder=eplanning&gdpr=&gdpr_consent=&f=b&uid=AIOxlFouGHXuimNR
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 137.184.242.150 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 0
content-type: text/html
date: Thu, 08 Jun 2023 07:40:13 GMT
expires: 0
pragma: no-cache
vary: Origin

GET
H2 200 15581 Show response
rtb.gumgum.com/usync/ Frame C792 4 KB
2 KB 190ms
57ms Document
text/html 52.51.107.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D719ef7d6c453fa93%26uid%3D
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.107.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-107-69.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: eed718871adc30ae0f77245540b4d10df97057e100f18a88e46cd6bc3ece060b

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Thu, 08 Jun 2023 07:40:13 GMT
etag: W/"09009f0724702132d230f4154e9ded048"
server: nginx
timing-allow-origin: *

GET
H2 200 sync Show response
eb2.3lift.com/ Frame D1FD 37 B
139 B 43ms
40ms Document
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Thu, 08 Jun 2023 07:40:13 GMT

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 6DD5 16 KB
6 KB 135ms
42ms Document
text/html 23.32.184.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D719ef7d6c453fa93%26uid%3D
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=59533
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Thu, 08 Jun 2023 07:40:13 GMT
expires: Fri, 09 Jun 2023 00:12:26 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H/1.1 200
OK setuid Show response
prebidserver.pixfuture.com/ Frame 86AA 0
597 B 115ms
114ms Document
text/html 137.184.242.150
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://prebidserver.pixfuture.com/setuid?bidder=eplanning&gdpr=&gdpr_consent=&f=b&uid=AIOxlFouGHXuimNR
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 137.184.242.150 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 0
content-type: text/html
date: Thu, 08 Jun 2023 07:40:13 GMT
expires: 0
pragma: no-cache
vary: Origin

GET
H/1.1 400
Request failed due to privacy signals getuid
ib.adnxs.com/ Frame 0DA3 0
0 115ms
114ms Image
text/html 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6ba0c5d9-c240-4ffd-510b-0571de52e190&reqId=c47aa08c-9212-4698-65a7-5ec66f6dc2a1&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 0DA3 170 B
243 B 75ms
49ms Image
image/png 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6ba0c5d9-c240-4ffd-510b-0571de52e190&reqId=c47aa08c-9212-4698-65a7-5ec66f6dc2a1&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 07:40:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 0DA3
Redirect Chain

https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
https://mwzeom.zeotap.com/mw?cid=23792f1e-5155-4657-8295-3ca526e3c4a5&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6ba0c5d9-c240-4ffd-510b-0571de52e190&reqId=c47aa08c-9212-4698...

95 B
154 B

61ms
51ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?cid=23792f1e-5155-4657-8295-3ca526e3c4a5&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6ba0c5d9-c240-4ffd-510b-0571de52e190&reqId=c47aa08c-9212-4698-65a7-5ec66f6dc2a1&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:14 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 7d3f7c4c79cb902e-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

date: Thu, 08 Jun 2023 07:40:14 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://mwzeom.zeotap.com/mw?cid=23792f1e-5155-4657-8295-3ca526e3c4a5&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6ba0c5d9-c240-4ffd-510b-0571de52e190&reqId=c47aa08c-9212-4698-65a7-5ec66f6dc2a1&zdid=1361
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 403 /
dmp.adform.net/serving/cookie/match/ Frame 0DA3 0
454 B 152ms
40ms Image
text/plain 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6ba0c5d9-c240-4ffd-510b-0571de52e190&reqId=c47aa08c-9212-4698-65a7-5ec66f6dc2a1&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 07:40:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 0DA3 70 B
264 B 66ms
58ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D6ba0c5d9-c240-4ffd-510b-0571de52e190%26reqId%3Dc47aa08c-9212-4698-65a7-5ec66f6dc2a1%26zdid%3D1361&gdpr=1&gdpr_consent=
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 08 Jun 2023 07:40:13 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 cm
trc.taboola.com/sg/zeotap/1/ Frame 0DA3 0
54 B 157ms
48ms Image
text/plain 2a04:4e42:200::300
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6ba0c5d9-c240-4ffd-510b-0571de52e190&reqId=c47aa08c-9212-4698-65a7-5ec66f6dc2a1&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Thu, 08 Jun 2023 07:40:13 GMT
via: 1.1 varnish
x-cache-hits: 0
server: nginx
x-timer: S1686210014.935515,VS0,VE2
x-cache: MISS
accept-ranges: bytes
content-length: 0
x-served-by: cache-ams21020-AMS

GET
H/1.1 200
OK u
dmp.v.fwmrm.net/ad/ Frame 0DA3 0
411 B 573ms
138ms Image
text/html 2600:1f16:e61:3f02:8513:7dd7:332b:6625
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f16:e61:3f02:8513:7dd7:332b:6625 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jun 2023 07:40:14 GMT
Content-Type: text/html
P3P: policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control: no-store
Connection: keep-alive
Keep-Alive: timeout=300
Content-Length: 0
Expires: 0

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 0DA3 0
166 B 155ms
47ms Image
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D6ba0c5d9-c240-4ffd-510b-0571de52e190%26reqId%3Dc47aa08c-9212-4698-65a7-5ec66f6dc2a1%26zdid%3D1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Thu, 08 Jun 2023 07:40:13 GMT
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2 404 genericusersync.ashx
sync.tidaltv.com/ Frame 0DA3 0
67 B 188ms
53ms Image
text/plain 2a05:d018:24:b001:3bf0:9c53:4cdb:1436
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6ba0c5d9-c240-4ffd-510b-0571de52e190&reqId=c47aa08c-9212-4698-65a7-5ec66f6dc2a1&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d018:24:b001:3bf0:9c53:4cdb:1436 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:13 GMT
server: awselb/2.0
content-length: 0
content-type: text/plain; charset=utf-8

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 0DA3
Redirect Chain

https://dpm.demdex.net/ibs:dpid=199624&dpuuid=6ba0c5d9-c240-4ffd-510b-0571de52e190&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=6ba0c5d9-c240-4ffd-510b-0571de52e190&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
https://mwzeom.zeotap.com/mw?cid=35334879380354041431483445415835073194&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6ba0c5d9-c240-4ffd-510b-0571de52e190&reqId=c47aa08c-9212-...

95 B
154 B

55ms
55ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?cid=35334879380354041431483445415835073194&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6ba0c5d9-c240-4ffd-510b-0571de52e190&reqId=c47aa08c-9212-4698-65a7-5ec66f6dc2a1&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:14 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 7d3f7c4ddb2e902e-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

DCS: dcs-prod-irl1-2-v048-022f9ea75.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 6kdPyI6kTEg=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://mwzeom.zeotap.com/mw?cid=35334879380354041431483445415835073194&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6ba0c5d9-c240-4ffd-510b-0571de52e190&reqId=c47aa08c-9212-4698-65a7-5ec66f6dc2a1&zdid=1361
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 204 /
loadeu.exelator.com/load/ Frame 0DA3 0
324 B 209ms
40ms Image
text/plain 18.198.126.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6ba0c5d9-c240-4ffd-510b-0571de52e190&reqId=c47aa08c-9212-4698-65a7-5ec66f6dc2a1&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.126.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-126-47.eu-central-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:13 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 0DA3
Redirect Chain

https://bn01.er.bemail.it/zeotap.php?_bid=6ba0c5d9-c240-4ffd-510b-0571de52e190&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6ba0c5d9-c240-4ffd-510b-0571de52e190&reqId=c47aa08c-...
https://mwzeom.zeotap.com/mw?cid=BE1-2023060809-39543-0.057896001686210014-34a3a090514ef5cf2ce0a030db54e22e&zdid=533&env=mWeb

95 B
154 B

52ms
51ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?cid=BE1-2023060809-39543-0.057896001686210014-34a3a090514ef5cf2ce0a030db54e22e&zdid=533&env=mWeb

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:14 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 7d3f7c4cca24902e-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

Location: https://mwzeom.zeotap.com/mw?cid=BE1-2023060809-39543-0.057896001686210014-34a3a090514ef5cf2ce0a030db54e22e&zdid=533&env=mWeb
Date: Thu, 08 Jun 2023 07:40:14 GMT
Server: nginx/1.10.2
Connection: keep-alive
X-Powered-By: PHP/5.4.16
Transfer-Encoding: chunked
Content-Type: text/html

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 0DA3
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
https://mwzeom.zeotap.com/mw?cid=7242216864319404177&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6ba0c5d9-c240-4ffd-510b-0571de52e190&reqId=c47aa08c-9212-4698-65a7-...

95 B
154 B

65ms
65ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?cid=7242216864319404177&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6ba0c5d9-c240-4ffd-510b-0571de52e190&reqId=c47aa08c-9212-4698-65a7-5ec66f6dc2a1&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:14 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 7d3f7c4c99ec902e-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

Location: https://mwzeom.zeotap.com/mw?cid=7242216864319404177&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6ba0c5d9-c240-4ffd-510b-0571de52e190&reqId=c47aa08c-9212-4698-65a7-5ec66f6dc2a1&zdid=1361
Date: Thu, 08 Jun 2023 07:40:14 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/ Frame 0DA3
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=6ba0c5d9-c240-4ffd-510b-0571de52e190
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=6ba0c5d9-c240-4ffd-510b-0571de52e190

95 B
435 B

52ms
52ms

Image
image/png

34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=6ba0c5d9-c240-4ffd-510b-0571de52e190

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:14 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type: image/png
access-control-allow-origin: *
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

date: Thu, 08 Jun 2023 07:40:13 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=6ba0c5d9-c240-4ffd-510b-0571de52e190
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 0DA3
Redirect Chain

https://idsync.frontend.weborama.fr/ids?key=zeotap&value=6ba0c5d9-c240-4ffd-510b-0571de52e190&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
https://idsync.frontend.weborama.fr/ids?key=zeotap&value=6ba0c5d9-c240-4ffd-510b-0571de52e190&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
https://mwzeom.zeotap.com/mw?webouuid=XJB9knKKbp31WLxb/3fHmu&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6ba0c5d9-c240-4ffd-510b-0571de52e190&reqId=c47aa08c-9212-46...

95 B
154 B

64ms
55ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?webouuid=XJB9knKKbp31WLxb/3fHmu&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6ba0c5d9-c240-4ffd-510b-0571de52e190&reqId=c47aa08c-9212-4698-65a7-5ec66f6dc2a1&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:14 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 7d3f7c4e4b93902e-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Thu, 08 Jun 2023 07:40:13 GMT
via: 1.1 google
last-modified: Thu, 08 Jun 2023 07:40:14 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location: https://mwzeom.zeotap.com/mw?webouuid=XJB9knKKbp31WLxb/3fHmu&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6ba0c5d9-c240-4ffd-510b-0571de52e190&reqId=c47aa08c-9212-4698-65a7-5ec66f6dc2a1&zdid=1361
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 404 2.gif
dmp.theadex.com/d/949/i/ Frame 0DA3 0
15 B 156ms
43ms Image
text/plain 185.15.245.83
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=6ba0c5d9-c240-4ffd-510b-0571de52e190&axd_pid=175
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.15.245.83 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 07:40:14 GMT
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 0DA3
Redirect Chain

https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=6ba0c5d9-c240-4ffd-510b-0571de52e190?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_con...
https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6ba0c5d9-c240-4ffd-510b-0571de52e190&reqId=c47aa08c-9212-4698-65a7-5ec66f6dc2a1&zdid=1361

95 B
154 B

61ms
57ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6ba0c5d9-c240-4ffd-510b-0571de52e190&reqId=c47aa08c-9212-4698-65a7-5ec66f6dc2a1&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:13 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 7d3f7c4ad893902e-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Thu, 08 Jun 2023 07:40:13 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6ba0c5d9-c240-4ffd-510b-0571de52e190&reqId=c47aa08c-9212-4698-65a7-5ec66f6dc2a1&zdid=1361
cache-control: no-cache
x-server: 10.45.30.56
content-length: 0
expires: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 0DA3
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
https://ups.analytics.yahoo.com/ups/58697/cms?partner_id=ZTAP
https://mwzeom.zeotap.com/mw?cid=y-_ggifLRE2ooLNzuePGuvqhWA5QYGaa1u_Q--~A&zpartnerid=570&env=mWeb

95 B
154 B

51ms
49ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?cid=y-_ggifLRE2ooLNzuePGuvqhWA5QYGaa1u_Q--~A&zpartnerid=570&env=mWeb

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:14 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 7d3f7c4f2c68902e-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

location: https://mwzeom.zeotap.com/mw?cid=y-_ggifLRE2ooLNzuePGuvqhWA5QYGaa1u_Q--~A&zpartnerid=570&env=mWeb
date: Thu, 08 Jun 2023 07:40:14 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 0DA3
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6ba0c5d9-c240-4ffd-510b-0571de52e190&reqId=c47aa08c-9212-4698-65a7-5ec66f6dc2a1&zd...
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=CZnoZ%2BZikE6t8U4SkgrjyOgNvnDfRZEg%2BS41iYitP1U%3D

95 B
154 B

63ms
61ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=CZnoZ%2BZikE6t8U4SkgrjyOgNvnDfRZEg%2BS41iYitP1U%3D

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:13 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 7d3f7c4aa86e902e-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Thu, 08 Jun 2023 07:40:13 GMT
server: AAWebServer
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=CZnoZ%2BZikE6t8U4SkgrjyOgNvnDfRZEg%2BS41iYitP1U%3D
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires: 0

GET
H2 200 v2
odr.mookie1.com/t/ Frame 0DA3 42 B
103 B 140ms
50ms Image
image/gif 34.160.236.64
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=6ba0c5d9-c240-4ffd-510b-0571de52e190&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6ba0c5d9-c240-4ffd-510b-0571de52e190&reqId=c47aa08c-9212-4698-65a7-5ec66f6dc2a1&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.236.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 64.236.160.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:14 GMT
via: 1.1 google
last-modified: Tue, 28 Jun 2022 14:08:50 GMT
server: nginx
etag: "62bb0b72-2a"
content-type: image/gif
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 0DA3 0
337 B 192ms
56ms Image
text/plain 52.211.158.177
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6ba0c5d9-c240-4ffd-510b-0571de52e190&reqId=c47aa08c-9212-4698-65a7-5ec66f6dc2a1&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.158.177 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-158-177.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-served-by: beacon-n008-dub-prod.krxd.net
date: Thu, 08 Jun 2023 07:40:14 GMT
cache-control: private, no-cache, no-store
x-request-time: D=36 t=1686210014
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 /
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame 0DA3 95 B
378 B 188ms
43ms Image
image/png 168.119.146.39
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=6ba0c5d9-c240-4ffd-510b-0571de52e190&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6ba0c5d9-c240-4ffd-510b-0571de52e190&reqId=c47aa08c-9212-4698-65a7-5ec66f6dc2a1&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 168.119.146.39 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.39.146.119.168.clients.your-server.de
Software: nginx/1.14.1 / PHP/8.2.4
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-type: image/png
date: Thu, 08 Jun 2023 07:40:13 GMT
server: nginx/1.14.1
x-powered-by: PHP/8.2.4
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2

200

cQZGoH6Q
sync-tm.everesttech.net/ct/upi/pid/ Frame 0DA3
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr...

85 B
148 B

40ms
40ms

Image
image/png

151.101.2.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D6ba0c5d9-c240-4ffd-510b-0571de52e190%26reqId%3Dc47aa08c-9212-4698-65a7-5ec66f6dc2a1%26zdid%3D1361&_test=ZIGF3gAQJeglywAp
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-served-by: cache-fra-etou8220048-FRA
pragma: no-cache
date: Thu, 08 Jun 2023 07:40:14 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
age: 449
x-timer: S1686210014.391917,VS0,VE0
x-cache: HIT
content-type: image/png
cache-control: no-cache
accept-ranges: bytes
content-length: 85
x-cache-hits: 1755

Redirect headers

x-served-by: cache-fra-etou8220048-FRA
pragma: no-cache
date: Thu, 08 Jun 2023 07:40:14 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1686210014.136911,VS0,VE92
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D6ba0c5d9-c240-4ffd-510b-0571de52e190%26reqId%3Dc47aa08c-9212-4698-65a7-5ec66f6dc2a1%26zdid%3D1361&_test=ZIGF3gAQJeglywAp
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 0DA3
Redirect Chain

https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
https://mwzeom.zeotap.com/mw?cid=48866481-85de-4f00-8fe9-3444e552210b&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6ba0c5d9-c240-4ffd-510b-0571de52e190&reqId=c47aa08...

95 B
154 B

76ms
52ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?cid=48866481-85de-4f00-8fe9-3444e552210b&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6ba0c5d9-c240-4ffd-510b-0571de52e190&reqId=c47aa08c-9212-4698-65a7-5ec66f6dc2a1&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:14 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 7d3f7c4e4b90902e-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

Date: Thu, 08 Jun 2023 07:40:14 GMT
Server: MT3 933 7933424 master cdg-pixel-x27 config_version:"3862"
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Location: https://mwzeom.zeotap.com/mw?cid=48866481-85de-4f00-8fe9-3444e552210b&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6ba0c5d9-c240-4ffd-510b-0571de52e190&reqId=c47aa08c-9212-4698-65a7-5ec66f6dc2a1&zdid=1361
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Expires: Thu, 08 Jun 2023 07:40:13 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 0DA3
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6ba0c5d9-c240-4ffd-510b-0571de52e190&reqId=c47aa08c-9212-4698-65a7-5ec66f6dc2a1&zdid=1361
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6ba0c5d9-c240-4ffd-510b-0571de52e190&reqId=c47aa08c-9212-4698-65a7-5ec66f6d...

0
336 B

53ms
53ms

Image
text/plain

52.211.158.177
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6ba0c5d9-c240-4ffd-510b-0571de52e190&reqId=c47aa08c-9212-4698-65a7-5ec66f6dc2a1&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 52.211.158.177 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-158-177.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-served-by: beacon-n020-dub-prod.krxd.net
date: Thu, 08 Jun 2023 07:40:14 GMT
cache-control: private, no-cache, no-store
x-request-time: D=30 t=1686210014
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6ba0c5d9-c240-4ffd-510b-0571de52e190&reqId=c47aa08c-9212-4698-65a7-5ec66f6dc2a1&zdid=1361
date: Thu, 08 Jun 2023 07:40:14 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a011-ash-prod.krxd.net

GET
H/1.1

200
OK

dcm
aax-eu.amazon-adsystem.com/s/ Frame 0DA3
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=6ba0c5d9-c240-4ffd-510b-0571de52e190&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6ba0c5d9-c240-4ffd-510...
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=6ba0c5d9-c240-4ffd-510b-0571de52e190&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6ba0c5d9-c240-4ffd-510...

43 B
568 B

109ms
56ms

Image
image/gif

67.220.226.238
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=6ba0c5d9-c240-4ffd-510b-0571de52e190&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6ba0c5d9-c240-4ffd-510b-0571de52e190&reqId=c47aa08c-9212-4698-65a7-5ec66f6dc2a1&zdid=1361&dcc=t

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

HTTP/1.1

Server

67.220.226.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jun 2023 07:40:14 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: YPW4AQX6H0X75G4N8TDT
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 08 Jun 2023 07:40:14 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: DM9C31CYYG599TVTTCGP
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=6ba0c5d9-c240-4ffd-510b-0571de52e190&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6ba0c5d9-c240-4ffd-510b-0571de52e190&reqId=c47aa08c-9212-4698-65a7-5ec66f6dc2a1&zdid=1361&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 400 87734
tags.bluekai.com/site/ Frame 0DA3 0
209 B 358ms
204ms Image
text/plain 72.246.169.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/87734?id=6ba0c5d9-c240-4ffd-510b-0571de52e190&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6ba0c5d9-c240-4ffd-510b-0571de52e190&reqId=c47aa08c-9212-4698-65a7-5ec66f6dc2a1&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.246.169.24 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-246-169-24.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:14 GMT
server-timing: ak_p; desc="1686210014389_34901814_80803622_16482_513_38_0_146";dur=1
content-length: 0
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 0DA3
Redirect Chain

https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D6ba...
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6ba0c5d9-c240-4ffd-510b-0571de52e190&reqId=c47aa08c-9212-4698-65a7-5ec66f6dc2a1&zdid=1361&puid=b4ae...

95 B
154 B

64ms
55ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6ba0c5d9-c240-4ffd-510b-0571de52e190&reqId=c47aa08c-9212-4698-65a7-5ec66f6dc2a1&zdid=1361&puid=b4ae8750-05cf-11ee-8f69-d1554a111ef4

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:14 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 7d3f7c4e4b95902e-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

location: https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6ba0c5d9-c240-4ffd-510b-0571de52e190&reqId=c47aa08c-9212-4698-65a7-5ec66f6dc2a1&zdid=1361&puid=b4ae8750-05cf-11ee-8f69-d1554a111ef4
date: Thu, 08 Jun 2023 07:40:14 GMT
cross-origin-resource-policy: cross-origin
content-length: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 0DA3
Redirect Chain

https://pixel.rubiconproject.com/token?pid=41544&puid=6ba0c5d9-c240-4ffd-510b-0571de52e190&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6ba0c5d9-c240-4ffd-510b-0571de52...
https://mwzeom.zeotap.com/mw?cid=LIMTWKIL-5-GIAW&env=mWeb&zpartnerid=1770&gdpr=1

95 B
154 B

52ms
52ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?cid=LIMTWKIL-5-GIAW&env=mWeb&zpartnerid=1770&gdpr=1

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:14 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 7d3f7c4f4c88902e-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

Location: https://mwzeom.zeotap.com/mw?cid=LIMTWKIL-5-GIAW&env=mWeb&zpartnerid=1770&gdpr=1
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 5b959e9b7aef6dd90a6fa539ca64ac62
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 0DA3
Redirect Chain

https://x.bidswitch.net/syncd?dsp_id=461&user_group=1&expires=5&user_id=6ba0c5d9-c240-4ffd-510b-0571de52e190&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BBSW_UID%7D%26env%3DmWeb%26zpart...
https://mwzeom.zeotap.com/mw?cid=395da4e5-7a73-425d-b97d-bc53dd5eb6ea&env=mWeb&zpartnerid=1771&gdpr=1&gdpr_consent={consent_string}&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6ba0c5d9-c24...

95 B
154 B

58ms
58ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?cid=395da4e5-7a73-425d-b97d-bc53dd5eb6ea&env=mWeb&zpartnerid=1771&gdpr=1&gdpr_consent={consent_string}&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6ba0c5d9-c240-4ffd-510b-0571de52e190&reqId=c47aa08c-9212-4698-65a7-5ec66f6dc2a1&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:13 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 7d3f7c4aa870902e-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

location: https://mwzeom.zeotap.com/mw?cid=395da4e5-7a73-425d-b97d-bc53dd5eb6ea&env=mWeb&zpartnerid=1771&gdpr=1&gdpr_consent={consent_string}&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6ba0c5d9-c240-4ffd-510b-0571de52e190&reqId=c47aa08c-9212-4698-65a7-5ec66f6dc2a1&zdid=1361
date: Thu, 08 Jun 2023 07:40:13 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 mw
mwzeom.zeotap.com/ Frame 0DA3 95 B
154 B 52ms
50ms Image
image/png 2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?zpartnerid=1353&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6ba0c5d9-c240-4ffd-510b-0571de52e190&reqId=c47aa08c-9212-4698-65a7-5ec66f6dc2a1&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:14 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 7d3f7c4dfb47902e-FRA
access-control-allow-headers: *
content-length: 95

GET
H2 200 cmp.min.js Show response
spl.zeotap.com/ Frame 0DA3 557 B
472 B 59ms
54ms Script
text/plain 2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6ba0c5d9-c240-4ffd-510b-0571de52e190&reqId=c47aa08c-9212-4698-65a7-5ec66f6dc2a1&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

060c711223dd19b13b57e28968bcd6de991e69edf48b2463f991709089e2bdad

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:13 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 7d3f7c4a681c902e-FRA
access-control-allow-headers: *

GET
H/1.1 400
Request failed due to privacy signals getuid
ib.adnxs.com/ Frame EC63 0
0 128ms
47ms Image
text/html 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=79a64fcc-6cfc-4445-7207-8c3d4a87e46c&reqId=d1750281-8e96-4b45-64fd-e93f08f1e1c8&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame EC63 170 B
232 B 69ms
51ms Image
image/png 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=79a64fcc-6cfc-4445-7207-8c3d4a87e46c&reqId=d1750281-8e96-4b45-64fd-e93f08f1e1c8&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 07:40:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame EC63
Redirect Chain

https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
https://mwzeom.zeotap.com/mw?cid=23792f1e-5155-4657-8295-3ca526e3c4a5&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=79a64fcc-6cfc-4445-7207-8c3d4a87e46c&reqId=d1750281-8e96-4b45...

95 B
154 B

62ms
53ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?cid=23792f1e-5155-4657-8295-3ca526e3c4a5&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=79a64fcc-6cfc-4445-7207-8c3d4a87e46c&reqId=d1750281-8e96-4b45-64fd-e93f08f1e1c8&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:14 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 7d3f7c4c79cc902e-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

date: Thu, 08 Jun 2023 07:40:14 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://mwzeom.zeotap.com/mw?cid=23792f1e-5155-4657-8295-3ca526e3c4a5&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=79a64fcc-6cfc-4445-7207-8c3d4a87e46c&reqId=d1750281-8e96-4b45-64fd-e93f08f1e1c8&zdid=1361
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 403 /
dmp.adform.net/serving/cookie/match/ Frame EC63 0
453 B 148ms
40ms Image
text/plain 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=79a64fcc-6cfc-4445-7207-8c3d4a87e46c&reqId=d1750281-8e96-4b45-64fd-e93f08f1e1c8&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 07:40:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame EC63 70 B
264 B 64ms
59ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D79a64fcc-6cfc-4445-7207-8c3d4a87e46c%26reqId%3Dd1750281-8e96-4b45-64fd-e93f08f1e1c8%26zdid%3D1361&gdpr=1&gdpr_consent=
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 08 Jun 2023 07:40:13 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 cm
trc.taboola.com/sg/zeotap/1/ Frame EC63 0
161 B 153ms
48ms Image
text/plain 2a04:4e42:200::300
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=79a64fcc-6cfc-4445-7207-8c3d4a87e46c&reqId=d1750281-8e96-4b45-64fd-e93f08f1e1c8&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Thu, 08 Jun 2023 07:40:13 GMT
via: 1.1 varnish
x-cache-hits: 0
server: nginx
x-timer: S1686210014.935500,VS0,VE2
x-cache: MISS
accept-ranges: bytes
content-length: 0
x-served-by: cache-ams21020-AMS

GET
H/1.1 200
OK u
dmp.v.fwmrm.net/ad/ Frame EC63 0
411 B 567ms
136ms Image
text/html 2600:1f16:e61:3f02:8513:7dd7:332b:6625
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f16:e61:3f02:8513:7dd7:332b:6625 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jun 2023 07:40:14 GMT
Content-Type: text/html
P3P: policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control: no-store
Connection: keep-alive
Keep-Alive: timeout=300
Content-Length: 0
Expires: 0

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame EC63 0
41 B 152ms
47ms Image
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D79a64fcc-6cfc-4445-7207-8c3d4a87e46c%26reqId%3Dd1750281-8e96-4b45-64fd-e93f08f1e1c8%26zdid%3D1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Thu, 08 Jun 2023 07:40:12 GMT
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2 404 genericusersync.ashx
sync.tidaltv.com/ Frame EC63 0
66 B 185ms
53ms Image
text/plain 2a05:d018:24:b001:3bf0:9c53:4cdb:1436
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=79a64fcc-6cfc-4445-7207-8c3d4a87e46c&reqId=d1750281-8e96-4b45-64fd-e93f08f1e1c8&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d018:24:b001:3bf0:9c53:4cdb:1436 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:13 GMT
server: awselb/2.0
content-length: 0
content-type: text/plain; charset=utf-8

GET
H2

200

mw
mwzeom.zeotap.com/ Frame EC63
Redirect Chain

https://dpm.demdex.net/ibs:dpid=199624&dpuuid=79a64fcc-6cfc-4445-7207-8c3d4a87e46c&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=79a64fcc-6cfc-4445-7207-8c3d4a87e46c&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
https://mwzeom.zeotap.com/mw?cid=35334879380354041431483445415835073194&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=79a64fcc-6cfc-4445-7207-8c3d4a87e46c&reqId=d1750281-8e96-...

95 B
204 B

51ms
50ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?cid=35334879380354041431483445415835073194&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=79a64fcc-6cfc-4445-7207-8c3d4a87e46c&reqId=d1750281-8e96-4b45-64fd-e93f08f1e1c8&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:14 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 7d3f7c4deb43902e-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

DCS: dcs-prod-irl1-1-v048-0f9a9001c.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 7h5gi++ASrA=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://mwzeom.zeotap.com/mw?cid=35334879380354041431483445415835073194&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=79a64fcc-6cfc-4445-7207-8c3d4a87e46c&reqId=d1750281-8e96-4b45-64fd-e93f08f1e1c8&zdid=1361
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 204 /
loadeu.exelator.com/load/ Frame EC63 0
324 B 206ms
40ms Image
text/plain 18.198.126.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=79a64fcc-6cfc-4445-7207-8c3d4a87e46c&reqId=d1750281-8e96-4b45-64fd-e93f08f1e1c8&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.126.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-126-47.eu-central-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:13 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET
H2

200

mw
mwzeom.zeotap.com/ Frame EC63
Redirect Chain

https://bn01.er.bemail.it/zeotap.php?_bid=79a64fcc-6cfc-4445-7207-8c3d4a87e46c&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=79a64fcc-6cfc-4445-7207-8c3d4a87e46c&reqId=d1750281-...
https://mwzeom.zeotap.com/mw?cid=BE1-2023060809-14468-0.064534001686210014-d74a102689b7fbcd5705c0f79940faac&zdid=533&env=mWeb

95 B
154 B

55ms
52ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?cid=BE1-2023060809-14468-0.064534001686210014-d74a102689b7fbcd5705c0f79940faac&zdid=533&env=mWeb

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:14 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 7d3f7c4d2a84902e-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

Location: https://mwzeom.zeotap.com/mw?cid=BE1-2023060809-14468-0.064534001686210014-d74a102689b7fbcd5705c0f79940faac&zdid=533&env=mWeb
Date: Thu, 08 Jun 2023 07:40:14 GMT
Server: nginx/1.10.2
Connection: keep-alive
X-Powered-By: PHP/5.4.16
Transfer-Encoding: chunked
Content-Type: text/html

GET
H2

200

mw
mwzeom.zeotap.com/ Frame EC63
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
https://mwzeom.zeotap.com/mw?cid=7242216864319142038&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=79a64fcc-6cfc-4445-7207-8c3d4a87e46c&reqId=d1750281-8e96-4b45-64fd-...

95 B
154 B

58ms
57ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?cid=7242216864319142038&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=79a64fcc-6cfc-4445-7207-8c3d4a87e46c&reqId=d1750281-8e96-4b45-64fd-e93f08f1e1c8&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:14 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 7d3f7c4c99ed902e-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

Location: https://mwzeom.zeotap.com/mw?cid=7242216864319142038&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=79a64fcc-6cfc-4445-7207-8c3d4a87e46c&reqId=d1750281-8e96-4b45-64fd-e93f08f1e1c8&zdid=1361
Date: Thu, 08 Jun 2023 07:40:14 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

check
pixel.tapad.com/idsync/ex/receive/ Frame EC63
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=79a64fcc-6cfc-4445-7207-8c3d4a87e46c
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=79a64fcc-6cfc-4445-7207-8c3d4a87e46c

95 B
123 B

59ms
58ms

Image
image/png

34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=79a64fcc-6cfc-4445-7207-8c3d4a87e46c

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:14 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type: image/png
access-control-allow-origin: *
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

date: Thu, 08 Jun 2023 07:40:13 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=79a64fcc-6cfc-4445-7207-8c3d4a87e46c
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame EC63
Redirect Chain

https://idsync.frontend.weborama.fr/ids?key=zeotap&value=79a64fcc-6cfc-4445-7207-8c3d4a87e46c&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
https://idsync.frontend.weborama.fr/ids?key=zeotap&value=79a64fcc-6cfc-4445-7207-8c3d4a87e46c&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
https://mwzeom.zeotap.com/mw?webouuid=XJB9knKKbp31WLxb/3fHmu&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=79a64fcc-6cfc-4445-7207-8c3d4a87e46c&reqId=d1750281-8e96-4b...

95 B
154 B

62ms
53ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?webouuid=XJB9knKKbp31WLxb/3fHmu&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=79a64fcc-6cfc-4445-7207-8c3d4a87e46c&reqId=d1750281-8e96-4b45-64fd-e93f08f1e1c8&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:14 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 7d3f7c4e4b92902e-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Thu, 08 Jun 2023 07:40:13 GMT
via: 1.1 google
last-modified: Thu, 08 Jun 2023 07:40:14 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location: https://mwzeom.zeotap.com/mw?webouuid=XJB9knKKbp31WLxb/3fHmu&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=79a64fcc-6cfc-4445-7207-8c3d4a87e46c&reqId=d1750281-8e96-4b45-64fd-e93f08f1e1c8&zdid=1361
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 404 2.gif
dmp.theadex.com/d/949/i/ Frame EC63 0
84 B 155ms
42ms Image
text/plain 185.15.245.83
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=79a64fcc-6cfc-4445-7207-8c3d4a87e46c&axd_pid=175
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.15.245.83 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 07:40:14 GMT
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame EC63
Redirect Chain

https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=79a64fcc-6cfc-4445-7207-8c3d4a87e46c?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_con...
https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=79a64fcc-6cfc-4445-7207-8c3d4a87e46c&reqId=d1750281-8e96-4b45-64fd-e93f08f1e1c8&zdid=1361

95 B
154 B

58ms
54ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=79a64fcc-6cfc-4445-7207-8c3d4a87e46c&reqId=d1750281-8e96-4b45-64fd-e93f08f1e1c8&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:13 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 7d3f7c4ad895902e-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Thu, 08 Jun 2023 07:40:13 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=79a64fcc-6cfc-4445-7207-8c3d4a87e46c&reqId=d1750281-8e96-4b45-64fd-e93f08f1e1c8&zdid=1361
cache-control: no-cache
x-server: 10.45.17.139
content-length: 0
expires: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame EC63
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
https://ups.analytics.yahoo.com/ups/58697/cms?partner_id=ZTAP
https://mwzeom.zeotap.com/mw?cid=y-_ggifLRE2ooLNzuePGuvqhWA5QYGaa1u_Q--~A&zpartnerid=570&env=mWeb

95 B
154 B

52ms
50ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?cid=y-_ggifLRE2ooLNzuePGuvqhWA5QYGaa1u_Q--~A&zpartnerid=570&env=mWeb

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:14 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 7d3f7c4f2c67902e-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

location: https://mwzeom.zeotap.com/mw?cid=y-_ggifLRE2ooLNzuePGuvqhWA5QYGaa1u_Q--~A&zpartnerid=570&env=mWeb
date: Thu, 08 Jun 2023 07:40:14 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

mw
mwzeom.zeotap.com/ Frame EC63
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=79a64fcc-6cfc-4445-7207-8c3d4a87e46c&reqId=d1750281-8e96-4b45-64fd-e93f08f1e1c8&zd...
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=CZnoZ%2BZikE6t8U4SkgrjyOgNvnDfRZEg%2BS41iYitP1U%3D

95 B
165 B

52ms
52ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=CZnoZ%2BZikE6t8U4SkgrjyOgNvnDfRZEg%2BS41iYitP1U%3D

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:13 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 7d3f7c4aa871902e-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Thu, 08 Jun 2023 07:40:13 GMT
server: AAWebServer
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=CZnoZ%2BZikE6t8U4SkgrjyOgNvnDfRZEg%2BS41iYitP1U%3D
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires: 0

GET
H2 200 v2
odr.mookie1.com/t/ Frame EC63 42 B
213 B 139ms
49ms Image
image/gif 34.160.236.64
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=79a64fcc-6cfc-4445-7207-8c3d4a87e46c&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=79a64fcc-6cfc-4445-7207-8c3d4a87e46c&reqId=d1750281-8e96-4b45-64fd-e93f08f1e1c8&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.236.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 64.236.160.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:14 GMT
via: 1.1 google
last-modified: Tue, 28 Jun 2022 14:08:50 GMT
server: nginx
etag: "62bb0b72-2a"
content-type: image/gif
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame EC63 0
336 B 192ms
57ms Image
text/plain 52.211.158.177
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=79a64fcc-6cfc-4445-7207-8c3d4a87e46c&reqId=d1750281-8e96-4b45-64fd-e93f08f1e1c8&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.158.177 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-158-177.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-served-by: beacon-n005-dub-prod.krxd.net
date: Thu, 08 Jun 2023 07:40:14 GMT
cache-control: private, no-cache, no-store
x-request-time: D=34 t=1686210014
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 /
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame EC63 95 B
379 B 189ms
44ms Image
image/png 168.119.146.39
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=79a64fcc-6cfc-4445-7207-8c3d4a87e46c&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=79a64fcc-6cfc-4445-7207-8c3d4a87e46c&reqId=d1750281-8e96-4b45-64fd-e93f08f1e1c8&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 168.119.146.39 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.39.146.119.168.clients.your-server.de
Software: nginx/1.14.1 / PHP/8.2.4
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-type: image/png
date: Thu, 08 Jun 2023 07:40:13 GMT
server: nginx/1.14.1
x-powered-by: PHP/8.2.4
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2

200

cQZGoH6Q
sync-tm.everesttech.net/ct/upi/pid/ Frame EC63
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr...

85 B
148 B

39ms
39ms

Image
image/png

151.101.2.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D79a64fcc-6cfc-4445-7207-8c3d4a87e46c%26reqId%3Dd1750281-8e96-4b45-64fd-e93f08f1e1c8%26zdid%3D1361&_test=ZIGF3gAQHgeLVQBL
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-served-by: cache-fra-etou8220048-FRA
pragma: no-cache
date: Thu, 08 Jun 2023 07:40:14 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
age: 449
x-timer: S1686210014.391800,VS0,VE0
x-cache: HIT
content-type: image/png
cache-control: no-cache
accept-ranges: bytes
content-length: 85
x-cache-hits: 1754

Redirect headers

x-served-by: cache-fra-etou8220048-FRA
pragma: no-cache
date: Thu, 08 Jun 2023 07:40:14 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1686210014.136830,VS0,VE94
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D79a64fcc-6cfc-4445-7207-8c3d4a87e46c%26reqId%3Dd1750281-8e96-4b45-64fd-e93f08f1e1c8%26zdid%3D1361&_test=ZIGF3gAQHgeLVQBL
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame EC63
Redirect Chain

https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
https://mwzeom.zeotap.com/mw?cid=7e3b6481-85de-4000-a8c2-91825592050f&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=79a64fcc-6cfc-4445-7207-8c3d4a87e46c&reqId=d175028...

95 B
154 B

88ms
62ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?cid=7e3b6481-85de-4000-a8c2-91825592050f&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=79a64fcc-6cfc-4445-7207-8c3d4a87e46c&reqId=d1750281-8e96-4b45-64fd-e93f08f1e1c8&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:14 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 7d3f7c4e4b8e902e-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

Date: Thu, 08 Jun 2023 07:40:14 GMT
Server: MT3 933 7933424 master cdg-pixel-x32 config_version:"3862"
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Location: https://mwzeom.zeotap.com/mw?cid=7e3b6481-85de-4000-a8c2-91825592050f&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=79a64fcc-6cfc-4445-7207-8c3d4a87e46c&reqId=d1750281-8e96-4b45-64fd-e93f08f1e1c8&zdid=1361
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Expires: Thu, 08 Jun 2023 07:40:13 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame EC63
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=79a64fcc-6cfc-4445-7207-8c3d4a87e46c&reqId=d1750281-8e96-4b45-64fd-e93f08f1e1c8&zdid=1361
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=79a64fcc-6cfc-4445-7207-8c3d4a87e46c&reqId=d1750281-8e96-4b45-64fd-e93f08f1...

0
336 B

53ms
53ms

Image
text/plain

52.211.158.177
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=79a64fcc-6cfc-4445-7207-8c3d4a87e46c&reqId=d1750281-8e96-4b45-64fd-e93f08f1e1c8&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 52.211.158.177 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-158-177.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-served-by: beacon-n022-dub-prod.krxd.net
date: Thu, 08 Jun 2023 07:40:14 GMT
cache-control: private, no-cache, no-store
x-request-time: D=32 t=1686210014
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=79a64fcc-6cfc-4445-7207-8c3d4a87e46c&reqId=d1750281-8e96-4b45-64fd-e93f08f1e1c8&zdid=1361
date: Thu, 08 Jun 2023 07:40:14 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a005-ash-prod.krxd.net

GET
H/1.1

200
OK

dcm
aax-eu.amazon-adsystem.com/s/ Frame EC63
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=79a64fcc-6cfc-4445-7207-8c3d4a87e46c&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=79a64fcc-6cfc-4445-720...
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=79a64fcc-6cfc-4445-7207-8c3d4a87e46c&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=79a64fcc-6cfc-4445-720...

43 B
568 B

75ms
56ms

Image
image/gif

67.220.226.238
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=79a64fcc-6cfc-4445-7207-8c3d4a87e46c&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=79a64fcc-6cfc-4445-7207-8c3d4a87e46c&reqId=d1750281-8e96-4b45-64fd-e93f08f1e1c8&zdid=1361&dcc=t

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

HTTP/1.1

Server

67.220.226.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jun 2023 07:40:14 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: HPZV3M4KJ1NSAVZ7FJYD
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 08 Jun 2023 07:40:14 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 3T5J5Y9H7H6HP3GX5Z6W
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=79a64fcc-6cfc-4445-7207-8c3d4a87e46c&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=79a64fcc-6cfc-4445-7207-8c3d4a87e46c&reqId=d1750281-8e96-4b45-64fd-e93f08f1e1c8&zdid=1361&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 400 87734
tags.bluekai.com/site/ Frame EC63 0
210 B 373ms
213ms Image
text/plain 72.246.169.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/87734?id=79a64fcc-6cfc-4445-7207-8c3d4a87e46c&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=79a64fcc-6cfc-4445-7207-8c3d4a87e46c&reqId=d1750281-8e96-4b45-64fd-e93f08f1e1c8&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.246.169.24 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-246-169-24.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:14 GMT
server-timing: ak_p; desc="1686210014336_34901814_80803621_17378_542_38_52_146";dur=1
content-length: 0
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H2

200

mw
mwzeom.zeotap.com/ Frame EC63
Redirect Chain

https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D79a...
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=79a64fcc-6cfc-4445-7207-8c3d4a87e46c&reqId=d1750281-8e96-4b45-64fd-e93f08f1e1c8&zdid=1361&puid=b4b7...

95 B
154 B

54ms
54ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=79a64fcc-6cfc-4445-7207-8c3d4a87e46c&reqId=d1750281-8e96-4b45-64fd-e93f08f1e1c8&zdid=1361&puid=b4b739e0-05cf-11ee-bd02-e17d6f4cfdd2

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:14 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 7d3f7c4e8bd3902e-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

location: https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=79a64fcc-6cfc-4445-7207-8c3d4a87e46c&reqId=d1750281-8e96-4b45-64fd-e93f08f1e1c8&zdid=1361&puid=b4b739e0-05cf-11ee-bd02-e17d6f4cfdd2
date: Thu, 08 Jun 2023 07:40:14 GMT
cross-origin-resource-policy: cross-origin
content-length: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame EC63
Redirect Chain

https://pixel.rubiconproject.com/token?pid=41544&puid=79a64fcc-6cfc-4445-7207-8c3d4a87e46c&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=79a64fcc-6cfc-4445-7207-8c3d4a87...
https://mwzeom.zeotap.com/mw?cid=LIMTWKIL-5-GIAW&env=mWeb&zpartnerid=1770&gdpr=1

95 B
154 B

62ms
62ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?cid=LIMTWKIL-5-GIAW&env=mWeb&zpartnerid=1770&gdpr=1

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:14 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 7d3f7c4f4c89902e-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

Location: https://mwzeom.zeotap.com/mw?cid=LIMTWKIL-5-GIAW&env=mWeb&zpartnerid=1770&gdpr=1
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: cc9654c54e9aa67bf2b10be1073297a8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

mw
mwzeom.zeotap.com/ Frame EC63
Redirect Chain

https://x.bidswitch.net/syncd?dsp_id=461&user_group=1&expires=5&user_id=79a64fcc-6cfc-4445-7207-8c3d4a87e46c&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BBSW_UID%7D%26env%3DmWeb%26zpart...
https://mwzeom.zeotap.com/mw?cid=395da4e5-7a73-425d-b97d-bc53dd5eb6ea&env=mWeb&zpartnerid=1771&gdpr=1&gdpr_consent={consent_string}&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=79a64fcc-6cf...

95 B
154 B

53ms
53ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?cid=395da4e5-7a73-425d-b97d-bc53dd5eb6ea&env=mWeb&zpartnerid=1771&gdpr=1&gdpr_consent={consent_string}&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=79a64fcc-6cfc-4445-7207-8c3d4a87e46c&reqId=d1750281-8e96-4b45-64fd-e93f08f1e1c8&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:13 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 7d3f7c4aa872902e-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

location: https://mwzeom.zeotap.com/mw?cid=395da4e5-7a73-425d-b97d-bc53dd5eb6ea&env=mWeb&zpartnerid=1771&gdpr=1&gdpr_consent={consent_string}&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=79a64fcc-6cfc-4445-7207-8c3d4a87e46c&reqId=d1750281-8e96-4b45-64fd-e93f08f1e1c8&zdid=1361
date: Thu, 08 Jun 2023 07:40:13 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 mw
mwzeom.zeotap.com/ Frame EC63 95 B
154 B 68ms
65ms Image
image/png 2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?zpartnerid=1353&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=79a64fcc-6cfc-4445-7207-8c3d4a87e46c&reqId=d1750281-8e96-4b45-64fd-e93f08f1e1c8&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:14 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 7d3f7c4d8ae5902e-FRA
access-control-allow-headers: *
content-length: 95

GET
H2 200 cmp.min.js Show response
spl.zeotap.com/ Frame EC63 557 B
417 B 59ms
56ms Script
text/plain 2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=79a64fcc-6cfc-4445-7207-8c3d4a87e46c&reqId=d1750281-8e96-4b45-64fd-e93f08f1e1c8&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a66c87f217ace1676cc9bddaf809ffdc65f4accb691270d4a8c85c942fd9c98

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:13 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 7d3f7c4a6820902e-FRA
access-control-allow-headers: *

GET
H2 200 prebid-2023-06-05.js Show response
cdn.prplads.com/ Frame 60F1 355 KB
108 KB 61ms
61ms Script
application/javascript 2606:4700:20::681a:333
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prplads.com/prebid-2023-06-05.js
Requested by: Host: cdn.prplads.com
URL: https://cdn.prplads.com/agent.js?publisherId=843634950ae7da8212d7bc65d4f0a97e:52301e0c24b64bee47e1918518ccf6ca04407559b11da94db7a58977efa6c61b600e63c341130ae129833a140151abb43deee7f045746681acde1e0accf71bc7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:333 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 786f73b07a61952916f4cc4feefbb108ab7e32e42476f6a408b2c5c6358e4817

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:13 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: ZADJRX9DNR6CMVWN
age: 158132
cf-polished: origSize=364170
x-amz-id-2: cLLty7+HxcM2luWdlJ24f+ZuwOH/sxeMmHyByrYVYbY5DvNKElU2G9jVgW8NKNkx33SctPYHvGU=
cf-bgj: minify
last-modified: Mon, 05 Jun 2023 08:30:34 GMT
server: cloudflare
etag: W/"5fad26f4cbacfe017e7cf18b74994571"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uG3OG8NeVf5Odvt%2BzmngYVkdq3mXNuPZ4PSX%2BujuukY0%2FWcYe0dWw6JeMPNAmZsO7%2FdswIef6dlUM2Iuf%2FNgg66TNIb4GoqYvST%2BBAWlgNbCj%2BoFxNReMvk6OXzjE5FmtnktoWZzVn%2BeCNhilQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1209600
cf-ray: 7d3f7c4a79416997-FRA

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 2C97 170 KB
59 KB 133ms
43ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: www.picuki.com
URL: https://www.picuki.com/profile/rudy_israel

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.picuki.com/
Origin: https://www.picuki.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:18:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1287
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 09 Jun 2023 07:18:46 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230606/r20110914/elements/html/ Frame 2C97 11 KB
4 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230606/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DfX50in7o-4DJpx4kjK3Ht3k76LhMUEPrji_n8qeDHoMeZNRr2rx6Mxsh_RNxt-d8WYe90Lcde5SfDepF7RKTN57Npe3hPhWNymHpd_JLm6e81F8_H0JxHkBC38cUrVnKcmfcA64X-0QcRwKmd37BqWTIvoV3EOmvtJI6kGygNESuTg5M&dbm_d=AKAmf-BhiN54I83_43RWOEuycdlgWdqHXRBEKxHYenJGTrnCMQQNAClY9UDPEs0yYcMQE1oka4X5DMuw96O4-TNQ_t81lX34ASeEYo8Ep9FrHQyKWdd172iFG7Wn_tw-LP28G8gbsZlG02xqYUNX_ni8p5uE2gWDh1_6eY1kSrT3kYsSS8eYprz4wbePwWWlj5m4TcTr6lVLHyRFtLt8UdTax5vVHewE3M7QCmglQVJL2rGMt4tBIUTDAPBXrWWf9DKj7Lx-61V68orP1JkJtd8J22P_5EAcSY1NIC1e4UMSWv1PGLM6q0CuPBBbIrpS2ADzkSaHiUevjdeSy8z47-8Ksp0t2CzznaV0rEqMKsn0tcbduPOBshzTkTAc9Dz0w9equzf5Xzi6KPYz0dSNQ7TTwJxBqpsUPgxaaguuKDgQ_j8_G2UiACBzmLS5FR1S__V7Nw3JGXAk0Ff9bjRdMo0nktVm-8nznQNECFLiXG5oYWmdQrui2MwhRFHFvDLMo8BFR7m8UkzzdrNhoLYEn50TbZ92ZfpxV4OcQ2ckwTiTEgbeZ3J0U7YGdBw_ehKqO0iNyD2GSCt9y67VH0RnHYH5a6wBH4GwF8edUDaMez8z9IaKCyPRqwK0jr_Rjb_-9XTIdcKs90OOaDu8x2s1n3eZHAdQUCdG4BrL5TCyxcx-KmQTxX6y2N_czYlynH9agfdM6TVnNNa54uy52vzXCY4t-gAG2XXIQKfUJTS6KZCyq8O8TeuOffJpnupJBLg1q3rWofjZ82oAoIS9T1R_nSchXc7iiN4Ymi6pHwHWb-VjfbGEN09PWUDU_UU85UgeSkDTxii8ZToJrP1OUuJxBp5SkqbedTyGqzmqjYmwbFWnFcxCaV0a_MtG5Tion5aR8YsQrZ7U5OMuqAegL9lXmfoGENIBCuZy8avG-sqYUxfAubqLyZ-pN4-L2-Zl1b6kiclpz4crFfMPHIOZB3h7pqjQ_mWAaIQ327SFXU-DWQ-QYj4qXhiVFrNFYNurSQhvVNqrWUB_qWYDtcZIkVzA91yDJqBxr2kxeJ1m5_Ys37L7YcmoVYmZiQifbZ0wFmDt2yCaRk796hJyM-u15js4hd4ZgEVev7OOpDq2ntUcdNRoypwLfJkZ-Q_rXOY67mrCe6dWQAgwazq4U7ukMHe-_h2DG3cpUCGeKt9K532KimitYdi3X6NLNFXY--jME-dUErtOw_MAtvnbWWoHKZPlpG86ovumdCOnElWfaXvTh9Y6CZOlWXf4GyPthRkCiK0o8V6nCnKnidQHl9y4effhG8wHwdhieMXe541R54KKkm8RouGLpzkRUsOVXnCNSepTeCjslxte1AaQBNXU0MsmgBFmkTQjLDZgzgYmaTlD1dDQy-iTO_Su0N-AoOcYWJXrn2q3JtCVRm3o_B6QkasW17tX0qf7mLXCD8lKPcn6iPXiyMr7a7KKR8bEwt7NDHwkANRM76SOsWocc-BBFFLaVBNbnBHrT394qazCVy5hPqIIRkRxt8MJTXm6rSv0AJcehtxwtwfeOfqRVBoJ1CCa724fbHCS_Yt-ISZjZG7FrUISq0T5CuUyJniJD8pZH7Uv8qqwxh2blvpD1iqw8J6zdmRhgj7Os-8U7atCzVznIcXHg7b2UIHSf6qHNNSFiMcpDmlVa9rCPkewqqPdnvOj-Bi_NJVni0nnucOodMhi2WjRtrZ1F_qLyJRq4kTVpQtgp4CX_HB_MWCx6StjtV3rTqTxpLfOWRM1F6ZnkvlnkTnKReKANuuRWDUY31oWd3wvqHigYrtZ9tkYiuTqiNbQ9hRtarfVpzvQ45YC0b5ZgTJqn8IWLaw9z8HG3eGyq0MvqLRTz-jM3w9L2dozLBLWq0fER_yhdwyhFH4ezR9iWuuXnrYbuAibAGFzTkY80rZCZPS7suf45PgPc2n3jD0dOYYJ3I7H02FpzlE6QArIbNA4hmjgW4oz8eXKNTAkdHSLMM_QZJ4pqUB5IvB5ATV5p1XF6TE340a-h0OLSPSUBvhXmihmO6KoXyEBAFxM-q0Dea5WIuYB3OYj0cInd0bHLESVs0QV4ETlAYox8FQm2VJYEFQyYPCgZ5wriL3GJRmq805FVW1Y8UVSeorxY6SYgLyFUkNmEdMyDdmdYosNaEj6uuI-C-WKz5eKIaG1tJ5xaxkKV3OINXHtshqywAfJynsTLpGIrTb2p2e0vAVKw-nEEnap0xdHwTd1Hr3MGqjLoI2NWiOzxJuBG1etsaCKt7Px6a4qsZcVmKDIYo_nO6jca1bdh9zmWspJaqNDP7mQygIsrtpbGDQxlHdS7wwmKC_1zgR6Gpbcum93MTSKAJfus4FbIKI9GBdAJoGOFvhXQiKSVjYhwN9SdhqbNAZC6tAtBuRINwoXUHkGDVJqCGuvU8BZO5nlRNOlcmvYOlNjIjiE_2h2bs_K_dPzRaWWJvV8Ih_TBXtzR5aQKgSYiGB4ZSP2hdLOUNf3F8uA_NvcajrVhWUNL-AvHQbyB3W2w2sEUS3aocA1-j2zoFf4bAvSucovK8AVm6zw0m1rKW4K3UP64F9BObPZ-wCpFI6aIiSR8sMUSKB-6QeFgprr-dFzJLBmHPQB7JADA1lXxCLrrLK49xeFd8gGn4G4TxZURXhkyeCTDD9D0DeTLFeZvbViP9-b2T9tqTQYDU05InGGLG3LH7pn58DcoN5EA1DRDPy0mZkatdNFeCVvbd62d32CKy-Y7tdW_EwUbOjSRE6c_daiFh7_e7tHcFT7UCChjXtkAtDSzUTII8CoYl7aqcfftqXCRbgjIc_fvRfUvYM6lpjKMlrHPHzn4_aRu4LiIEhrQmPq620rZiwsm3eoheAkvUn6LAKPAvPiONdaLCzAVHNczjedaQSkP3rX8abLZ_diwSzbsk23A7bVnWdjt0MQB5tPt6ijvZDpaWkypjHSRKC__PFr5Mu1cRXkE2fHqh3SsQK_p3W0-bo0OPq4FXm_QFaNQfBikBk-jjjPQ_RJ_gai5EggBg-3Rbh7aqRN5FjNs12lJfxtxWhaOXQb7Pzh5iq0aE3lAMo3EXWoUkiLBkj8IS5wZ7PtUn1g1yW3TgA8FPc6NJuXd0cfqXANnVdRsq8dpIwYUXjO-x0BUed-niVwJ1FdEOMR-8ilLwiOX6Kiks6-augd66S-FBR68waEleUZsO6xFq-KTEqQ6jk-3zFAuaps2kzczSRyTlT0qmInFTykgZ2o5sGk4L4lmz785Gmd2iQR2cwxz1YXw8opF7DK-kVTPJh3J4vaG4sP438wiTUBQF4UrbUuaw0BTFlyq8yI5JxpUyg0nJNm2nYOySGWXYxygrEv0IvpvMdDclC6aoP5FI3-XhjUBca-IPU1U8foAZPAWmutvQEjffjoHO6EVSDzGy5M&pr=8%3AD73E50BD9878A329&cid=CAQSMgBygQiDovgQTslmFd8N_IrejDiw2CNNfOjntqZ7rKJbbw7v99Gk_F0mtGBhGuElPPOPGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.picuki.com%2Fprofile%2Frudy_israel&ds=l&xdt=0&iif=1&cor=2546406033580412000&adk=228305431&idt=221&cac=0&dtd=56

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ae8017866a6744d35f26aa9da389e9771d40bcae3ee65df4c1b5e16e57b09fda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 22:39:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32452
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4172
x-xss-protection: 0
server: cafe
etag: 6053914914909336730
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Jun 2023 22:39:21 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230606/r20110914/ Frame 2C97 29 KB
11 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230606/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb2e82355927b12155d9455aa6b5cca86252379428cd8cde028a282bee334e38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 23:06:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30848
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11009
x-xss-protection: 0
server: cafe
etag: 3370048937579134139
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Jun 2023 23:06:05 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 2C97 41 KB
15 KB 131ms
39ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.picuki.com
URL: https://www.picuki.com/profile/rudy_israel

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 07:39:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 172840
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Jun 2024 07:39:33 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 1D57 281 B
554 B 95ms
42ms Document
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by: Host: www.picuki.com
URL: https://www.picuki.com/profile/rudy_israel
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.picuki.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 08 Jun 2023 07:40:13 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 11DD 70 B
264 B 59ms
58ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D719ef7d6c453fa93%26uid%3D&s=190243&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 08 Jun 2023 07:40:13 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame 11DD
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZIGF3crsBtBhjTc7KJhXoQAABKQAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEG6YoXu1aA3osC12s57wpwg&google_cver=1

43 B
632 B

131ms
40ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEG6YoXu1aA3osC12s57wpwg&google_cver=1
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D719ef7d6c453fa93%26uid%3D&s=190243&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jun 2023 07:40:14 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 08 Jun 2023 07:40:13 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEG6YoXu1aA3osC12s57wpwg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 364
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 11DD
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZIGF3crsBtBhjTc7KJhXoQAABKQAAAIB&gpp=&gpp_sid=
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZIGF3crsBtBhjTc7KJhXoQAABKQAAAIB&gpp=&gpp_sid=&dcc=t

43 B
855 B

218ms
138ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZIGF3crsBtBhjTc7KJhXoQAABKQAAAIB&gpp=&gpp_sid=&dcc=t

Requested by

Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D719ef7d6c453fa93%26uid%3D&s=190243&C=1

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jun 2023 07:40:14 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: A557J99FKYD65QXR30EN
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 08 Jun 2023 07:40:14 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: RC80TWE96NDP0YE94FR7
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZIGF3crsBtBhjTc7KJhXoQAABKQAAAIB&gpp=&gpp_sid=&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 11DD
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZIGF3crsBtBhjTc7KJhXoQAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENyt3hOOk6kuIc5y0DQ_IcI&google_cver=1

43 B
632 B

42ms
41ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENyt3hOOk6kuIc5y0DQ_IcI&google_cver=1
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D719ef7d6c453fa93%26uid%3D&s=190243&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jun 2023 07:40:14 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 08 Jun 2023 07:40:14 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENyt3hOOk6kuIc5y0DQ_IcI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum.casalemedia.com/ Frame 11DD
Redirect Chain

https://x.bidswitch.net/sync?ssp=index
https://ads.avads.net/sync/bsw?bidswitch_ssp_id=index&bidswitch_param=395da4e5-7a73-425d-b97d-bc53dd5eb6ea&gdpr=&gdpr_consent=
https://x.bidswitch.net/sync?dsp_id=352&user_id=34a20656-135b-472d-a6d1-d1724b320c30&expires=15&ssp=index&bsw_param=395da4e5-7a73-425d-b97d-bc53dd5eb6ea
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=395da4e5-7a73-425d-b97d-bc53dd5eb6ea&gdpr=&gdpr_consent=&us_privacy=

43 B
632 B

95ms
40ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=395da4e5-7a73-425d-b97d-bc53dd5eb6ea&gdpr=&gdpr_consent=&us_privacy=
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D719ef7d6c453fa93%26uid%3D&s=190243&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jun 2023 07:40:14 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

location: //dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=395da4e5-7a73-425d-b97d-bc53dd5eb6ea&gdpr=&gdpr_consent=&us_privacy=
date: Thu, 08 Jun 2023 07:40:14 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame 11DD 0
75 B 199ms
50ms Image
text/plain 185.86.138.151
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D719ef7d6c453fa93%26uid%3D&s=190243&C=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.151 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:13 GMT
content-length: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 11DD
Redirect Chain

https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=ZIGF3crsBtBhjTc7KJhXoQAA%261188&gpp=&gpp_sid=
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=8434d907-ece8-4b8b-b5d0-e37cf5319b13-tuctb7b0b5e

43 B
632 B

40ms
40ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=8434d907-ece8-4b8b-b5d0-e37cf5319b13-tuctb7b0b5e
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D719ef7d6c453fa93%26uid%3D&s=190243&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jun 2023 07:40:14 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=495
Content-Length: 43
Expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=8434d907-ece8-4b8b-b5d0-e37cf5319b13-tuctb7b0b5e
date: Thu, 08 Jun 2023 07:40:14 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 41369

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 11DD
Redirect Chain

https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=D998252CA44F4710BFAB481463D50A6D

43 B
632 B

41ms
41ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=D998252CA44F4710BFAB481463D50A6D
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D719ef7d6c453fa93%26uid%3D&s=190243&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jun 2023 07:40:14 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

date: Thu, 08 Jun 2023 07:40:14 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=D998252CA44F4710BFAB481463D50A6D
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 07 Jun 2023 07:40:14 GMT

GET
H2 200 um
u-ams03.e-planning.net/ Frame 11DD 42 B
103 B 42ms
41ms Image
image/gif 193.3.178.3
E-PLANNING-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-ams03.e-planning.net/um?dc=99e41df815fd80b4&fi=719ef7d6c453fa93&uid=ZIGF3crsBtBhjTc7KJhXoQAA%261188
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D719ef7d6c453fa93%26uid%3D&s=190243&C=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

server: openresty
date: Thu, 08 Jun 2023 07:40:13 GMT
content-type: image/gif

GET
H2 200 ZIGF3crsBtBhjTc7KJhXoQAABKQAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 01D9 43 B
603 B 186ms
58ms Image
image/gif 2a05:d018:d29:3602:51a:42ee:38f7:77d0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/ZIGF3crsBtBhjTc7KJhXoQAABKQAAAIB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=

Requested by

Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D719ef7d6c453fa93%26uid%3D&s=190243&C=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3602:51a:42ee:38f7:77d0 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:14 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 01D9
Redirect Chain

https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2010292523365572458

43 B
632 B

105ms
40ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2010292523365572458
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D719ef7d6c453fa93%26uid%3D&s=190243&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jun 2023 07:40:14 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Date: Thu, 08 Jun 2023 07:40:13 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 80.255.7.108; 80.255.7.108; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: e0bdd2e6-6c8b-4486-abd8-dfec2c369e22
Server: nginx/1.23.2
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2010292523365572458
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK ie
match.prod.bidr.io/cookie-sync/ Frame 01D9 43 B
433 B 240ms
56ms Image
image/gif 54.228.73.172
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/ie

Requested by

Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D719ef7d6c453fa93%26uid%3D&s=190243&C=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.228.73.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-228-73-172.eu-west-1.compute.amazonaws.com

Software

gunicorn /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
Date: Thu, 08 Jun 2023 07:40:14 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
content-type: image/gif
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ZMAwryCI
sync-tm.everesttech.net/ct/upi/pid/ Frame 01D9
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=ZIGF3gAQGejc6AAn

85 B
159 B

55ms
38ms

Image
image/png

151.101.2.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=ZIGF3gAQGejc6AAn
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D719ef7d6c453fa93%26uid%3D&s=190243&C=1
Protocol: H2
Server: 151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-served-by: cache-fra-etou8220048-FRA
pragma: no-cache
date: Thu, 08 Jun 2023 07:40:14 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
age: 449
x-timer: S1686210014.322011,VS0,VE0
x-cache: HIT
content-type: image/png
cache-control: no-cache
accept-ranges: bytes
content-length: 85
x-cache-hits: 1753

Redirect headers

x-served-by: cache-fra-etou8220048-FRA
pragma: no-cache
date: Thu, 08 Jun 2023 07:40:14 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1686210014.028774,VS0,VE94
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=ZIGF3gAQGejc6AAn
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 01D9
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZIGF3crsBtBhjTc7KJhXoQAABKQAAAIB&gpp=&gpp_sid=
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZIGF3crsBtBhjTc7KJhXoQAABKQAAAIB&gpp=&gpp_sid=&dcc=t

43 B
855 B

159ms
140ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZIGF3crsBtBhjTc7KJhXoQAABKQAAAIB&gpp=&gpp_sid=&dcc=t

Requested by

Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D719ef7d6c453fa93%26uid%3D&s=190243&C=1

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jun 2023 07:40:14 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: HCZ19CQBHYA0YGCBDPXV
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 08 Jun 2023 07:40:14 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: QMB3233739QZ1YKVWA2B
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZIGF3crsBtBhjTc7KJhXoQAABKQAAAIB&gpp=&gpp_sid=&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum.casalemedia.com/ Frame 01D9
Redirect Chain

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1686296414

43 B
632 B

67ms
40ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1686296414
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D719ef7d6c453fa93%26uid%3D&s=190243&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jun 2023 07:40:14 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

location: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1686296414
pragma: no-cache
date: Thu, 08 Jun 2023 07:40:14 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
content-length: 0
expires: 0

GET
H/1.1

200
OK

rum
dsum.casalemedia.com/ Frame 01D9
Redirect Chain

https://x.bidswitch.net/sync?ssp=index
https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=index
https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=index
https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=882165fd-8124-4f91-82f3-530e3c4e40ee&ssp=index
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=395da4e5-7a73-425d-b97d-bc53dd5eb6ea&gdpr=&gdpr_consent=&us_privacy=

43 B
632 B

126ms
45ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=395da4e5-7a73-425d-b97d-bc53dd5eb6ea&gdpr=&gdpr_consent=&us_privacy=
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D719ef7d6c453fa93%26uid%3D&s=190243&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jun 2023 07:40:14 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

location: //dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=395da4e5-7a73-425d-b97d-bc53dd5eb6ea&gdpr=&gdpr_consent=&us_privacy=
date: Thu, 08 Jun 2023 07:40:14 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200
OK

crum
dsum.casalemedia.com/ Frame 01D9
Redirect Chain

https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=2010292523365572458

43 B
632 B

136ms
41ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=2010292523365572458
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D719ef7d6c453fa93%26uid%3D&s=190243&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jun 2023 07:40:14 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

Date: Thu, 08 Jun 2023 07:40:14 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 65e75815-ce8c-4a14-be9c-18d427d13498
Server: nginx/1.23.4
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=2010292523365572458
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 um
u-ams03.e-planning.net/ Frame 01D9 42 B
103 B 47ms
39ms Image
image/gif 193.3.178.3
E-PLANNING-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-ams03.e-planning.net/um?dc=99e41df815fd80b4&fi=719ef7d6c453fa93&uid=ZIGF3crsBtBhjTc7KJhXoQAA%261188
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D719ef7d6c453fa93%26uid%3D&s=190243&C=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

server: openresty
date: Thu, 08 Jun 2023 07:40:13 GMT
content-type: image/gif

GET
H2 204 d
ic.tynt.com/r/ Frame 6E7A 0
0 413ms
132ms Document
text/plain 67.202.105.33
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.33 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip33.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash

Request headers

Referer: https://www.picuki.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
date: Thu, 08 Jun 2023 07:40:14 GMT
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
server: nginx/1.16.1

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 0D13 16 KB
6 KB 43ms
42ms Document
text/html 23.32.184.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent={gdpr_consent}&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://www.picuki.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=59533
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Thu, 08 Jun 2023 07:40:13 GMT
expires: Fri, 09 Jun 2023 00:12:26 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 204 /
onetag-sys.com/usync/ Frame D052 0
0 44ms
44ms Document
text/plain 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=59a18369e249bfb

Requested by

Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.picuki.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame 54EE 21 KB
8 KB 167ms
63ms Document
text/html 23.52.120.27
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUIUMTP7&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1

Requested by

Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.120.27 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-120-27.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

5fd8e81509e59424298dd90d6dfc891b594b87a0b7681ceed3ba349b9def753c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.picuki.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 7972
content-type: text/html; charset=UTF-8
date: Thu, 08 Jun 2023 07:40:14 GMT
expires: Sat, 10 Jun 2023 07:40:14 GMT
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H/1.1 200
OK sync.html Show response
s.console.adtarget.com.tr/ Frame 463F 2 KB
1 KB 155ms
48ms Document
text/html 2a0c:5c81:5145::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5145::2 Brent, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 7dda27a21d2cab5ef52a86f04ce507219dda8ab16bf52f19de0000673f9e5055

Request headers

Referer: https://www.picuki.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.picuki.com
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 961
Content-Type: text/html; charset=UTF-8
Date: Thu, 08 Jun 2023 07:40:13 GMT
Server: Adtelligent
X-Robots-Tag: noindex

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame 269B
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D733849%26extuid%3D%24UID
https://sync.adtelligent.com/csync?t=a&ep=733849&extuid=2010292523365572458

43 B
456 B

450ms
113ms

Document
image/gif

23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=733849&extuid=2010292523365572458
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://www.picuki.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Length: 43
Content-Type: image/gif
Date: Thu, 08 Jun 2023 07:40:13 GMT
Etag: 9a46f4fe4eee4abd
Server: Adtelligent

Redirect headers

AN-X-Request-Uuid: 7d19c830-b36e-4deb-8284-a639994f50cc
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=utf-8
Date: Thu, 08 Jun 2023 07:40:14 GMT
Expires: Sat, 15 Nov 2008 16:00:00 GMT
Location: https://sync.adtelligent.com/csync?t=a&ep=733849&extuid=2010292523365572458
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma: no-cache
Server: nginx/1.23.4
X-Proxy-Origin: 80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection: 0

GET
H2 200 / Show response
ads.us.e-planning.net/uspd/1/ Frame 27B9 3 KB
1 KB 42ms
42ms Document
text/html 193.3.178.3
E-PLANNING-

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: 8672124d47e1720f56e9506adb80f75e880024eef8eeff01af426aa0d44f6b56

Request headers

Referer: https://www.picuki.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0, no-cache
content-encoding: gzip
content-type: text/html
date: Thu, 08 Jun 2023 07:40:13 GMT
expires: Thu, 08 Jun 2023 07:40:13 GMT
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server: openresty
x-sid: AMS-928

GET
H2 200 pd Show response
u.openx.net/w/1.0/ Frame E454 0
80 B 69ms
48ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.picuki.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Thu, 08 Jun 2023 07:40:13 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H/1.1 200
OK csync Show response
sync.adtelligent.com/ Frame A0C2 43 B
320 B 470ms
112ms Document
image/gif 23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=743295&extuid=${UID}&gdpr=[replace_me]&gdpr_consent=[replace_me]
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://www.picuki.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Length: 43
Content-Type: image/gif
Date: Thu, 08 Jun 2023 07:40:13 GMT
Etag: 9a46f4fe4eee4abd
Server: Adtelligent

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 78F8 281 B
554 B 54ms
41ms Document
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.picuki.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 08 Jun 2023 07:40:13 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK sync.html Show response
s.adtelligent.com/ Frame CF2C 2 KB
1 KB 216ms
85ms Document
text/html 2a0c:5c81:5126:0:ae1f:6bff:fec1:ad72
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adtelligent.com/sync.html?aid=651796
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5126:0:ae1f:6bff:fec1:ad72 Brent, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 7e76c98088b3e894f10637cf75b895990311ef9243ddd9804f067b54f72369b9

Request headers

Referer: https://www.picuki.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.picuki.com
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 963
Content-Type: text/html; charset=UTF-8
Date: Thu, 08 Jun 2023 07:40:13 GMT
Server: Adtelligent
X-Robots-Tag: noindex

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame BFAB 16 KB
6 KB 55ms
45ms Document
text/html 23.32.184.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://www.picuki.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=59533
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Thu, 08 Jun 2023 07:40:13 GMT
expires: Fri, 09 Jun 2023 00:12:26 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 cookie Show response
cm.adform.net/ Frame A0C1 43 B
105 B 101ms
40ms Document
image/gif 37.157.6.254
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D743293%26extuid%3D%24UID%26gdpr%3D%5Breplace_me%5D%26gdpr_consent%3D%5Breplace_me%5D
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.254 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.picuki.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 43
content-type: image/gif
date: Thu, 08 Jun 2023 07:40:13 GMT
server: nginx

GET
H/1.1 200
OK 7318ffc0e8fa1d771446
aax-eu.amazon-adsystem.com/x/ 47 B
47 B 241ms
58ms Image
text/javascript 67.220.226.238
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/x/7318ffc0e8fa1d771446

Requested by

Host: www.picuki.com
URL: https://www.picuki.com/profile/rudy_israel

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

67.220.226.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Thu, 08 Jun 2023 07:40:14 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 3CTCS0XCZ3TQBQWQP432
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: text/javascript;charset=UTF-8
Connection: keep-alive
Content-Length: 47

GET
H2

200

sync
x.bidswitch.net/
Redirect Chain

https://x.bidswitch.net/sync?ssp=themediagrid
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=themediagrid&bsw_custom_parameter=395da4e5-7a73-425d-b97d-bc53dd5eb6ea&gdpr=&gdpr_consent=
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=themediagrid&bsw_custom_parameter=395da4e5-7a73-425d-b97d-bc53dd5eb6ea&gdpr=&gdpr_consent=
https://x.bidswitch.net/sync?dsp_id=4&user_id=309d29a5-dbf4-4b1f-ae51-a2916d257dd7&ssp=themediagrid&expires=30&user_group=5&bsw_param=395da4e5-7a73-425d-b97d-bc53dd5eb6ea

43 B
145 B

40ms
40ms

Image
image/gif

3.124.103.237
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=4&user_id=309d29a5-dbf4-4b1f-ae51-a2916d257dd7&ssp=themediagrid&expires=30&user_group=5&bsw_param=395da4e5-7a73-425d-b97d-bc53dd5eb6ea
Requested by: Host: www.picuki.com
URL: https://www.picuki.com/profile/rudy_israel
Protocol: H2
Server: 3.124.103.237 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-103-237.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:14 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

Location: https://x.bidswitch.net/sync?dsp_id=4&user_id=309d29a5-dbf4-4b1f-ae51-a2916d257dd7&ssp=themediagrid&expires=30&user_group=5&bsw_param=395da4e5-7a73-425d-b97d-bc53dd5eb6ea
Date: Thu, 08 Jun 2023 07:40:14 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

usg.gif
sync.go.sonobi.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=MDgyMjFhMzUtNTI2NS00Y2YxLTk2NjgtYzdiNTRlZTAwZDk3
https://sync.go.sonobi.com/usg.gif?google_gid=CAESECwPsw2q22NQWjb4I49YEBg&google_cver=1

49 B
533 B

294ms
132ms

Image
image/gif

69.166.1.10
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/usg.gif?google_gid=CAESECwPsw2q22NQWjb4I49YEBg&google_cver=1

Requested by

Host: www.picuki.com
URL: https://www.picuki.com/profile/rudy_israel

Protocol

HTTP/1.1

Server

69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jun 2023 07:40:14 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-5-80
Content-Type: image/gif
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Length: 49
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 08 Jun 2023 07:40:13 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.go.sonobi.com/usg.gif?google_gid=CAESECwPsw2q22NQWjb4I49YEBg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 288
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 87C5 34 KB
10 KB 48ms
40ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 0b2cec4a7f5373abdc638ac2803d3edc6d119f64e1aacb62800bfd45eff17b73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Thu, 08 Jun 2023 07:40:13 GMT
Content-Encoding: gzip
Last-Modified: Wed, 07 Jun 2023 14:29:44 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=24515
Connection: keep-alive
Content-Length: 10113
Expires: Thu, 08 Jun 2023 14:28:48 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 3BBC 34 KB
10 KB 56ms
43ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 0b2cec4a7f5373abdc638ac2803d3edc6d119f64e1aacb62800bfd45eff17b73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Thu, 08 Jun 2023 07:40:13 GMT
Content-Encoding: gzip
Last-Modified: Wed, 07 Jun 2023 14:29:44 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=24515
Connection: keep-alive
Content-Length: 10113
Expires: Thu, 08 Jun 2023 14:28:48 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 1D57 34 KB
10 KB 53ms
41ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 0b2cec4a7f5373abdc638ac2803d3edc6d119f64e1aacb62800bfd45eff17b73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Thu, 08 Jun 2023 07:40:13 GMT
Content-Encoding: gzip
Last-Modified: Wed, 07 Jun 2023 14:29:44 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=24515
Connection: keep-alive
Content-Length: 10113
Expires: Thu, 08 Jun 2023 14:28:48 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 6DD5 5 KB
6 KB 49ms
48ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=47683702&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 1c88e9455f9cdeafe92705e42599b0e9acb1470f8a442b0947c784d99cacf9d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Thu, 08 Jun 2023 07:40:13 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 204 pixelSync
pixel.sitescout.com/dmp/ Frame 27B9 0
187 B 44ms
42ms Image
text/plain 98.98.134.241
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D719ef7d6c453fa93
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: A /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Thu, 08 Jun 2023 07:40:13 GMT
cache-control: max-age=0,no-cache,no-store
server: A
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

um
u-ams03.e-planning.net/ Frame 27B9
Redirect Chain

https://sync.admanmedia.com/pbs.gif?redir=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D9937b3fd6e9a979a%26fi%3D719ef7d6c453fa93%26uid%3D%5BUID%5D
https://u-ams03.e-planning.net/um?dc=9937b3fd6e9a979a&fi=719ef7d6c453fa93&uid=9a2e25f0-20cf-4c77-9dab-195c52e0b736

42 B
103 B

40ms
39ms

Image
image/gif

193.3.178.3
E-PLANNING-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-ams03.e-planning.net/um?dc=9937b3fd6e9a979a&fi=719ef7d6c453fa93&uid=9a2e25f0-20cf-4c77-9dab-195c52e0b736
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Server: 193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

server: openresty
date: Thu, 08 Jun 2023 07:40:14 GMT
content-type: image/gif

Redirect headers

Location: https://u-ams03.e-planning.net/um?dc=9937b3fd6e9a979a&fi=719ef7d6c453fa93&uid=9a2e25f0-20cf-4c77-9dab-195c52e0b736
Date: Thu, 08 Jun 2023 07:40:14 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked

GET
H2 200 lotame20230117.js Show response
s.e-planning.net/esb/4/0/1992d/876bf12ed75fef1e/ Frame 27B9 676 B
574 B 41ms
39ms Script
application/x-javascript 193.3.178.2
E-PLANNING-

General

Check archive.org

Show headers Download Go to

Full URL: https://s.e-planning.net/esb/4/0/1992d/876bf12ed75fef1e/lotame20230117.js
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.178.2 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: s.e-planning.net
Software: openresty /
Resource Hash: 631e4c0cb82e03a77dbf7111e8303534d183747050352701d0483b4bdbd3ec81

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:13 GMT
content-encoding: gzip
last-modified: Tue, 17 Jan 2023 20:00:05 GMT
server: openresty
etag: W/"63c6fe45-2a4"
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=157680000
expires: Tue, 06 Jun 2028 07:40:13 GMT

GET
H2

200

um
u-ams03.e-planning.net/ Frame 27B9
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D719ef7d6c453fa93%26uid%3D%24UID
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=719ef7d6c453fa93&uid=2010292523365572458

42 B
103 B

41ms
40ms

Image
image/gif

193.3.178.3
E-PLANNING-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=719ef7d6c453fa93&uid=2010292523365572458
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Server: 193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

server: openresty
date: Thu, 08 Jun 2023 07:40:14 GMT
content-type: image/gif

Redirect headers

Date: Thu, 08 Jun 2023 07:40:14 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: bb727705-3fdb-460f-b6d8-0203d74eea03
Server: nginx/1.23.4
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=719ef7d6c453fa93&uid=2010292523365572458
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

um
u-ams03.e-planning.net/ Frame 27B9
Redirect Chain

https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3D719ef7d6c453fa93%26uid%3D%24UID&partner=eplanning
https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=719ef7d6c453fa93&uid=ua-b2417b94-1c48-3964-97db-0ba5156b743c

42 B
103 B

40ms
39ms

Image
image/gif

193.3.178.3
E-PLANNING-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=719ef7d6c453fa93&uid=ua-b2417b94-1c48-3964-97db-0ba5156b743c
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Server: 193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

server: openresty
date: Thu, 08 Jun 2023 07:40:14 GMT
content-type: image/gif

Redirect headers

location: https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=719ef7d6c453fa93&uid=ua-b2417b94-1c48-3964-97db-0ba5156b743c
pragma: no-cache
date: Thu, 08 Jun 2023 07:40:14 GMT
cache-control: no-store
content-length: 0
expires: 0

GET
H/1.1 200
OK us
sync.go.sonobi.com/ Frame 27B9 0
498 B 364ms
129ms Image
text/plain 69.166.1.10
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=%0A%0Ahttps%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De52415579699e09f%26fi%3D719ef7d6c453fa93%26uid%3D%5BUID%5D

Requested by

Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jun 2023 07:40:14 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-5-19
Content-Type: text/plain; charset=utf8
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 prebid
rtb.openx.net/sync/ Frame 27B9 43 B
103 B 49ms
47ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D719ef7d6c453fa93%26uid%3D%24%7BUID%7D
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 07:40:14 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H2

400

um
u-ams03.e-planning.net/ Frame 27B9
Redirect Chain

https://cookies.nextmillmedia.com/sync?type=image&gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%5BNMUID%5D%26dc%...
https://u-ams03.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=719ef7d6c453fa93

0
0

39ms
38ms

Image
text/html

193.3.178.3
E-PLANNING-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-ams03.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=719ef7d6c453fa93
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Server: 193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Redirect headers

location: https://u-ams03.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=719ef7d6c453fa93
date: Thu, 08 Jun 2023 07:40:14 GMT
server: fasthttp
content-length: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 78F8 34 KB
10 KB 48ms
47ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 0b2cec4a7f5373abdc638ac2803d3edc6d119f64e1aacb62800bfd45eff17b73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Thu, 08 Jun 2023 07:40:13 GMT
Content-Encoding: gzip
Last-Modified: Wed, 07 Jun 2023 14:29:44 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=24515
Connection: keep-alive
Content-Length: 10113
Expires: Thu, 08 Jun 2023 14:28:48 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 8EB5
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu

281 B
554 B

45ms
42ms

Document
text/html

23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 08 Jun 2023 07:40:14 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Thu, 08 Jun 2023 07:40:13 GMT
location: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
server: AkamaiGHost
server-timing: ak_p; desc="1686210013998_390277187_9868490_17_756_38_0_255";dur=1

GET
H/1.1 200
OK usermatch Show response
ssum.casalemedia.com/ Frame 1868 2 KB
2 KB 45ms
45ms Document
text/html 185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D719ef7d6c453fa93%26uid%3D
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: 2426b4723bc4904e04c6b253da5bd3096f6d2e294b4999ad22c7bbbef0e85591

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache
Connection: Keep-Alive
Content-Length: 1786
Content-Type: text/html
Date: Thu, 08 Jun 2023 07:40:14 GMT
Expires: 0
Keep-Alive: timeout=1, max=498
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Server: Apache

GET
H2 200 navegg_2022_01_br.html Show response
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame C747 1 KB
998 B 43ms
43ms Document
text/html 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 Cantonment, United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=157680000
cf4age: 0
cf4ttl: 157680000.000
content-encoding: gzip
content-length: 624
content-type: text/html
date: Thu, 08 Jun 2023 07:40:14 GMT
etag: W/"61ddbb71-5f5"
expires: Thu, 02 Mar 2028 17:17:56 GMT
last-modified: Tue, 11 Jan 2022 17:16:33 GMT
server: CFS 0215
x-cf-reqid: 0d84e29fc53b948e2f82b14d1944a713
x-cf-tsc: 1677950277
x-cf1: 29080:fJ.fra2:co:1585621119:cacheN.fra2-01:H
x-cf2: H
x-cf3: M
x-cff: B

GET
H2 204 /
onetag-sys.com/usync/ Frame 5AF9 0
0 47ms
46ms Document
text/plain 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=5927d926323dc2c

Requested by

Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 200 / Show response
spl.zeotap.com/ Frame 958F 760 B
825 B 57ms
57ms Document
text/html 2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Requested by

Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92d8d6834b3b0c9f8cfaeed2b4f304254ab61a46240612a18bd5eb120c25b8a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://ads.us.e-planning.net
cf-cache-status: DYNAMIC
cf-ray: 7d3f7c4b8922902e-FRA
content-encoding: br
content-type: text/html
date: Thu, 08 Jun 2023 07:40:14 GMT
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
via: 1.1 google
x-content-type-options: nosniff

GET
H3 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ Frame 60F1 2 KB
1 KB 40ms
40ms XHR
application/json 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230608

Requested by

Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2023-06-05.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d878317c914e200c9207ada2120a4ba768e1ff623ffbb1f3285e40e8bc427af8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.picuki.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 08 Jun 2023 07:40:14 GMT
x-content-type-options: nosniff
content-encoding: br
age: 13161
x-jsd-version: 1.0.1714
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 858
x-served-by: cache-fra-eddf8230043-FRA
x-jsd-version-type: version
etag: W/"639-ds1QznykaHiQoiMeOuDNJqelYts"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK localstore.js Show response
script.4dex.io/ Frame 60F1 483 B
1016 B 47ms
47ms Script
application/javascript 2606:4700:20::681a:9a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2023-06-05.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Thu, 08 Jun 2023 07:40:14 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Last-Modified: Tue, 06 Jun 2023 12:52:55 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 152155
ETag: W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lbMUunqUMbPxZhQZw9tH52JCzRSWQ16k0Cv49P%2BCte8naQlETvRtSov7tE8cTWmVq2L3QoMCrY9U7JsBys6prjXBJP6LnI4Kxu4Tjt0PFLAcS6yy9STLAZKp2UWLCOePg0KIk%2FMd2XfELBks"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1800
Connection: keep-alive
CF-RAY: 7d3f7c4bdaf7bbad-FRA

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 0548
Redirect Chain

https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
https://usersync.gumgum.com/usersync?b=apn&i=2010292523365572458

35 B
250 B

231ms
57ms

Image
image/gif

52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=apn&i=2010292523365572458
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: HTTP/1.1
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Thu, 08 Jun 2023 07:40:14 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

Date: Thu, 08 Jun 2023 07:40:14 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 80.255.7.108; 80.255.7.108; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: d10ca71c-f0a8-4db6-90f1-6d9a8139f7e1
Server: nginx/1.23.2
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://usersync.gumgum.com/usersync?b=apn&i=2010292523365572458
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 0548
Redirect Chain

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_a01540c4-6b8d-441e-aa49-6451ca6fa1fc&gdpr=&gdpr_consent=&us_privacy=
https://ads.betweendigital.com/match?bidder_id=43092&gdpr=&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dgumgum2%26expires%3D30%26us...
https://ads.betweendigital.com/match?bidder_id=43092&gdpr=&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dgumgum2%26expires%3D30%26us...
https://x.bidswitch.net/sync?dsp_id=429&user_id=9f633271-48a5-529f-8ec7-abbcea462e62&ssp=gumgum2&expires=30&user_group=1&gdpr=&gdpr_consent=
https://usersync.gumgum.com/usersync?b=bsw&i=395da4e5-7a73-425d-b97d-bc53dd5eb6ea&gdpr=&gdpr_consent=&us_privacy=

35 B
250 B

56ms
56ms

Image
image/gif

52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=bsw&i=395da4e5-7a73-425d-b97d-bc53dd5eb6ea&gdpr=&gdpr_consent=&us_privacy=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: HTTP/1.1
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Thu, 08 Jun 2023 07:40:14 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

location: //usersync.gumgum.com/usersync?b=bsw&i=395da4e5-7a73-425d-b97d-bc53dd5eb6ea&gdpr=&gdpr_consent=&us_privacy=
date: Thu, 08 Jun 2023 07:40:14 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 0548
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
https://usersync.gumgum.com/usersync?b=sta&i=0-f3637285-b477-5d23-47ec-f8e0e7db5f30$ip$80.255.7.108

35 B
250 B

93ms
56ms

Image
image/gif

52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=sta&i=0-f3637285-b477-5d23-47ec-f8e0e7db5f30$ip$80.255.7.108
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: HTTP/1.1
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Thu, 08 Jun 2023 07:40:14 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

Location: https://usersync.gumgum.com/usersync?b=sta&i=0-f3637285-b477-5d23-47ec-f8e0e7db5f30$ip$80.255.7.108
Date: Thu, 08 Jun 2023 07:40:14 GMT
Connection: keep-alive
Content-Length: 126
Content-Type: text/html; charset=utf-8

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 0548
Redirect Chain

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_a01540c4-6b8d-441e-aa49-6451ca6fa1fc&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
https://usersync.gumgum.com/usersync?b=zem&i=

35 B
250 B

58ms
57ms

Image
image/gif

52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=zem&i=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: HTTP/1.1
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Thu, 08 Jun 2023 07:40:14 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

Location: https://usersync.gumgum.com/usersync?b=zem&i=
Pragma: no-cache
Date: Thu, 08 Jun 2023 07:40:14 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 72
Content-Type: text/html; charset=utf-8

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 0548
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
https://usersync.gumgum.com/usersync?b=pln&i=ZodCt5L8SEDL&ev=1&pid=558355

35 B
250 B

143ms
55ms

Image
image/gif

52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=pln&i=ZodCt5L8SEDL&ev=1&pid=558355
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: HTTP/1.1
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Thu, 08 Jun 2023 07:40:14 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

strict-transport-security: max-age=15768000
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server: Jetty(10.0.14)
content-language: de-DE
location: https://usersync.gumgum.com/usersync?b=pln&i=ZodCt5L8SEDL&ev=1&pid=558355
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-6d945594b4-xwm8z
expires: -1

GET
H/1.1

200
OK

syncPlatform
sync.outbrain.com/ Frame 0548
Redirect Chain

https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRd...
https://usersync.gumgum.com/usersync?b=obn&i=ENC%28imqH2P2mBjFbAJpyjJV5ttr86mXv6TmlOttTJjFSfsXj94NreWYgLBZze3MLnI1E%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_3669e6a6-26f5-4699-9b14-91acccedbe01&obuid=ENC(imqH2P2mBjFbAJpyjJV5ttr86mXv6TmlOttTJjFSfsXj94NreWYgLBZze3MLnI1E)
https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51

0
145 B

192ms
116ms

Image
text/plain

64.202.112.31
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: HTTP/1.1
Server: 64.202.112.31 Chicago, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Thu, 08 Jun 2023 07:40:15 GMT
Cache-Control: no-cache
X-TraceId: 63a6e800b46c080b5e1323838ce7c578
Content-Length: 0

Redirect headers

Location: https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51
Date: Thu, 08 Jun 2023 07:40:15 GMT
X-TraceId: 0a7d2a3d0b42ce1acc9f1107a2478b61
Content-Length: 0

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 0548 43 B
131 B 82ms
55ms Image
image/gif 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 07:40:14 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 0548
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent=
https://usersync.gumgum.com/usersync?b=oth&i=y-MzJs0xxE2pdjfmvBGlnlkqbRiIubzEB7UdSO~A

35 B
250 B

174ms
58ms

Image
image/gif

52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=oth&i=y-MzJs0xxE2pdjfmvBGlnlkqbRiIubzEB7UdSO~A
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: HTTP/1.1
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Thu, 08 Jun 2023 07:40:14 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

date: Thu, 08 Jun 2023 07:40:14 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://usersync.gumgum.com/usersync?b=oth&i=y-MzJs0xxE2pdjfmvBGlnlkqbRiIubzEB7UdSO~A
content-length: 0

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 0548
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%...
https://usersync.gumgum.com/usersync?b=vnt&i=ef42829d-4d1c-42b6-a969-46000a4e85ec

35 B
250 B

55ms
55ms

Image
image/gif

52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=vnt&i=ef42829d-4d1c-42b6-a969-46000a4e85ec
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: HTTP/1.1
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Thu, 08 Jun 2023 07:40:14 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

Location: https://usersync.gumgum.com/usersync?b=vnt&i=ef42829d-4d1c-42b6-a969-46000a4e85ec
Date: Thu, 08 Jun 2023 07:40:14 GMT
Connection: keep-alive
X-CI-RTID: cdebe42a-524e-4d40-a3aa-f3801907abb9
Content-Length: 108
Content-Type: text/html; charset=utf-8

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 0548
Redirect Chain

https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
https://usersync.gumgum.com/usersync?b=snc&i=GDPR

35 B
250 B

60ms
57ms

Image
image/gif

52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=snc&i=GDPR
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: HTTP/1.1
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Thu, 08 Jun 2023 07:40:14 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

date: Thu, 08 Jun 2023 07:40:14 GMT
via: 1.1 varnish
server: nginx
age: 0
access-control-allow-methods: POST,GET,HEAD,OPTIONS
x-varnish: 588750381
location: https://usersync.gumgum.com/usersync?b=snc&i=GDPR
access-control-allow-origin: https://rtb.gumgum.com/
access-control-allow-credentials: true
content-length: 0

GET
H2 200 142
match.deepintent.com/usersync/ Frame 0548 0
44 B 413ms
119ms Image
text/plain 8.18.47.7
DEEPINTENT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 8.18.47.7 Miami, United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software: a /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:14 GMT
content-length: 0
server: a

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 0548
Redirect Chain

https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
https://usersync.gumgum.com/usersync?b=idi&i=4f83d804-a17a-47e8-9910-870fa15f0259

35 B
250 B

60ms
57ms

Image
image/gif

52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=idi&i=4f83d804-a17a-47e8-9910-870fa15f0259
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: HTTP/1.1
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Thu, 08 Jun 2023 07:40:14 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

location: https://usersync.gumgum.com/usersync?b=idi&i=4f83d804-a17a-47e8-9910-870fa15f0259
access-control-allow-origin: *
date: Thu, 08 Jun 2023 07:40:14 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame 0548 0
75 B 83ms
50ms Image
text/plain 185.86.138.151
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.151 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:13 GMT
content-length: 0

GET
H2 200 um
sync.e-planning.net/ Frame 0548 42 B
103 B 43ms
36ms Image
image/gif 193.3.178.3
E-PLANNING-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.e-planning.net/um?dc=1a6b1d3b3872943b&fi=719ef7d6c453fa93&uid=e_a01540c4-6b8d-441e-aa49-6451ca6fa1fc
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

server: openresty
date: Thu, 08 Jun 2023 07:40:14 GMT
content-type: image/gif

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame C792
Redirect Chain

https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
https://usersync.gumgum.com/usersync?b=apn&i=2010292523365572458

35 B
250 B

57ms
57ms

Image
image/gif

52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=apn&i=2010292523365572458
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: HTTP/1.1
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Thu, 08 Jun 2023 07:40:14 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

Date: Thu, 08 Jun 2023 07:40:14 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 80.255.7.108; 80.255.7.108; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: bb0ceff4-d982-4e25-97d0-caac176b8369
Server: nginx/1.23.2
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://usersync.gumgum.com/usersync?b=apn&i=2010292523365572458
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame C792
Redirect Chain

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_3669e6a6-26f5-4699-9b14-91acccedbe01&gdpr=&gdpr_consent=&us_privacy=
https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=gumgum2
https://x.bidswitch.net/sync?dsp_id=70&user_id=3774514616463086421&ssp=gumgum2
https://usersync.gumgum.com/usersync?b=bsw&i=395da4e5-7a73-425d-b97d-bc53dd5eb6ea&gdpr=&gdpr_consent=&us_privacy=

35 B
250 B

60ms
60ms

Image
image/gif

52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=bsw&i=395da4e5-7a73-425d-b97d-bc53dd5eb6ea&gdpr=&gdpr_consent=&us_privacy=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: HTTP/1.1
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Thu, 08 Jun 2023 07:40:14 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

location: //usersync.gumgum.com/usersync?b=bsw&i=395da4e5-7a73-425d-b97d-bc53dd5eb6ea&gdpr=&gdpr_consent=&us_privacy=
date: Thu, 08 Jun 2023 07:40:14 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame C792
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
https://usersync.gumgum.com/usersync?b=sta&i=0-f3637285-b477-5d23-47ec-f8e0e7db5f30$ip$80.255.7.108

35 B
250 B

61ms
61ms

Image
image/gif

52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=sta&i=0-f3637285-b477-5d23-47ec-f8e0e7db5f30$ip$80.255.7.108
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: HTTP/1.1
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Thu, 08 Jun 2023 07:40:14 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

Location: https://usersync.gumgum.com/usersync?b=sta&i=0-f3637285-b477-5d23-47ec-f8e0e7db5f30$ip$80.255.7.108
Date: Thu, 08 Jun 2023 07:40:14 GMT
Connection: keep-alive
Content-Length: 126
Content-Type: text/html; charset=utf-8

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame C792
Redirect Chain

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_3669e6a6-26f5-4699-9b14-91acccedbe01&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
https://usersync.gumgum.com/usersync?b=zem&i=

35 B
250 B

58ms
58ms

Image
image/gif

52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=zem&i=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: HTTP/1.1
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Thu, 08 Jun 2023 07:40:14 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

Location: https://usersync.gumgum.com/usersync?b=zem&i=
Pragma: no-cache
Date: Thu, 08 Jun 2023 07:40:14 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 72
Content-Type: text/html; charset=utf-8

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame C792
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
https://usersync.gumgum.com/usersync?b=pln&i=fTnqCj4A4OGn&ev=1&pid=558355

35 B
250 B

145ms
57ms

Image
image/gif

52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=pln&i=fTnqCj4A4OGn&ev=1&pid=558355
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: HTTP/1.1
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Thu, 08 Jun 2023 07:40:14 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

strict-transport-security: max-age=15768000
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server: Jetty(10.0.14)
content-language: de-DE
location: https://usersync.gumgum.com/usersync?b=pln&i=fTnqCj4A4OGn&ev=1&pid=558355
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-6d945594b4-rw472
expires: -1

GET
H/1.1

200
OK

syncPlatform
sync.outbrain.com/ Frame C792
Redirect Chain

https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRd...
https://usersync.gumgum.com/usersync?b=obn&i=ENC%28nUK4wd7qsiEhPSmg2lcpvaEZ_Z2B8i3P4J5WR5XDfTodQXnunewmCd4oFv_ZsBrQ%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_3669e6a6-26f5-4699-9b14-91acccedbe01&obuid=ENC(nUK4wd7qsiEhPSmg2lcpvaEZ_Z2B8i3P4J5WR5XDfTodQXnunewmCd4oFv_ZsBrQ)
https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51

0
145 B

203ms
121ms

Image
text/plain

64.202.112.31
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: HTTP/1.1
Server: 64.202.112.31 Chicago, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Thu, 08 Jun 2023 07:40:15 GMT
Cache-Control: no-cache
X-TraceId: 548dcaa879bf737f7bb691665b9ac832
Content-Length: 0

Redirect headers

Location: https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51
Date: Thu, 08 Jun 2023 07:40:15 GMT
X-TraceId: 20ed5ae42ee130a69abeda7c5e368c2a
Content-Length: 0

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame C792 43 B
120 B 77ms
60ms Image
image/gif 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 07:40:14 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame C792
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent=
https://usersync.gumgum.com/usersync?b=oth&i=y-MzJs0xxE2pdjfmvBGlnlkqbRiIubzEB7UdSO~A

35 B
250 B

175ms
59ms

Image
image/gif

52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=oth&i=y-MzJs0xxE2pdjfmvBGlnlkqbRiIubzEB7UdSO~A
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: HTTP/1.1
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Thu, 08 Jun 2023 07:40:14 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

date: Thu, 08 Jun 2023 07:40:14 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://usersync.gumgum.com/usersync?b=oth&i=y-MzJs0xxE2pdjfmvBGlnlkqbRiIubzEB7UdSO~A
content-length: 0

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame C792
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%...
https://usersync.gumgum.com/usersync?b=vnt&i=f4f230c0-4d04-4754-9ccb-a366018deb45

35 B
250 B

57ms
56ms

Image
image/gif

52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=vnt&i=f4f230c0-4d04-4754-9ccb-a366018deb45
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: HTTP/1.1
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Thu, 08 Jun 2023 07:40:14 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

Location: https://usersync.gumgum.com/usersync?b=vnt&i=f4f230c0-4d04-4754-9ccb-a366018deb45
Date: Thu, 08 Jun 2023 07:40:14 GMT
Connection: keep-alive
X-CI-RTID: 07a210c2-9052-4402-a065-2ac076746092
Content-Length: 108
Content-Type: text/html; charset=utf-8

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame C792
Redirect Chain

https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
https://usersync.gumgum.com/usersync?b=snc&i=GDPR

35 B
250 B

61ms
58ms

Image
image/gif

52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=snc&i=GDPR
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: HTTP/1.1
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Thu, 08 Jun 2023 07:40:14 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

date: Thu, 08 Jun 2023 07:40:14 GMT
via: 1.1 varnish
server: nginx
age: 0
access-control-allow-methods: POST,GET,HEAD,OPTIONS
x-varnish: 576045605
location: https://usersync.gumgum.com/usersync?b=snc&i=GDPR
access-control-allow-origin: https://rtb.gumgum.com/
access-control-allow-credentials: true
content-length: 0

GET
H2 200 142
match.deepintent.com/usersync/ Frame C792 0
39 B 402ms
119ms Image
text/plain 8.18.47.7
DEEPINTENT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 8.18.47.7 Miami, United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software: a /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:13 GMT
content-length: 0
server: a

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame C792
Redirect Chain

https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
https://usersync.gumgum.com/usersync?b=idi&i=4f83d804-a17a-47e8-9910-870fa15f0259

35 B
250 B

60ms
57ms

Image
image/gif

52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=idi&i=4f83d804-a17a-47e8-9910-870fa15f0259
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: HTTP/1.1
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Thu, 08 Jun 2023 07:40:14 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

location: https://usersync.gumgum.com/usersync?b=idi&i=4f83d804-a17a-47e8-9910-870fa15f0259
access-control-allow-origin: *
date: Thu, 08 Jun 2023 07:40:14 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame C792 0
75 B 136ms
49ms Image
text/plain 185.86.138.151
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.151 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:14 GMT
content-length: 0

GET
H2 200 um
sync.e-planning.net/ Frame C792 42 B
103 B 39ms
39ms Image
image/gif 193.3.178.3
E-PLANNING-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.e-planning.net/um?dc=1a6b1d3b3872943b&fi=719ef7d6c453fa93&uid=e_3669e6a6-26f5-4699-9b14-91acccedbe01
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

server: openresty
date: Thu, 08 Jun 2023 07:40:14 GMT
content-type: image/gif

GET
H/1.1 204
No Content sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 87C5 0
239 B 174ms
40ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-eu.rubiconproject.com/exchange/sync.php?p=12186&khaos=LIMTWKIL-5-GIAW
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 ZIGF3crsBtBhjTc7KJhXoQAABKQAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 1868 43 B
602 B 62ms
62ms Image
image/gif 2a05:d018:d29:3602:51a:42ee:38f7:77d0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/ZIGF3crsBtBhjTc7KJhXoQAABKQAAAIB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=

Requested by

Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D719ef7d6c453fa93%26uid%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3602:51a:42ee:38f7:77d0 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:14 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 1868
Redirect Chain

https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2010292523365572458

43 B
632 B

41ms
40ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2010292523365572458
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jun 2023 07:40:14 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=496
Content-Length: 43
Expires: 0

Redirect headers

Date: Thu, 08 Jun 2023 07:40:14 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 80.255.7.108; 80.255.7.108; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 675fb289-31d9-439d-a03b-506c3e9f40be
Server: nginx/1.23.2
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2010292523365572458
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK ie
match.prod.bidr.io/cookie-sync/ Frame 1868 43 B
433 B 58ms
56ms Image
image/gif 54.228.73.172
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/ie

Requested by

Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D719ef7d6c453fa93%26uid%3D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.228.73.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-228-73-172.eu-west-1.compute.amazonaws.com

Software

gunicorn /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
Date: Thu, 08 Jun 2023 07:40:14 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
content-type: image/gif
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ZIGF3crsBtBhjTc7KJhXoQAABKQAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 1868
Redirect Chain

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZIGF3crsBtBhjTc7KJhXoQAABKQAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
https://pr-bh.ybp.yahoo.com/sync/casale/ZIGF3crsBtBhjTc7KJhXoQAABKQAAAIB

43 B
602 B

59ms
56ms

Image
image/gif

2a05:d018:d29:3602:51a:42ee:38f7:77d0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/ZIGF3crsBtBhjTc7KJhXoQAABKQAAAIB

Requested by

Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D719ef7d6c453fa93%26uid%3D

Protocol

Server

2a05:d018:d29:3602:51a:42ee:38f7:77d0 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:14 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

Redirect headers

location: https://pr-bh.ybp.yahoo.com/sync/casale/ZIGF3crsBtBhjTc7KJhXoQAABKQAAAIB
date: Thu, 08 Jun 2023 07:40:14 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200
OK user-registering
ads.stickyadstv.com/ Frame 1868 43 B
734 B 280ms
55ms Image
image/gif 184.24.77.72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZIGF3crsBtBhjTc7KJhXoQAA%261188&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.24.77.72 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-24-77-72.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jun 2023 07:40:14 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Server-Timing: ak_p; desc="1686210014372_389467976_197404631_1302_723_39_58_-";dur=1
Content-Length: 43
x-sticky-vk: 1686210014413030-359
Expires: Thu, 08 Jun 2023 07:40:14 GMT

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame 1868 0
75 B 52ms
51ms Image
text/plain 185.86.138.151
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.151 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:14 GMT
content-length: 0

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 1868
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=29
https://c1.adform.net/serving/cookie/match?CC=1&party=29
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=3774514616463086421&expiration=1687419614

43 B
632 B

122ms
41ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=3774514616463086421&expiration=1687419614
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jun 2023 07:40:14 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 08 Jun 2023 07:40:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=3774514616463086421&expiration=1687419614
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 1868
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=829f6481-85de-4c00-be7d-06d6e712ce7d

43 B
632 B

121ms
40ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=829f6481-85de-4c00-be7d-06d6e712ce7d
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jun 2023 07:40:15 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

Date: Thu, 08 Jun 2023 07:40:14 GMT
Server: MT3 933 7933424 master pao-pixel-x26 config_version:"808"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=829f6481-85de-4c00-be7d-06d6e712ce7d
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 08 Jun 2023 07:40:13 GMT

GET
H2 200 um
u-ams03.e-planning.net/ Frame 1868 42 B
103 B 42ms
41ms Image
image/gif 193.3.178.3
E-PLANNING-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-ams03.e-planning.net/um?dc=99e41df815fd80b4&fi=719ef7d6c453fa93&uid=ZIGF3crsBtBhjTc7KJhXoQAA%261188
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

server: openresty
date: Thu, 08 Jun 2023 07:40:14 GMT
content-type: image/gif

OPTIONS
H2 204 openrtb
ex.ingage.tech/v1/ Frame 0
0 230ms
139ms Preflight 2606:4700:10::ac43:2954
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ex.ingage.tech/v1/openrtb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2954 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.picuki.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.picuki.com
access-control-max-age: 3600
cf-cache-status: DYNAMIC
cf-ray: 7d3f7c4cddc939c4-FRA
content-length: 0
date: Thu, 08 Jun 2023 07:40:14 GMT
server: cloudflare
vary: Origin, Access-Control-Request-Headers

POST
H/1.1 200
OK pbjs Show response
prebid.admanmedia.com/ Frame 60F1 2 B
241 B 512ms
136ms XHR
application/json 80.77.87.128
NATCOWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.admanmedia.com/pbjs
Requested by: Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2023-06-05.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 80.77.87.128 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://www.picuki.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.picuki.com
Date: Thu, 08 Jun 2023 07:40:14 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 2
Content-Type: application/json

POST
H/1.1 204
No Content / Show response
b1h-euc1.zemanta.com/api/bidder/prebid/bid/ Frame 60F1 0
144 B 135ms
41ms XHR
text/plain 213.227.153.223
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://b1h-euc1.zemanta.com/api/bidder/prebid/bid/
Requested by: Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2023-06-05.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.227.153.223 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.picuki.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

Connection: keep-alive
Access-Control-Allow-Origin: https://www.picuki.com
Access-Control-Allow-Credentials: true

POST
H2 200 adreq Show response
ads.servenobid.com/ Frame 60F1 1 KB
777 B 297ms
162ms XHR
application/json 52.214.36.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servenobid.com/adreq?cb=7285
Requested by: Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2023-06-05.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.214.36.213 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-36-213.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 34c3405d6ce5339506d346af0efdd6fc24c7b220fd969ae0ad2b2a852448654e

Request headers

Referer: https://www.picuki.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 08 Jun 2023 07:40:14 GMT
content-encoding: gzip
amp-access-control-allow-source-origin: *
vary: accept-encoding
content-type: application/json
access-control-allow-origin: https://www.picuki.com
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true

POST
H2 200 prebid-request Show response
onetag-sys.com/ Frame 60F1 15 B
361 B 41ms
41ms XHR
application/json 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2023-06-05.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.picuki.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://www.picuki.com
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H/1.1 200
OK pbjs Show response
explorads-prebid.smart-hub.io/ Frame 60F1 2 B
337 B 386ms
131ms XHR
application/json 8.2.109.53
NATCOWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://explorads-prebid.smart-hub.io/pbjs

Requested by

Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2023-06-05.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

8.2.109.53 , United States, ASN46636 (NATCOWEB, US),

Reverse DNS

Software

nginx /

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Frame-Options	DENY

Request headers

Referer: https://www.picuki.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 08 Jun 2023 07:40:14 GMT
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Server: nginx
X-Frame-Options: DENY
Content-Type: application/json
Access-Control-Allow-Origin: https://www.picuki.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 2

POST
H2 204 c Show response
prebid.a-mo.net/a/ Frame 60F1 0
157 B 60ms
60ms XHR
text/plain 147.75.84.158
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2023-06-05.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.picuki.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.picuki.com
date: Thu, 08 Jun 2023 07:40:13 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 18
server: envoy
vary: origin, Accept-Encoding

POST
H2 204 prebid Show response
mp.4dex.io/ Frame 60F1 0
99 B 57ms
57ms XHR
text/plain 2606:4700::6812:372
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2023-06-05.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.picuki.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 07:40:14 GMT
x-err: Parsing the Prebid Request. org/site not found
x-version: 3.0.0-gcp-ams
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
vary: Origin, Accept-Encoding
access-control-allow-origin: https://www.picuki.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 7d3f7c4c49ae90dd-FRA
expires: 0

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 60F1 0
176 B 46ms
46ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2023-06-05.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.picuki.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.picuki.com
date: Thu, 08 Jun 2023 07:40:14 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 204 2354527 Show response
bs.yandex.ru/metadsp/ Frame 60F1 0
421 B 270ms
104ms XHR
application/json 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://bs.yandex.ru/metadsp/2354527?imp-id=1&target-ref=www.picuki.com&ssp-id=10500

Requested by

Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2023-06-05.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.picuki.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 07:40:14 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 08 Jun 2023 07:40:14 GMT
uniformat: true
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://www.picuki.com
content-type: application/json; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 0
uniformat-product-type: None
x-xss-protection: 1; mode=block
expires: Thu, 08 Jun 2023 07:40:14 GMT

POST
H2 200 openrtb Show response
ex.ingage.tech/v1/ Frame 60F1 2 KB
929 B 348ms
261ms XHR
application/json 2606:4700:10::ac43:2954
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ex.ingage.tech/v1/openrtb
Requested by: Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2023-06-05.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2954 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5de0285ce05af31f7a51be00b51f24a71fa46a7bee8925b051ff8e747b719560

Request headers

Referer: https://www.picuki.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 08 Jun 2023 07:40:14 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.picuki.com
access-control-allow-credentials: true
cf-ray: 7d3f7c4e58825c38-FRA

GET
H2 200 sync Show response
eb2.3lift.com/ Frame 8FA6 37 B
139 B 44ms
43ms Document
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://www.picuki.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Thu, 08 Jun 2023 07:40:14 GMT

GET
H2 200 sync-all.html Show response
adxbid.info/ Frame 3514 7 KB
3 KB 160ms
67ms Document
text/html 2606:4700:3035::6815:23e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:23e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cccba065a0e962f62ca114793d18ada30e87cf7a48900c1e7486e8e4c57a05b9

Request headers

Referer: https://www.picuki.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7d3f7c4cff3a360b-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 08 Jun 2023 07:40:14 GMT
last-modified: Thu, 26 Jan 2023 09:50:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pGf8%2FFCk6fckCk%2Fk0pBUj4iW%2FfTdvtMddA4teqZYmPrmvyCJ7VOPik5L4yaxbrbShjXG28ez5dyuNM1PKZIGAakLB%2FQBypCZvRik%2FFvfqz5P1m8e7PIyPl1pWKxB6TY30xOt9SxMrPleYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 204 /
onetag-sys.com/usync/ Frame 7DAA 0
0 42ms
41ms Document
text/plain 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1686210010805

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/saas/3528

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.picuki.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame E20A 16 KB
6 KB 41ms
41ms Document
text/html 23.32.184.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://www.picuki.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=59532
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Thu, 08 Jun 2023 07:40:14 GMT
expires: Fri, 09 Jun 2023 00:12:26 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 958F
Redirect Chain

https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D79a...
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=79a64fcc-6cfc-4445-7207-8c3d4a87e46c&reqId=39c147d2-4c37-47cb-7311-d54e4abb00b8&zdid=1361&puid=b4ae...

95 B
154 B

64ms
55ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=79a64fcc-6cfc-4445-7207-8c3d4a87e46c&reqId=39c147d2-4c37-47cb-7311-d54e4abb00b8&zdid=1361&puid=b4ae8750-05cf-11ee-821a-9b29867dbf7b

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:14 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 7d3f7c4e4b97902e-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

location: https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=79a64fcc-6cfc-4445-7207-8c3d4a87e46c&reqId=39c147d2-4c37-47cb-7311-d54e4abb00b8&zdid=1361&puid=b4ae8750-05cf-11ee-821a-9b29867dbf7b
date: Thu, 08 Jun 2023 07:40:14 GMT
cross-origin-resource-policy: cross-origin
content-length: 0

GET
H2 200 mw
mwzeom.zeotap.com/ Frame 958F 95 B
154 B 63ms
54ms Image
image/png 2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?zpartnerid=1353&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=79a64fcc-6cfc-4445-7207-8c3d4a87e46c&reqId=39c147d2-4c37-47cb-7311-d54e4abb00b8&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:14 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 7d3f7c4c79ce902e-FRA
access-control-allow-headers: *
content-length: 95

GET
H2 200 cmp.min.js Show response
spl.zeotap.com/ Frame 958F 557 B
416 B 54ms
53ms Script
text/plain 2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=79a64fcc-6cfc-4445-7207-8c3d4a87e46c&reqId=39c147d2-4c37-47cb-7311-d54e4abb00b8&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a9fe251312509a9e218ffb5bd8e813145b3363a7ee9212d6875a1efc9c15aa2

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:14 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 7d3f7c4d3a90902e-FRA
access-control-allow-headers: *

GET
H/1.1 400
Bad Request user-sync Show response
sync.adkernel.com/ Frame 39DB 22 B
192 B 157ms
46ms Document
text/plain 77.245.57.72
WEBAIR-INTERNET-MTL

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adkernel.com/user-sync?zone=181093&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dmdp%26i%3D%5BUID%5D&gdpr=&gdpr_consent=&ccpa=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software: nginx /
Resource Hash: 4ca18c247df52dd22650bd7f72f71d7c98102243b0ec474f683c6a279ad3a668

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Age: 0
Cache-Control: no-store
Connection: close
Content-Length: 22
Date: Thu, 08 Jun 2023 07:40:14 GMT
Pragma: no-cache
Server: nginx

GET
H/1.1 400
Bad Request e9d4ff858b5e32317e843f5ed11b2659.gif Show response
cs.iqzone.com/ Frame ACDD 20 B
189 B 3392ms
1536ms Document
text/plain 8.2.111.13
NATCOWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://cs.iqzone.com/e9d4ff858b5e32317e843f5ed11b2659.gif?puid=e_a01540c4-6b8d-441e-aa49-6451ca6fa1fc&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diqz
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.2.111.13 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx /
Resource Hash: c1e253200f916f76ff84eed9148f10f19670158475f152653d064f4c6127558d

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Type: text/plain
Date: Thu, 08 Jun 2023 07:40:17 GMT
Server: nginx
Transfer-Encoding: chunked

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame F8BE 16 KB
6 KB 42ms
41ms Document
text/html 23.32.184.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=59532
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Thu, 08 Jun 2023 07:40:14 GMT
expires: Fri, 09 Jun 2023 00:12:26 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 generic Show response
match.adsrvr.org/track/cmf/ Frame 30C6 70 B
264 B 58ms
58ms Document
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-length: 70
content-type: image/gif
date: Thu, 08 Jun 2023 07:40:14 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame 896F
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
https://usersync.gumgum.com/usersync?b=mmh&i=9cec6481-85de-4100-a882-2763fa3fa443&gdpr=&gdpr_consent=

35 B
250 B

60ms
56ms

Document
image/gif

52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=mmh&i=9cec6481-85de-4100-a882-2763fa3fa443&gdpr=&gdpr_consent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Thu, 08 Jun 2023 07:40:14 GMT
Expires: 0
Pragma: no-cache

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Content-Type: image/gif
Date: Thu, 08 Jun 2023 07:40:14 GMT
Expires: Thu, 08 Jun 2023 07:40:13 GMT
Keep-Alive: timeout=360
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 933 7933424 master pao-pixel-x18 config_version:"808"
location: https://usersync.gumgum.com/usersync?b=mmh&i=9cec6481-85de-4100-a882-2763fa3fa443&gdpr=&gdpr_consent=

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame A49E
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=&_test=ZIGF3gAQJUIl8wAp
https://usersync.gumgum.com/usersync?b=atm&i=ZIGF3gAQJUIl8wAp&gdpr=&gdpr_consent=&_test=ZIGF3gAQJUIl8wAp

35 B
250 B

72ms
57ms

Document
image/gif

52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=atm&i=ZIGF3gAQJUIl8wAp&gdpr=&gdpr_consent=&_test=ZIGF3gAQJUIl8wAp
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Thu, 08 Jun 2023 07:40:14 GMT
Expires: 0
Pragma: no-cache

Redirect headers

accept-ranges: bytes
cache-control: no-cache
content-length: 0
date: Thu, 08 Jun 2023 07:40:14 GMT
location: https://usersync.gumgum.com/usersync?b=atm&i=ZIGF3gAQJUIl8wAp&gdpr=&gdpr_consent=&_test=ZIGF3gAQJUIl8wAp
pragma: no-cache
retry-after: 0
server: Varnish
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-fra-etou8220048-FRA
x-timer: S1686210014.326610,VS0,VE0

GET
H3 200 pixel Show response
cm.g.doubleclick.net/ Frame 8F16 170 B
188 B 63ms
55ms Document
image/png 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9hMDE1NDBjNC02YjhkLTQ0MWUtYWE0OS02NDUxY2E2ZmExZmM=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv

Requested by

Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D719ef7d6c453fa93%26uid%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 170
content-type: image/png
cross-origin-resource-policy: cross-origin
date: Thu, 08 Jun 2023 07:40:14 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: HTTP server (unknown)
x-xss-protection: 0

GET
H/1.1 400
Bad Request user-sync Show response
sync.adkernel.com/ Frame 393E 22 B
192 B 149ms
48ms Document
text/plain 77.245.57.72
WEBAIR-INTERNET-MTL

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adkernel.com/user-sync?zone=181093&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dmdp%26i%3D%5BUID%5D&gdpr=&gdpr_consent=&ccpa=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software: nginx /
Resource Hash: 4ca18c247df52dd22650bd7f72f71d7c98102243b0ec474f683c6a279ad3a668

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Age: 0
Cache-Control: no-store
Connection: close
Content-Length: 22
Date: Thu, 08 Jun 2023 07:40:14 GMT
Pragma: no-cache
Server: nginx

GET
H/1.1 400
Bad Request e9d4ff858b5e32317e843f5ed11b2659.gif Show response
cs.iqzone.com/ Frame 59CA 20 B
189 B 5292ms
1907ms Document
text/plain 8.2.111.13
NATCOWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://cs.iqzone.com/e9d4ff858b5e32317e843f5ed11b2659.gif?puid=e_3669e6a6-26f5-4699-9b14-91acccedbe01&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diqz
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.2.111.13 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx /
Resource Hash: c1e253200f916f76ff84eed9148f10f19670158475f152653d064f4c6127558d

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Type: text/plain
Date: Thu, 08 Jun 2023 07:40:19 GMT
Server: nginx
Transfer-Encoding: chunked

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 6D12 16 KB
6 KB 49ms
43ms Document
text/html 23.32.184.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=59532
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Thu, 08 Jun 2023 07:40:14 GMT
expires: Fri, 09 Jun 2023 00:12:26 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 generic Show response
match.adsrvr.org/track/cmf/ Frame 0AED 70 B
264 B 69ms
65ms Document
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-length: 70
content-type: image/gif
date: Thu, 08 Jun 2023 07:40:14 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame B0F1
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
https://usersync.gumgum.com/usersync?b=mmh&i=1a106481-85dd-4f00-93b4-dd67057587d7&gdpr=&gdpr_consent=

35 B
250 B

58ms
54ms

Document
image/gif

52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=mmh&i=1a106481-85dd-4f00-93b4-dd67057587d7&gdpr=&gdpr_consent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Thu, 08 Jun 2023 07:40:14 GMT
Expires: 0
Pragma: no-cache

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Content-Type: image/gif
Date: Thu, 08 Jun 2023 07:40:14 GMT
Expires: Thu, 08 Jun 2023 07:40:13 GMT
Keep-Alive: timeout=360
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 933 7933424 master pao-pixel-x22 config_version:"808"
location: https://usersync.gumgum.com/usersync?b=mmh&i=1a106481-85dd-4f00-93b4-dd67057587d7&gdpr=&gdpr_consent=

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame EAD5
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=
https://usersync.gumgum.com/usersync?b=atm&i=ZIGF3gAQGejc6AAn&gdpr=&gdpr_consent=

35 B
250 B

209ms
56ms

Document
image/gif

52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=atm&i=ZIGF3gAQGejc6AAn&gdpr=&gdpr_consent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Thu, 08 Jun 2023 07:40:14 GMT
Expires: 0
Pragma: no-cache

Redirect headers

accept-ranges: bytes
cache-control: no-cache
content-length: 0
date: Thu, 08 Jun 2023 07:40:14 GMT
location: https://usersync.gumgum.com/usersync?b=atm&i=ZIGF3gAQGejc6AAn&gdpr=&gdpr_consent=
pragma: no-cache
retry-after: 0
server: Varnish
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-fra-etou8220048-FRA
x-timer: S1686210014.172366,VS0,VE0

GET
H3 200 pixel Show response
cm.g.doubleclick.net/ Frame D333 170 B
188 B 55ms
53ms Document
image/png 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8zNjY5ZTZhNi0yNmY1LTQ2OTktOWIxNC05MWFjY2NlZGJlMDE=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv

Requested by

Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D719ef7d6c453fa93%26uid%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 170
content-type: image/png
cross-origin-resource-policy: cross-origin
date: Thu, 08 Jun 2023 07:40:14 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: HTTP server (unknown)
x-xss-protection: 0

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame 07F6
Redirect Chain

https://tg.socdm.com/aux/idsync?proto=gumgum
https://usersync.gumgum.com/usersync?b=sus&i=ZIGF3sCo5tEAANyoq6gAAAAA

35 B
250 B

59ms
58ms

Document
image/gif

52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=sus&i=ZIGF3sCo5tEAANyoq6gAAAAA
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Thu, 08 Jun 2023 07:40:15 GMT
Expires: 0
Pragma: no-cache

Redirect headers

Cache-Control: private
Connection: keep-alive
Content-Length: 0
Date: Thu, 08 Jun 2023 07:40:15 GMT
Location: https://usersync.gumgum.com/usersync?b=sus&i=ZIGF3sCo5tEAANyoq6gAAAAA
P3P: CP="See also http://www.scaleout.jp/privacy/"
Server: nginx
X-SO-Ads-Time: 122
X-SO-Cluster-ID: 0
X-SO-HostName: m-ad135.dc4p.scaleout.jp
X-SO-IP: 80.255.7.108
X-SO-Key: ZIGF3sCo5tEAANyoq6gAAAAA
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"ZIGF3sCo5tEAANyoq6gAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad135"}
X-SO-LB-Hostname: a-tgng40013.dc2p.scaleout.jp
X-SO-Upstream-ID: m-ad135

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 8EB5 34 KB
10 KB 96ms
95ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 0b2cec4a7f5373abdc638ac2803d3edc6d119f64e1aacb62800bfd45eff17b73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Thu, 08 Jun 2023 07:40:14 GMT
Content-Encoding: gzip
Last-Modified: Wed, 07 Jun 2023 14:29:44 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=24514
Connection: keep-alive
Content-Length: 10113
Expires: Thu, 08 Jun 2023 14:28:48 GMT

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 70B7 22 KB
8 KB 42ms
41ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.picuki.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 442051
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 03 Jun 2023 04:52:43 GMT
expires: Sun, 02 Jun 2024 04:52:43 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2C97 175 KB
55 KB 92ms
87ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

d262b04633fbcfb934184c79a2d1786fa24576ad6f7ccc40c5ba0aa540de9d54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55943
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1686137816735621"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Jun 2023 07:40:14 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/10268516360994813842/ Frame C7B2 15 KB
2 KB 140ms
55ms Document
text/html 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10268516360994813842/index.html?e=69&leftOffset=0&topOffset=0&c=pcCPQ3X2yb&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c59a487b27a2c9249442a1baf5e4a49dd83e66223ca7fe7fb38afd56f44afecf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.picuki.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2270
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 08 Jun 2023 07:40:14 GMT
expires: Fri, 07 Jun 2024 07:40:14 GMT
last-modified: Thu, 16 Feb 2023 16:02:01 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2C97 0
0 210ms
85ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvB52AY3Te8OfSaYCJi2b4FAR-bXLCfwrwm77fBJfEQMIEAjlodl4Sk5chEVPpG_MEHzjwXe5JY8199oWFbojBg7eX4JeytBHjjx_oVQWWEwpIBFUUvP0TOqs87E0sTannp25QlYYKEH0HCkYMaSGCyB_cE97IMLuGx1hVX-IMg_P8xbBrE2K49MJrPVWPdFC6u08xmNAOE_QtlnXSoVTNypEJb1A_P1-PIgdgw9bLhL8ErLL37r60RiED1xkWK0yDzwkJ6JaSARaA9w3hS1vHpuGiJnrVE-o3ZCnlvEvaYc1Faf1S8sRqJWo0sasj5IzMTdrosoNfyWToQ6mXL5juA6gWxGyhbNteKsQCZd3kiTa4oLZSYU0kY0XjZHGc5k-CIaiRSZvbz-qcUhEJgdJFhz5FGUVUp9Y9BmlBv1AmxP-N7NlWZS3gbn9FNDo2DtiQvq8OLIsbFfCBHdp7UYaEkUwmcsddr7DLKBuX1IydDis8fcQLJWjaGW6XQW61idw3IdH9uCGRjjapxeo_7VtnMc_3eeCiZfsajGcRz3YoZgJIgvfhFbbRMf-eQ1D8EWvmskWEPbOTgxHM6g1r5JrK3dLIn7qA-ESkB389C90Ia-dao3tTrlweLASMvotYOyb7RzL2WHudDy3Q1kBN_vrj-9gWVDt-OdhadWI1YWLEte9AFqCknWj94bDCwJZ9X5oTLsFJKP23j3wad-X_a_qon8EjbzGWZB_QInVZcMjUVzRj3nEONpeF4dOwWktOYsOWxhz-FHwlclNSKEPUwL_f6MsxX1OonuJeLXxP5AT6Rkov3JETQWrDUkmHvVc7fEtbbqBcmMqpyOLoKunCsZR9it70CGZt7xsmXjiddoguhwwt9CXuhQJlnsyNewCJyH0-m7lwtyzGlO2eMJJFsuLXyEvjoSWqJyw2TE-3qeh9fQo1pKj35nI_L7PrJYvp19SmOL_NNy3owuZ_4ATlhigysXXlA2p86yV5ZFHC5_2e1saXeO-jXwr6QfSBygcPAtKMdKB7fz8WUViibZpImLewH6yMVRpRVIpLPJn72Ph7GzFS-b-u_H7aaw3ZemprHhDzZrBUNuIC8fFdu5mScEyp84dIuts-7DOjWE1ctULF3i0dfqyNcspcCdsxdpbGkb-ChKXaWuSs3hbjC0eLxJ9UMKeIs7npBe0fZ5mEg2CY8smzXR151Q34YyWN04EsJw81pJywNvbTH0Fu2BZICQKSAXWDWu_qPnC-IYlHxVXg_7HEhtWKXLeHJdV-E2fpCwiR-Yw&sai=AMfl-YT7tEipQ6QOvrmWgWHoW_D8dcARfm9zgXuefv53vwTfLfHfzEHTITx6xigweGvfrNBKXgqy7ZX6_zn6gcwEPEbiVRWSGA3mOHnuALuoys4TGbEwYTAn5ph-ZBc4TYXa6dZDfPfkdmojYJQP1MEiKR5-08rEDZfDoPzZLwBJ0n2zspwPra6BU3-v-3Tg20Z6ccQYgxgf9JMCHmFnmZ-g-iZHknxd1oi1rig_WVULMyFvp1WBOxmNZDnsehg&sig=Cg0ArKJSzNjsid02UC1mEAE&uach_m=[UACH]&pr=8:D73E50BD9878A329&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=416&cbvp=1&cstd=376&cisv=r20230606.98667&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.picuki.com
URL: https://www.picuki.com/profile/rudy_israel

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 08 Jun 2023 07:40:14 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Thu, 08 Jun 2023 07:40:14 GMT

GET
H/1.1

200
OK

csync Show response
sync.console.adtarget.com.tr/ Frame 6967
Redirect Chain

https://creativecdn.com/cm-notify?pi=admatic
https://creativecdn.com/cm-notify?pi=admatic&tc=1
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=N7fCtP1YxmCs0rveLB0j&pi=admatic&tc=1

43 B
473 B

306ms
111ms

Document
image/gif

23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=N7fCtP1YxmCs0rveLB0j&pi=admatic&tc=1
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Length: 43
Content-Type: image/gif
Date: Thu, 08 Jun 2023 07:40:13 GMT
Etag: 783f5571dd1dbd41
Server: Adtelligent

Redirect headers

cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
date: Thu, 08 Jun 2023 07:40:14 GMT Thu, 08 Jun 2023 07:40:14 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=N7fCtP1YxmCs0rveLB0j&pi=admatic&tc=1
pragma: no-cache

GET
H2 200 cookie Show response
cm.adform.net/ Frame BE5A 43 B
105 B 40ms
39ms Document
image/gif 37.157.6.254
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.254 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 43
content-type: image/gif
date: Thu, 08 Jun 2023 07:40:14 GMT
server: nginx

GET
H/1.1

200
OK

csync Show response
sync.console.adtarget.com.tr/ Frame 07BA
Redirect Chain

https://ad.360yield.com/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D743408%26extuid%3D%7BPUB_USER_ID%7D%26gdpr%3D%5Breplace_me%...
https://ad.360yield.com/ul_cb/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D743408%26extuid%3D%7BPUB_USER_ID%7D%26gdpr%3D%5Brepla...
https://sync.console.adtarget.com.tr/csync?t=a&ep=743408&extuid=4f83d804-a17a-47e8-9910-870fa15f0259&gdpr=[replace_me]&gdpr_consent=[replace_me]

43 B
489 B

401ms
111ms

Document
image/gif

23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.console.adtarget.com.tr/csync?t=a&ep=743408&extuid=4f83d804-a17a-47e8-9910-870fa15f0259&gdpr=[replace_me]&gdpr_consent=[replace_me]
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Length: 43
Content-Type: image/gif
Date: Thu, 08 Jun 2023 07:40:14 GMT
Etag: 783f5571dd1dbd41
Server: Adtelligent

Redirect headers

access-control-allow-origin: *
content-length: 0
content-type: text/plain
date: Thu, 08 Jun 2023 07:40:14 GMT
location: https://sync.console.adtarget.com.tr/csync?t=a&ep=743408&extuid=4f83d804-a17a-47e8-9910-870fa15f0259&gdpr=[replace_me]&gdpr_consent=[replace_me]
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 cookie Show response
cm.adform.net/ Frame 1E6C 43 B
105 B 41ms
38ms Document
image/gif 37.157.6.254
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D743845%26extuid%3D%24UID
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.254 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 43
content-type: image/gif
date: Thu, 08 Jun 2023 07:40:14 GMT
server: nginx

GET
H/1.1

200
OK

csync
sync.adtelligent.com/ Frame 463F
Redirect Chain

https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D
https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=783f5571dd1dbd41

43 B
453 B

111ms
111ms

Image
image/gif

23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=783f5571dd1dbd41
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol: HTTP/1.1
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.console.adtarget.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Thu, 08 Jun 2023 07:40:14 GMT
Server: Adtelligent
Etag: 6c9c680cf91140a1
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=783f5571dd1dbd41
Date: Thu, 08 Jun 2023 07:40:14 GMT
Server: Adtelligent
Etag: 783f5571dd1dbd41
Content-Length: 0

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame 4CAC
Redirect Chain

https://tg.socdm.com/aux/idsync?proto=gumgum
https://usersync.gumgum.com/usersync?b=sus&i=ZIGF3sCo5ucAAOzzFLsAAAAA

35 B
250 B

56ms
55ms

Document
image/gif

52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=sus&i=ZIGF3sCo5ucAAOzzFLsAAAAA
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Thu, 08 Jun 2023 07:40:15 GMT
Expires: 0
Pragma: no-cache

Redirect headers

Cache-Control: private
Connection: keep-alive
Content-Length: 0
Date: Thu, 08 Jun 2023 07:40:14 GMT
Location: https://usersync.gumgum.com/usersync?b=sus&i=ZIGF3sCo5ucAAOzzFLsAAAAA
P3P: CP="See also http://www.scaleout.jp/privacy/"
Server: nginx
X-SO-Ads-Time: 1
X-SO-Cluster-ID: 0
X-SO-HostName: m-ad422.dc4p.scaleout.jp
X-SO-IP: 80.255.7.108
X-SO-Key: ZIGF3sCo5ucAAOzzFLsAAAAA
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"ZIGF3sCo5ucAAOzzFLsAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad422"}
X-SO-LB-Hostname: a-tgng40016.dc2p.scaleout.jp
X-SO-Upstream-ID: m-ad422

GET
H/1.1 400
Bad Request gumgum Show response
cs.admanmedia.com/sync/ Frame 068B 20 B
189 B 533ms
279ms Document
text/plain 80.77.87.161
NATCOWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://cs.admanmedia.com/sync/gumgum?puid=e_a01540c4-6b8d-441e-aa49-6451ca6fa1fc&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=&gdpr_consent=&ccpa=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 80.77.87.161 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx /
Resource Hash: c1e253200f916f76ff84eed9148f10f19670158475f152653d064f4c6127558d

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Type: text/plain
Date: Thu, 08 Jun 2023 07:40:14 GMT
Server: nginx
Transfer-Encoding: chunked

GET
H/1.1 200
OK usermatchredir Show response
ssum-sec.casalemedia.com/ Frame 8068 43 B
632 B 43ms
40ms Document
image/gif 185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif
Date: Thu, 08 Jun 2023 07:40:14 GMT
Expires: 0
Keep-Alive: timeout=1, max=499
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Server: Apache

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame 7A9F
Redirect Chain

https://creativecdn.com/cm-notify?pi=gumgum
https://creativecdn.com/cm-notify?pi=gumgum&tc=1
https://usersync.gumgum.com/usersync?b=rth&i=N7fCtP1YxmCs0rveLB0j&pi=gumgum&tc=1

35 B
250 B

60ms
57ms

Document
image/gif

52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=rth&i=N7fCtP1YxmCs0rveLB0j&pi=gumgum&tc=1
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Thu, 08 Jun 2023 07:40:14 GMT
Expires: 0
Pragma: no-cache

Redirect headers

cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
date: Thu, 08 Jun 2023 07:40:14 GMT Thu, 08 Jun 2023 07:40:14 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://usersync.gumgum.com/usersync?b=rth&i=N7fCtP1YxmCs0rveLB0j&pi=gumgum&tc=1
pragma: no-cache

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 7C01
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
https://eus.rubiconproject.com/usync.html?p=gumgum

281 B
554 B

55ms
54ms

Document
text/html

23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 08 Jun 2023 07:40:14 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Thu, 08 Jun 2023 07:40:14 GMT
location: https://eus.rubiconproject.com/usync.html?p=gumgum
server: AkamaiGHost
server-timing: ak_p; desc="1686210014331_390277187_9869027_86_938_38_0_255";dur=1

GET
H/1.1 400
Bad Request gumgum Show response
cs.admanmedia.com/sync/ Frame 92FF 20 B
189 B 486ms
235ms Document
text/plain 80.77.87.161
NATCOWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://cs.admanmedia.com/sync/gumgum?puid=e_3669e6a6-26f5-4699-9b14-91acccedbe01&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=&gdpr_consent=&ccpa=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 80.77.87.161 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx /
Resource Hash: c1e253200f916f76ff84eed9148f10f19670158475f152653d064f4c6127558d

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Type: text/plain
Date: Thu, 08 Jun 2023 07:40:14 GMT
Server: nginx
Transfer-Encoding: chunked

GET
H/1.1 200
OK usermatchredir Show response
ssum-sec.casalemedia.com/ Frame 9992 43 B
632 B 79ms
46ms Document
image/gif 185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif
Date: Thu, 08 Jun 2023 07:40:14 GMT
Expires: 0
Keep-Alive: timeout=1, max=498
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Server: Apache

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame 71AF
Redirect Chain

https://creativecdn.com/cm-notify?pi=gumgum
https://creativecdn.com/cm-notify?pi=gumgum&tc=1
https://usersync.gumgum.com/usersync?b=rth&i=N7fCtP1YxmCs0rveLB0j&pi=gumgum&tc=1

35 B
250 B

105ms
60ms

Document
image/gif

52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=rth&i=N7fCtP1YxmCs0rveLB0j&pi=gumgum&tc=1
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Thu, 08 Jun 2023 07:40:14 GMT
Expires: 0
Pragma: no-cache

Redirect headers

cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
date: Thu, 08 Jun 2023 07:40:14 GMT Thu, 08 Jun 2023 07:40:14 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://usersync.gumgum.com/usersync?b=rth&i=N7fCtP1YxmCs0rveLB0j&pi=gumgum&tc=1
pragma: no-cache

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 5220
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
https://eus.rubiconproject.com/usync.html?p=gumgum

281 B
554 B

43ms
43ms

Document
text/html

23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 08 Jun 2023 07:40:14 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Thu, 08 Jun 2023 07:40:14 GMT
location: https://eus.rubiconproject.com/usync.html?p=gumgum
server: AkamaiGHost
server-timing: ak_p; desc="1686210014331_390277187_9869029_111_692_38_0_255";dur=1

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 8B8E
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:48866481-85de-4f00-8fe9-3444e552210b&gdpr=0&gdpr_consent=

42 B
326 B

50ms
48ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:48866481-85de-4f00-8fe9-3444e552210b&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Thu, 08 Jun 2023 07:40:14 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Content-Type: image/gif
Date: Thu, 08 Jun 2023 07:40:14 GMT
Expires: Thu, 08 Jun 2023 07:40:13 GMT
Keep-Alive: timeout=360
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 968 d3e9700 master pao pao-pixel-x13 config_version:"808"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:48866481-85de-4f00-8fe9-3444e552210b&gdpr=0&gdpr_consent=

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame B83F
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1231002253622186881

42 B
194 B

60ms
49ms

Document
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1231002253622186881
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Thu, 08 Jun 2023 07:40:14 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1231002253622186881
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 1BC0
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

42 B
95 B

54ms
50ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Thu, 08 Jun 2023 07:40:14 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

cache-control: no-cache
content-length: 0
cross-origin-resource-policy: cross-origin
date: Thu, 08 Jun 2023 07:40:13 GMT
expires: Thu, 08 Jun 2023 00:00:00 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 1003485
strict-transport-security: max-age=31536000; preload;
x-errorlevel: 0

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 8D55
Redirect Chain

https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5124322326816305658

42 B
423 B

83ms
47ms

Document
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5124322326816305658
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Thu, 08 Jun 2023 07:40:14 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Content-Length: 0
Date: Thu, 08 Jun 2023 07:40:14 GMT
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5124322326816305658
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server: Jetty(9.4.51.v20230217)

GET
H/1.1

200
OK

dcm Show response
aax-eu.amazon-adsystem.com/s/ Frame 4954
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=F1189970-D5EB-4D10-A457-2B376BA0A465&redir=true&gdpr=0&gdpr_consent=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=F1189970-D5EB-4D10-A457-2B376BA0A465&redir=true&gdpr=0&gdpr_consent=&dcc=t

43 B
855 B

216ms
211ms

Document
image/gif

67.220.226.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=F1189970-D5EB-4D10-A457-2B376BA0A465&redir=true&gdpr=0&gdpr_consent=&dcc=t

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D719ef7d6c453fa93%26uid%3D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

67.220.226.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Thu, 08 Jun 2023 07:40:14 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: YZFTJBGT1BY49EF7PYSP

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Thu, 08 Jun 2023 07:40:14 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=F1189970-D5EB-4D10-A457-2B376BA0A465&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: 998WJ5ED0E97VSMCSKP5

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame A873
Redirect Chain

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=1vhTu9j5D-_N-gi90PlGvtepD-7N_Fq72a2_o3f7

42 B
333 B

159ms
48ms

Document
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=1vhTu9j5D-_N-gi90PlGvtepD-7N_Fq72a2_o3f7
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Thu, 08 Jun 2023 07:40:14 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
date: Thu, 08 Jun 2023 07:40:14 GMT
expires: Fri, 04 Aug 1978 12:00:00 GMT
location: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=1vhTu9j5D-_N-gi90PlGvtepD-7N_Fq72a2_o3f7
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
strict-transport-security: max-age=86400

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame DDB1
Redirect Chain

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2010292523365572458&gdpr=0&gdpr_consent=

42 B
447 B

177ms
48ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2010292523365572458&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Thu, 08 Jun 2023 07:40:14 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

AN-X-Request-Uuid: 8022313c-473f-4986-86ed-f24054d0ee7c
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=utf-8
Date: Thu, 08 Jun 2023 07:40:14 GMT
Expires: Sat, 15 Nov 2008 16:00:00 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2010292523365572458&gdpr=0&gdpr_consent=
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma: no-cache
Server: nginx/1.23.4
X-Proxy-Origin: 80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection: 0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 1F6F
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7242216864319142038&gdpr=0&gdpr_consent=

42 B
218 B

178ms
49ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7242216864319142038&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Thu, 08 Jun 2023 07:40:14 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Date: Thu, 08 Jun 2023 07:40:14 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7242216864319142038&gdpr=0&gdpr_consent=
Server: nginx
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame D69A
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCVUpFN0pBd3dBQUNLVWs4aUJTZw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_syn...
https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AABUJE7JAwwAACKUk8iBSg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee...
https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=3688540480025365657&gdpr=0&gdpr_consent=
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AABUJE7JAwwAACKUk8iBSg&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D3688540480025365657%26gdpr%3D0%26gdpr_consen...
https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=3688540480025365657&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AABUJE7...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABUJE7JAwwAACKUk8iBSg&gdpr=0&gdpr_consent=

42 B
200 B

47ms
47ms

Document
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABUJE7JAwwAACKUk8iBSg&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Thu, 08 Jun 2023 07:40:14 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Content-Length: 0
Date: Thu, 08 Jun 2023 07:40:14 GMT
Server: gunicorn
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABUJE7JAwwAACKUk8iBSg&gdpr=0&gdpr_consent=
strict-transport-security: max-age=2592000; includeSubDomains

GET
H2 200 b9pj45k4 Show response
sync-tm.everesttech.net/upi/pid/ Frame 6507 85 B
400 B 135ms
133ms Document
image/png 151.101.2.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: no-cache
content-length: 85
content-type: image/png
date: Thu, 08 Jun 2023 07:40:14 GMT
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma: no-cache
server: Jetty(9.4.35.v20201120)
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-fra-etou8220048-FRA
x-timer: S1686210014.350102,VS0,VE94

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 407E
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=82NyhbR3XSNH7Pjg59tfMFD_B2w&gdpr=0&gdpr_consent=

42 B
379 B

49ms
49ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=82NyhbR3XSNH7Pjg59tfMFD_B2w&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Thu, 08 Jun 2023 07:40:12 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Content-Length: 188
Content-Type: text/html; charset=utf-8
Date: Thu, 08 Jun 2023 07:40:14 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=82NyhbR3XSNH7Pjg59tfMFD_B2w&gdpr=0&gdpr_consent=

GET
H2 200 bridge Show response
cm.adgrx.com/ Frame 91AB 43 B
283 B 170ms
48ms Document
image/gif 72.251.245.181
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.251.245.181 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, proxy-revalidate
content-length: 43
content-type: image/gif
date: Thu, 08 Jun 2023 07:40:14 GMT
expires: Thu, 23 Sep 2004 17:42:04 GMT
p3p: CP="NOI OTC OTP OUR NOR"
pragma: no-cache
server: Cowboy
x-realserver-nx: ams-delivery-8

GET
H2 200 cm Show response
ipac.ctnsnet.com/int/ Frame 3319 43 B
369 B 151ms
48ms Document
image/gif 35.186.193.173
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 173.193.186.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 43
content-type: image/gif
date: Thu, 08 Jun 2023 07:40:13 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="NOI DSP COR NID CUR OUR NOR"
pragma: no-cache
server: Apache-Coyote/1.1
via: 1.1 google

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 3F4B
Redirect Chain

https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=16yp2tak7zyl

42 B
309 B

48ms
47ms

Document
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=16yp2tak7zyl
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Thu, 08 Jun 2023 07:40:15 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

accept-encoding: utf-8
cache-control: no-cache, no-store
content-length: 0
date: Thu, 08 Jun 2023 07:40:14 GMT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=16yp2tak7zyl
lws: 90
strict-transport-security: max-age=31536000; includeSubDomains
time-ms: 0

GET
H/1.1 200
OK cookiesync Show response
core.iprom.net/ Frame B3D3 43 B
277 B 233ms
54ms Document
image/gif 195.5.165.20
IPROM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: close
Content-Length: 43
Content-Type: image/gif
Date: Thu, 08 Jun 2023 07:40:14 GMT
Vary: Accept-Encoding
X-adserver-worker: avatar-623f921c9b34@version_1.553
X-core-time: 0ms
X-server-arch: v2

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 3F4F
Redirect Chain

https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26red...
https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=uroLIz3lVbhVUQggUQnbabgg&gdpr=0&gdpr_consent=

42 B
201 B

47ms
47ms

Document
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=uroLIz3lVbhVUQggUQnbabgg&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Thu, 08 Jun 2023 07:40:14 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=uroLIz3lVbhVUQggUQnbabgg&gdpr=0&gdpr_consent=

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 1D36
Redirect Chain

https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=F1189970-D5EB-4D10-A457-2B376BA0A465&gdpr=0&gdpr_consent=

42 B
284 B

47ms
47ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=F1189970-D5EB-4D10-A457-2B376BA0A465&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Thu, 08 Jun 2023 07:40:14 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 08 Jun 2023 07:40:13 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=F1189970-D5EB-4D10-A457-2B376BA0A465&gdpr=0&gdpr_consent=
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame ADBD
Redirect Chain

https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}

0
94 B

73ms
48ms

Document
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 08 Jun 2023 07:40:14 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
date: Thu, 08 Jun 2023 07:40:14 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server: _

GET
H2 200 um Show response
u-ams03.e-planning.net/ Frame 4B0D 42 B
103 B 48ms
40ms Document
image/gif 193.3.178.3
E-PLANNING-

General

Check archive.org

Show headers Download Go to

Full URL: https://u-ams03.e-planning.net/um?dc=a208d9366469aa64&fi=719ef7d6c453fa93&uid=F1189970-D5EB-4D10-A457-2B376BA0A465
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-type: image/gif
date: Thu, 08 Jun 2023 07:40:14 GMT
server: openresty

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6DD5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=8RiZcNXrTRCkVys3a6CkZQ%3D%3D&gdpr=0&gdpr_consent=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

16 KB
16 KB

44ms
40ms

Image
text/html

23.32.184.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: H2
Server: 23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:14 GMT
content-encoding: gzip
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=59532
accept-ranges: bytes
content-length: 5554
expires: Fri, 09 Jun 2023 00:12:26 GMT

Redirect headers

pragma: no-cache
date: Thu, 08 Jun 2023 07:40:14 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 404 qmap
sync.crwdcntrl.net/ Frame 6DD5 49 B
266 B 183ms
53ms Image
image/gif 52.48.144.60
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=F1189970-D5EB-4D10-A457-2B376BA0A465&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.144.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-144-60.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 07:40:14 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.17.139
content-length: 49
expires: 0

GET
H3

204

ids
idsync.frontend.weborama.fr/ Frame 6DD5
Redirect Chain

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=F1189970-D5EB-4D10-A457-2B376BA0A465

0
17 B

50ms
50ms

Image
text/plain

34.111.131.239
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=F1189970-D5EB-4D10-A457-2B376BA0A465
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: H3
Server: 34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 239.131.111.34.bc.googleusercontent.com
Software: Weborama Collect Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 07:40:14 GMT
via: 1.1 google
last-modified: Thu, 08 Jun 2023 07:40:14 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location: https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=F1189970-D5EB-4D10-A457-2B376BA0A465
date: Thu, 08 Jun 2023 07:40:11 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H/1.1

200

p
a.audrte.com/ Frame 6DD5
Redirect Chain

https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=F1189970-D5EB-4D10-A457-2B376BA0A465
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=NjVhTW9tMGdRMnNUaVMwWU9yTHo0VmVZQQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
https://a.audrte.com/a?adform_uid=3774514616463086421&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
https://a.audrte.com/p

68 B
424 B

118ms
118ms

Image
image/png

54.84.97.211
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.audrte.com/p
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: HTTP/1.1
Server: 54.84.97.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-84-97-211.compute-1.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Thu, 08 Jun 2023 07:40:15 GMT
Server: nginx/1.18.0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 68

Redirect headers

Date: Thu, 08 Jun 2023 07:40:15 GMT
Server: nginx/1.18.0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: *
Location: https://a.audrte.com:443/p
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 6DD5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RjExODk5NzAtRDVFQi00RDEwLUE0NTctMkIzNzZCQTBBNDY1&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
95 B

94ms
51ms

Image
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: H2
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Thu, 08 Jun 2023 07:40:14 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 08 Jun 2023 07:40:14 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 6DD5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOZpGakKsn2VDYyNzP-cro4&google_cver=1

42 B
298 B

66ms
52ms

Image
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOZpGakKsn2VDYyNzP-cro4&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: H2
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Thu, 08 Jun 2023 07:40:14 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 08 Jun 2023 07:40:14 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOZpGakKsn2VDYyNzP-cro4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 6DD5 43 B
409 B 55ms
44ms Image
image/gif 35.204.74.118
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

118.74.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:14 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Wed, 07 Jun 2023 07:40:14 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 6DD5
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3774514616463086421

42 B
243 B

53ms
50ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3774514616463086421
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Thu, 08 Jun 2023 07:40:14 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 08 Jun 2023 07:40:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3774514616463086421
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 6DD5 70 B
264 B 70ms
59ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 08 Jun 2023 07:40:14 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 6DD5
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=F1189970-D5EB-4D10-A457-2B376BA0A465&redir=true&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-sr6aq1pE2uXKlhvbRZWlXe5QOG1Jh7M-~A&gdpr=0

0
260 B

168ms
48ms

Image
text/plain

185.64.190.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-sr6aq1pE2uXKlhvbRZWlXe5QOG1Jh7M-~A&gdpr=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: H2
Server: 185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:13 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-sr6aq1pE2uXKlhvbRZWlXe5QOG1Jh7M-~A&gdpr=0
date: Thu, 08 Jun 2023 07:40:14 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 F1189970-D5EB-4D10-A457-2B376BA0A465
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 6DD5 43 B
602 B 73ms
62ms Image
image/gif 2a05:d018:d29:3602:51a:42ee:38f7:77d0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/F1189970-D5EB-4D10-A457-2B376BA0A465?gdpr=0&gdpr_consent=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3602:51a:42ee:38f7:77d0 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:14 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 6DD5
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=395da4e5-7a73-425d-b97d-bc53dd5eb6ea
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=395da4e5-7a73-425d-b97d-bc53dd5eb6ea
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=2d70351a-f4af-4822-b3c9-9f8c985a601d&user_group=1&ssp=pubmatic&bsw_param=395da4e5-7a73-425d-b97d-bc53dd5eb6ea
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=395da4e5-7a73-425d-b97d-bc53dd5eb6ea&gdpr=&gdpr_consent=&gdpr_pd=

1 B
186 B

50ms
50ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=395da4e5-7a73-425d-b97d-bc53dd5eb6ea&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Thu, 08 Jun 2023 07:40:14 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=395da4e5-7a73-425d-b97d-bc53dd5eb6ea&gdpr=&gdpr_consent=&gdpr_pd=
date: Thu, 08 Jun 2023 07:40:15 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 204 current
pubmatic-match.dotomi.com/match/bounce/ Frame 6DD5 0
103 B 56ms
45ms Image
text/plain 2a02:fa8:8806:16::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=F1189970-D5EB-4D10-A457-2B376BA0A465&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:16::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 07:40:14 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 6DD5 0
187 B 144ms
43ms Image
text/plain 98.98.134.242
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.242 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: A /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Thu, 08 Jun 2023 07:40:13 GMT
cache-control: max-age=0,no-cache,no-store
server: A
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 6DD5
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7058944085178254639&gdpr=0&gdpr_consent=&us_privacy=

1 B
196 B

47ms
47ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7058944085178254639&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Thu, 08 Jun 2023 07:40:14 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7058944085178254639&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Thu, 08 Jun 2023 07:40:14 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 6DD5
Redirect Chain

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:0f88bb8b-5921-4474-8040-9794c72f09a8&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

42 B
95 B

52ms
52ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:0f88bb8b-5921-4474-8040-9794c72f09a8&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Thu, 08 Jun 2023 07:40:14 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:0f88bb8b-5921-4474-8040-9794c72f09a8&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date: Thu, 08 Jun 2023 07:40:14 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 87C5
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LIMTWKIL-5-GIAW

0
649 B

294ms
185ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LIMTWKIL-5-GIAW
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:14 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 9871B80BBDC643779101E1B9CDFA26B6 Ref B: FRAEDGE1115 Ref C: 2023-06-08T07:40:14Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX9mVzy1x8Bmc//JtcluQ==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LIMTWKIL-5-GIAW
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: f5982f4f9cc79eb2b489dda8b92e3144
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 87C5
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TElNVFdLSUwtNS1HSUFX
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKCB7akRXzg_6YYmfrCKpHg&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TElNVFdLSUwtNS1HSUFX&google_push=

170 B
188 B

51ms
50ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TElNVFdLSUwtNS1HSUFX&google_push=

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 07:40:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TElNVFdLSUwtNS1HSUFX&google_push=
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 5b959e9b7aef6dd90a6fa539ca64ac62
Expires: 0

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 87C5 70 B
264 B 69ms
60ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 08 Jun 2023 07:40:14 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame 87C5
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Um-yxoBNSEaGXrr9EpV1Xw&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=Um-yxoBNSEaGXrr9EpV1Xw

43 B
479 B

180ms
66ms

Image
image/gif

67.220.226.238
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=Um-yxoBNSEaGXrr9EpV1Xw

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu

Protocol

HTTP/1.1

Server

67.220.226.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jun 2023 07:40:15 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: AS6K528JZSRYSEHXY4M9
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=Um-yxoBNSEaGXrr9EpV1Xw
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: cc9654c54e9aa67bf2b10be1073297a8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 87C5
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/6RAsKWTE217n7bbqpuDpTw?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-BFiptOtE2oJqaSGPBjGTFcKBoQ0gpFnipm5wcw--~A

0
239 B

41ms
41ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-BFiptOtE2oJqaSGPBjGTFcKBoQ0gpFnipm5wcw--~A
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: cc9654c54e9aa67bf2b10be1073297a8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Thu, 08 Jun 2023 07:40:14 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-BFiptOtE2oJqaSGPBjGTFcKBoQ0gpFnipm5wcw--~A
content-length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 87C5
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=HW0q56YLQOmgdGpSpx3Y1g&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=HW0q56YLQOmgdGpSpx3Y1g

43 B
479 B

124ms
124ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=HW0q56YLQOmgdGpSpx3Y1g

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jun 2023 07:40:15 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 0DS8MHD4Q8J5GD0YFWCV
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=HW0q56YLQOmgdGpSpx3Y1g
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 5b959e9b7aef6dd90a6fa539ca64ac62
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 87C5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAFCpBvGYjObe4lgYqY9jso&google_cver=1

0
239 B

67ms
41ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAFCpBvGYjObe4lgYqY9jso&google_cver=1
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 5b959e9b7aef6dd90a6fa539ca64ac62
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Thu, 08 Jun 2023 07:40:14 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAFCpBvGYjObe4lgYqY9jso&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 87C5
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=M2E4ZGU4MDAyY2NiMzNlNDVmZDdjODQ3NGRiZGU2ZGE4YzI4ZmNiNQ

170 B
188 B

53ms
49ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=M2E4ZGU4MDAyY2NiMzNlNDVmZDdjODQ3NGRiZGU2ZGE4YzI4ZmNiNQ

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 07:40:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=M2E4ZGU4MDAyY2NiMzNlNDVmZDdjODQ3NGRiZGU2ZGE4YzI4ZmNiNQ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: f5982f4f9cc79eb2b489dda8b92e3144
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 15581 Show response
rtb.gumgum.com/usync/ Frame 191D 4 KB
2 KB 70ms
65ms Document
text/html 52.51.107.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D719ef7d6c453fa93%26uid%3D
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.107.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-107-69.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: eed718871adc30ae0f77245540b4d10df97057e100f18a88e46cd6bc3ece060b

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Thu, 08 Jun 2023 07:40:14 GMT
etag: W/"09009f0724702132d230f4154e9ded048"
server: nginx
timing-allow-origin: *

GET
H2 200 sync Show response
eb2.3lift.com/ Frame 2DB8 37 B
139 B 46ms
41ms Document
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Thu, 08 Jun 2023 07:40:14 GMT

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame AE40 16 KB
6 KB 45ms
43ms Document
text/html 23.32.184.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D719ef7d6c453fa93%26uid%3D
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=59532
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Thu, 08 Jun 2023 07:40:14 GMT
expires: Fri, 09 Jun 2023 00:12:26 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H/1.1 200
OK csync Show response
sync.adtelligent.com/ Frame D2A6 43 B
453 B 140ms
111ms Document
image/gif 23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=AIOxlFouGHXuimNR
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Length: 43
Content-Type: image/gif
Date: Thu, 08 Jun 2023 07:40:13 GMT
Etag: 6c9c680cf91140a1
Server: Adtelligent

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 5E92 16 KB
6 KB 56ms
24ms Document
text/html 23.32.184.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://s.adtelligent.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=59532
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Thu, 08 Jun 2023 07:40:14 GMT
expires: Fri, 09 Jun 2023 00:12:26 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 204 /
onetag-sys.com/usync/ Frame 1FFE 0
0 57ms
25ms Document
text/plain 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=0&gdpr_consent=

Requested by

Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://s.adtelligent.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H/1.1

200
OK

csync Show response
sync.spotim.market/ Frame A38E
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D323548%26extuid%3D%24UID%26%5BGDPR_APPLIES%5D%26gdpr_consent%3D%5BGDPR_CONSENT_STRING%5D
https://sync.spotim.market/csync?t=a&ep=323548&extuid=2010292523365572458&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]

43 B
452 B

451ms
111ms

Document
image/gif

23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.spotim.market/csync?t=a&ep=323548&extuid=2010292523365572458&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://s.adtelligent.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Length: 43
Content-Type: image/gif
Date: Thu, 08 Jun 2023 07:40:14 GMT
Etag: 9dc3a375a1cf0dc5
Server: Adtelligent

Redirect headers

AN-X-Request-Uuid: 6f865d80-e744-4d27-ada2-45fad0b8aea3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=utf-8
Date: Thu, 08 Jun 2023 07:40:14 GMT
Expires: Sat, 15 Nov 2008 16:00:00 GMT
Location: https://sync.spotim.market/csync?t=a&ep=323548&extuid=2010292523365572458&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma: no-cache
Server: nginx/1.23.4
X-Proxy-Origin: 80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection: 0

GET
H/1.1 200
OK csync
sync.adtelligent.com/ Frame CF2C 43 B
320 B 217ms
111ms Image
image/gif 23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?redir=
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Thu, 08 Jun 2023 07:40:13 GMT
Server: Adtelligent
Etag: 9a46f4fe4eee4abd
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/ Frame 60F1 74 KB
23 KB 51ms
50ms Fetch
application/javascript 2606:4700:20::681a:9a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28eac36479c83ab5c1d7881ae078eff90ba02be1ac4f082b75505830e323b0be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Thu, 08 Jun 2023 07:40:14 GMT
Content-Encoding: br
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 152149
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 06 Jun 2023 12:52:54 GMT
Server: cloudflare
ETag: W/"845b176368f98c92daf7aa531dcbc491"
Vary: Origin, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o8MrXkRv0AlPyb1SvbmUEfXDi3w3mtFkXOrfZ9NWM0UuH8sz4LAdGG7c3eNY89CZZTdRegOw%2Blwe7ycFis62dLld0e5XbpZUafSHYWwF9YRjFq13Hdsvoceu7rpbRvh2TQ9H2jC16pry7yyP"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers
Cache-Control: public, max-age=1800
CF-RAY: 7d3f7c4e9afd1e32-FRA

GET
H3 200 1676550659977.css
s0.2mdn.net/sadbundle/10268516360994813842/ Frame C7B2 9 KB
2 KB 48ms
43ms Stylesheet
text/css 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10268516360994813842/1676550659977.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10268516360994813842/index.html?e=69&leftOffset=0&topOffset=0&c=pcCPQ3X2yb&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf2c52786322f91f1cb6f72fd654b9836e3e221887ba95f174d66fc030a7a977

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10268516360994813842/index.html?e=69&leftOffset=0&topOffset=0&c=pcCPQ3X2yb&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 23:48:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 460322
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2442
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 16:02:01 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 01 Jun 2024 23:48:12 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame C7B2 118 KB
40 KB 45ms
40ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10268516360994813842/index.html?e=69&leftOffset=0&topOffset=0&c=pcCPQ3X2yb&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10268516360994813842/index.html?e=69&leftOffset=0&topOffset=0&c=pcCPQ3X2yb&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:18:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1288
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 09 Jun 2023 07:18:46 GMT

GET
H3 200 1676550659977.js Show response
s0.2mdn.net/sadbundle/10268516360994813842/ Frame C7B2 20 KB
5 KB 65ms
60ms Script
application/x-javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10268516360994813842/1676550659977.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10268516360994813842/index.html?e=69&leftOffset=0&topOffset=0&c=pcCPQ3X2yb&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cff8001763a4cb0cb81352e07fb9927790673baaeda29140c072f30c5933cf10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10268516360994813842/index.html?e=69&leftOffset=0&topOffset=0&c=pcCPQ3X2yb&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 15:48:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 402694
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5491
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 16:02:01 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 02 Jun 2024 15:48:40 GMT

GET
H2 200 getuid
eb2.3lift.com/ Frame 3514 37 B
139 B 42ms
40ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/getuid?limit=50&redir=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Requested by: Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adxbid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:14 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame 4386
Redirect Chain

https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D743293%26extuid%3D%24UID%26gdpr%3D%5Breplace_me%5D%26gdpr_consent%3D%5Breplace_me%5D
https://sync.adtelligent.com/csync?t=a&ep=743293&extuid=3774514616463086421&gdpr=[replace_me]&gdpr_consent=[replace_me]

43 B
456 B

137ms
111ms

Document
image/gif

23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=743293&extuid=3774514616463086421&gdpr=[replace_me]&gdpr_consent=[replace_me]
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://www.picuki.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Length: 43
Content-Type: image/gif
Date: Thu, 08 Jun 2023 07:40:13 GMT
Etag: 6c9c680cf91140a1
Server: Adtelligent

Redirect headers

content-length: 0
content-type: text/plain
date: Thu, 08 Jun 2023 07:40:14 GMT
location: https://sync.adtelligent.com/csync?t=a&ep=743293&extuid=3774514616463086421&gdpr=[replace_me]&gdpr_consent=[replace_me]
server: nginx

GET
H/1.1 200
OK sync.html Show response
s.adtelligent.com/ Frame 353B 2 KB
1 KB 47ms
46ms Document
text/html 2a0c:5c81:5126:0:ae1f:6bff:fec1:ad72
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adtelligent.com/sync.html?aid=651796
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5126:0:ae1f:6bff:fec1:ad72 Brent, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 7e76c98088b3e894f10637cf75b895990311ef9243ddd9804f067b54f72369b9

Request headers

Referer: https://www.picuki.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.picuki.com
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 963
Content-Type: text/html; charset=UTF-8
Date: Thu, 08 Jun 2023 07:40:13 GMT
Server: Adtelligent
X-Robots-Tag: noindex

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame 143D 21 KB
8 KB 60ms
59ms Document
text/html 23.52.120.27
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUIUMTP7&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1

Requested by

Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.120.27 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-120-27.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

5fd8e81509e59424298dd90d6dfc891b594b87a0b7681ceed3ba349b9def753c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.picuki.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 7972
content-type: text/html; charset=UTF-8
date: Thu, 08 Jun 2023 07:40:14 GMT
expires: Sat, 10 Jun 2023 07:40:14 GMT
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H/1.1 200
OK csync Show response
sync.adtelligent.com/ Frame 1692 43 B
320 B 116ms
111ms Document
image/gif 23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=743295&extuid=${UID}&gdpr=[replace_me]&gdpr_consent=[replace_me]
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://www.picuki.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Length: 43
Content-Type: image/gif
Date: Thu, 08 Jun 2023 07:40:13 GMT
Etag: 6c9c680cf91140a1
Server: Adtelligent

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame F262 16 KB
6 KB 44ms
39ms Document
text/html 23.32.184.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent={gdpr_consent}&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://www.picuki.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=59532
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Thu, 08 Jun 2023 07:40:14 GMT
expires: Fri, 09 Jun 2023 00:12:26 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 / Show response
ads.us.e-planning.net/uspd/1/ Frame 65D7 3 KB
1 KB 47ms
43ms Document
text/html 193.3.178.3
E-PLANNING-

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: cd12ca05d709dd0b3c2311b4769f62a34acce283c3c41d90683f31d10f901508

Request headers

Referer: https://www.picuki.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0, no-cache
content-encoding: gzip
content-type: text/html
date: Thu, 08 Jun 2023 07:40:14 GMT
expires: Thu, 08 Jun 2023 07:40:14 GMT
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server: openresty
x-sid: AMS-928

GET
H2 204 /
onetag-sys.com/usync/ Frame CF1A 0
0 43ms
39ms Document
text/plain 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=59a18369e249bfb

Requested by

Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.picuki.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H3 200 pd Show response
u.openx.net/w/1.0/ Frame 2897 0
35 B 53ms
52ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.picuki.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Thu, 08 Jun 2023 07:40:14 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 204 d
ic.tynt.com/r/ Frame D179 0
0 133ms
131ms Document
text/plain 67.202.105.33
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.33 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip33.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash

Request headers

Referer: https://www.picuki.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
date: Thu, 08 Jun 2023 07:40:14 GMT
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
server: nginx/1.16.1

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame D240 16 KB
6 KB 42ms
41ms Document
text/html 23.32.184.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://www.picuki.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=59532
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Thu, 08 Jun 2023 07:40:14 GMT
expires: Fri, 09 Jun 2023 00:12:26 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame 7EC5
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D733849%26extuid%3D%24UID
https://sync.adtelligent.com/csync?t=a&ep=733849&extuid=2010292523365572458

43 B
456 B

179ms
111ms

Document
image/gif

23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=733849&extuid=2010292523365572458
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://www.picuki.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Length: 43
Content-Type: image/gif
Date: Thu, 08 Jun 2023 07:40:13 GMT
Etag: 6c9c680cf91140a1
Server: Adtelligent

Redirect headers

AN-X-Request-Uuid: 46081bac-e83d-4683-b3c0-5083155453b2
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=utf-8
Date: Thu, 08 Jun 2023 07:40:14 GMT
Expires: Sat, 15 Nov 2008 16:00:00 GMT
Location: https://sync.adtelligent.com/csync?t=a&ep=733849&extuid=2010292523365572458
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma: no-cache
Server: nginx/1.23.4
X-Proxy-Origin: 80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection: 0

GET
H/1.1 200
OK sync.html Show response
s.console.adtarget.com.tr/ Frame 6989 2 KB
1 KB 47ms
46ms Document
text/html 2a0c:5c81:5145::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5145::2 Brent, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 7dda27a21d2cab5ef52a86f04ce507219dda8ab16bf52f19de0000673f9e5055

Request headers

Referer: https://www.picuki.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.picuki.com
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 961
Content-Type: text/html; charset=UTF-8
Date: Thu, 08 Jun 2023 07:40:13 GMT
Server: Adtelligent
X-Robots-Tag: noindex

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 1606 281 B
554 B 48ms
48ms Document
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.picuki.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 08 Jun 2023 07:40:14 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1

200
OK

usg.gif
sync.go.sonobi.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=MDgyMjFhMzUtNTI2NS00Y2YxLTk2NjgtYzdiNTRlZTAwZDk3
https://sync.go.sonobi.com/usg.gif?google_gid=CAESECwPsw2q22NQWjb4I49YEBg&google_cver=1

49 B
446 B

135ms
133ms

Image
image/gif

69.166.1.10
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/usg.gif?google_gid=CAESECwPsw2q22NQWjb4I49YEBg&google_cver=1

Requested by

Host: www.picuki.com
URL: https://www.picuki.com/profile/rudy_israel

Protocol

HTTP/1.1

Server

69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jun 2023 07:40:14 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-5-19
Content-Type: image/gif
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Length: 49
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 08 Jun 2023 07:40:14 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.go.sonobi.com/usg.gif?google_gid=CAESECwPsw2q22NQWjb4I49YEBg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 288
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 5220 34 KB
10 KB 49ms
47ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 0b2cec4a7f5373abdc638ac2803d3edc6d119f64e1aacb62800bfd45eff17b73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Thu, 08 Jun 2023 07:40:14 GMT
Content-Encoding: gzip
Last-Modified: Wed, 07 Jun 2023 14:29:44 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=24514
Connection: keep-alive
Content-Length: 10113
Expires: Thu, 08 Jun 2023 14:28:48 GMT

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 191D
Redirect Chain

https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
https://usersync.gumgum.com/usersync?b=apn&i=2010292523365572458

35 B
250 B

58ms
57ms

Image
image/gif

52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=apn&i=2010292523365572458
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: HTTP/1.1
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Thu, 08 Jun 2023 07:40:14 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

Date: Thu, 08 Jun 2023 07:40:14 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 80.255.7.108; 80.255.7.108; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 57270055-61e3-4d3f-be3a-1b5fd2bd2127
Server: nginx/1.23.2
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://usersync.gumgum.com/usersync?b=apn&i=2010292523365572458
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 191D
Redirect Chain

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_3669e6a6-26f5-4699-9b14-91acccedbe01&gdpr=&gdpr_consent=&us_privacy=
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgumgum2
https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgumgum2
https://x.bidswitch.net/sync?dsp_id=59&user_id=eb8be46f-aed6-4dc4-aa9d-aa40b5263471&ssp=gumgum2
https://usersync.gumgum.com/usersync?b=bsw&i=395da4e5-7a73-425d-b97d-bc53dd5eb6ea&gdpr=&gdpr_consent=&us_privacy=

35 B
250 B

57ms
56ms

Image
image/gif

52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=bsw&i=395da4e5-7a73-425d-b97d-bc53dd5eb6ea&gdpr=&gdpr_consent=&us_privacy=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: HTTP/1.1
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Thu, 08 Jun 2023 07:40:15 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

location: //usersync.gumgum.com/usersync?b=bsw&i=395da4e5-7a73-425d-b97d-bc53dd5eb6ea&gdpr=&gdpr_consent=&us_privacy=
date: Thu, 08 Jun 2023 07:40:15 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 191D
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
https://usersync.gumgum.com/usersync?b=sta&i=0-f3637285-b477-5d23-47ec-f8e0e7db5f30$ip$80.255.7.108

35 B
250 B

56ms
56ms

Image
image/gif

52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=sta&i=0-f3637285-b477-5d23-47ec-f8e0e7db5f30$ip$80.255.7.108
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: HTTP/1.1
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Thu, 08 Jun 2023 07:40:14 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

Location: https://usersync.gumgum.com/usersync?b=sta&i=0-f3637285-b477-5d23-47ec-f8e0e7db5f30$ip$80.255.7.108
Date: Thu, 08 Jun 2023 07:40:14 GMT
Connection: keep-alive
Content-Length: 126
Content-Type: text/html; charset=utf-8

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 191D
Redirect Chain

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_3669e6a6-26f5-4699-9b14-91acccedbe01&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
https://usersync.gumgum.com/usersync?b=zem&i=

35 B
250 B

56ms
56ms

Image
image/gif

52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=zem&i=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: HTTP/1.1
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Thu, 08 Jun 2023 07:40:15 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

Location: https://usersync.gumgum.com/usersync?b=zem&i=
Pragma: no-cache
Date: Thu, 08 Jun 2023 07:40:14 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 72
Content-Type: text/html; charset=utf-8

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 191D
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
https://usersync.gumgum.com/usersync?b=pln&i=So7fVNA6LfTd&ev=1&pid=558355

35 B
250 B

57ms
57ms

Image
image/gif

52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=pln&i=So7fVNA6LfTd&ev=1&pid=558355
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: HTTP/1.1
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Thu, 08 Jun 2023 07:40:14 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

strict-transport-security: max-age=15768000
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server: Jetty(10.0.14)
content-language: de-DE
location: https://usersync.gumgum.com/usersync?b=pln&i=So7fVNA6LfTd&ev=1&pid=558355
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-6d945594b4-rw472
expires: -1

GET
H/1.1

200
OK

syncPlatform
sync.outbrain.com/ Frame 191D
Redirect Chain

https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRd...
https://usersync.gumgum.com/usersync?b=obn&i=ENC%28imqH2P2mBjFbAJpyjJV5ttr86mXv6TmlOttTJjFSfsXj94NreWYgLBZze3MLnI1E%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_3669e6a6-26f5-4699-9b14-91acccedbe01&obuid=ENC(imqH2P2mBjFbAJpyjJV5ttr86mXv6TmlOttTJjFSfsXj94NreWYgLBZze3MLnI1E)
https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51

0
145 B

168ms
118ms

Image
text/plain

64.202.112.31
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: HTTP/1.1
Server: 64.202.112.31 Chicago, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Thu, 08 Jun 2023 07:40:15 GMT
Cache-Control: no-cache
X-TraceId: bdcf68bcaaa76caffab086d7853c1917
Content-Length: 0

Redirect headers

Location: https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51
Date: Thu, 08 Jun 2023 07:40:15 GMT
X-TraceId: 85d4893b3597ca1e5f07063bced42613
Content-Length: 0

GET
H3 200 cm
us-u.openx.net/w/1.0/ Frame 191D 43 B
75 B 51ms
49ms Image
image/gif 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 07:40:14 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 191D
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent=
https://usersync.gumgum.com/usersync?b=oth&i=y-MzJs0xxE2pdjfmvBGlnlkqbRiIubzEB7UdSO~A

35 B
250 B

57ms
56ms

Image
image/gif

52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=oth&i=y-MzJs0xxE2pdjfmvBGlnlkqbRiIubzEB7UdSO~A
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: HTTP/1.1
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Thu, 08 Jun 2023 07:40:14 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

date: Thu, 08 Jun 2023 07:40:14 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://usersync.gumgum.com/usersync?b=oth&i=y-MzJs0xxE2pdjfmvBGlnlkqbRiIubzEB7UdSO~A
content-length: 0

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 191D
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%...
https://usersync.gumgum.com/usersync?b=vnt&i=f4f230c0-4d04-4754-9ccb-a366018deb45

35 B
250 B

68ms
57ms

Image
image/gif

52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=vnt&i=f4f230c0-4d04-4754-9ccb-a366018deb45
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: HTTP/1.1
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Thu, 08 Jun 2023 07:40:14 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

Location: https://usersync.gumgum.com/usersync?b=vnt&i=f4f230c0-4d04-4754-9ccb-a366018deb45
Date: Thu, 08 Jun 2023 07:40:14 GMT
Connection: keep-alive
X-CI-RTID: 2e82de41-b106-462c-b95b-21cc1865ac4f
Content-Length: 108
Content-Type: text/html; charset=utf-8

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 191D
Redirect Chain

https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
https://usersync.gumgum.com/usersync?b=snc&i=GDPR

35 B
250 B

62ms
56ms

Image
image/gif

52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=snc&i=GDPR
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: HTTP/1.1
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Thu, 08 Jun 2023 07:40:14 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

date: Thu, 08 Jun 2023 07:40:14 GMT
via: 1.1 varnish
server: nginx
age: 0
access-control-allow-methods: POST,GET,HEAD,OPTIONS
x-varnish: 597231930
location: https://usersync.gumgum.com/usersync?b=snc&i=GDPR
access-control-allow-origin: https://rtb.gumgum.com/
access-control-allow-credentials: true
content-length: 0

GET
H2 200 142
match.deepintent.com/usersync/ Frame 191D 0
16 B 123ms
121ms Image
text/plain 8.18.47.7
DEEPINTENT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 8.18.47.7 Miami, United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software: a /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:14 GMT
content-length: 0
server: a

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 191D
Redirect Chain

https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
https://usersync.gumgum.com/usersync?b=idi&i=4f83d804-a17a-47e8-9910-870fa15f0259

35 B
250 B

56ms
55ms

Image
image/gif

52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=idi&i=4f83d804-a17a-47e8-9910-870fa15f0259
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: HTTP/1.1
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Thu, 08 Jun 2023 07:40:14 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

location: https://usersync.gumgum.com/usersync?b=idi&i=4f83d804-a17a-47e8-9910-870fa15f0259
access-control-allow-origin: *
date: Thu, 08 Jun 2023 07:40:14 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame 191D 0
75 B 51ms
49ms Image
text/plain 185.86.138.151
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.151 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:14 GMT
content-length: 0

GET
H2 200 um
sync.e-planning.net/ Frame 191D 42 B
103 B 40ms
38ms Image
image/gif 193.3.178.3
E-PLANNING-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.e-planning.net/um?dc=1a6b1d3b3872943b&fi=719ef7d6c453fa93&uid=e_3669e6a6-26f5-4699-9b14-91acccedbe01
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

server: openresty
date: Thu, 08 Jun 2023 07:40:14 GMT
content-type: image/gif

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 7C01 34 KB
10 KB 49ms
48ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 0b2cec4a7f5373abdc638ac2803d3edc6d119f64e1aacb62800bfd45eff17b73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Thu, 08 Jun 2023 07:40:14 GMT
Content-Encoding: gzip
Last-Modified: Wed, 07 Jun 2023 14:29:44 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=24514
Connection: keep-alive
Content-Length: 10113
Expires: Thu, 08 Jun 2023 14:28:48 GMT

GET
H/1.1 400
Bad Request user-sync Show response
sync.adkernel.com/ Frame D0D5 22 B
192 B 141ms
47ms Document
text/plain 77.245.57.72
WEBAIR-INTERNET-MTL

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adkernel.com/user-sync?zone=181093&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dmdp%26i%3D%5BUID%5D&gdpr=&gdpr_consent=&ccpa=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software: nginx /
Resource Hash: 4ca18c247df52dd22650bd7f72f71d7c98102243b0ec474f683c6a279ad3a668

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Age: 0
Cache-Control: no-store
Connection: close
Content-Length: 22
Date: Thu, 08 Jun 2023 07:40:14 GMT
Pragma: no-cache
Server: nginx

GET
H/1.1 400
Bad Request e9d4ff858b5e32317e843f5ed11b2659.gif Show response
cs.iqzone.com/ Frame 00A4 20 B
189 B 4688ms
1769ms Document
text/plain 8.2.111.13
NATCOWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://cs.iqzone.com/e9d4ff858b5e32317e843f5ed11b2659.gif?puid=e_3669e6a6-26f5-4699-9b14-91acccedbe01&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diqz
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.2.111.13 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx /
Resource Hash: c1e253200f916f76ff84eed9148f10f19670158475f152653d064f4c6127558d

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Type: text/plain
Date: Thu, 08 Jun 2023 07:40:19 GMT
Server: nginx
Transfer-Encoding: chunked

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 80BA 16 KB
6 KB 42ms
41ms Document
text/html 23.32.184.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=59532
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Thu, 08 Jun 2023 07:40:14 GMT
expires: Fri, 09 Jun 2023 00:12:26 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 generic Show response
match.adsrvr.org/track/cmf/ Frame 0081 70 B
264 B 58ms
58ms Document
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-length: 70
content-type: image/gif
date: Thu, 08 Jun 2023 07:40:14 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame 5BD3
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
https://usersync.gumgum.com/usersync?b=mmh&i=48866481-85de-4f00-8fe9-3444e552210b&gdpr=&gdpr_consent=

35 B
250 B

59ms
59ms

Document
image/gif

52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=mmh&i=48866481-85de-4f00-8fe9-3444e552210b&gdpr=&gdpr_consent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Thu, 08 Jun 2023 07:40:14 GMT
Expires: 0
Pragma: no-cache

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Content-Type: image/gif
Date: Thu, 08 Jun 2023 07:40:14 GMT
Expires: Thu, 08 Jun 2023 07:40:13 GMT
Keep-Alive: timeout=360
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 933 7933424 master pao-pixel-x24 config_version:"808"
location: https://usersync.gumgum.com/usersync?b=mmh&i=48866481-85de-4f00-8fe9-3444e552210b&gdpr=&gdpr_consent=

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame 514C
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=
https://usersync.gumgum.com/usersync?b=atm&i=ZIGF3gAQJUIl8wAp&gdpr=&gdpr_consent=

35 B
250 B

61ms
57ms

Document
image/gif

52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=atm&i=ZIGF3gAQJUIl8wAp&gdpr=&gdpr_consent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Thu, 08 Jun 2023 07:40:14 GMT
Expires: 0
Pragma: no-cache

Redirect headers

accept-ranges: bytes
cache-control: no-cache
content-length: 0
date: Thu, 08 Jun 2023 07:40:14 GMT
location: https://usersync.gumgum.com/usersync?b=atm&i=ZIGF3gAQJUIl8wAp&gdpr=&gdpr_consent=
pragma: no-cache
retry-after: 0
server: Varnish
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-fra-etou8220048-FRA
x-timer: S1686210015.671907,VS0,VE0

GET
H3 200 pixel Show response
cm.g.doubleclick.net/ Frame CBBE 170 B
188 B 53ms
53ms Document
image/png 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D719ef7d6c453fa93%26uid%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 170
content-type: image/png
cross-origin-resource-policy: cross-origin
date: Thu, 08 Jun 2023 07:40:14 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: HTTP server (unknown)
x-xss-protection: 0

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame AD5A
Redirect Chain

https://tg.socdm.com/aux/idsync?proto=gumgum
https://usersync.gumgum.com/usersync?b=sus&i=ZIGF38Co5ukAAJL1eIgAAAAA

35 B
250 B

56ms
55ms

Document
image/gif

52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=sus&i=ZIGF38Co5ukAAJL1eIgAAAAA
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Thu, 08 Jun 2023 07:40:15 GMT
Expires: 0
Pragma: no-cache

Redirect headers

Cache-Control: private
Connection: keep-alive
Content-Length: 0
Date: Thu, 08 Jun 2023 07:40:15 GMT
Location: https://usersync.gumgum.com/usersync?b=sus&i=ZIGF38Co5ukAAJL1eIgAAAAA
P3P: CP="See also http://www.scaleout.jp/privacy/"
Server: nginx
X-SO-Ads-Time: 3
X-SO-Cluster-ID: 0
X-SO-HostName: a-ad40014.dc2p.scaleout.jp
X-SO-IP: 80.255.7.108
X-SO-Key: ZIGF38Co5ukAAJL1eIgAAAAA
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"ZIGF38Co5ukAAJL1eIgAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"a-ad40014"}
X-SO-LB-Hostname: a-tgng40018.dc2p.scaleout.jp
X-SO-Upstream-ID: a-ad40014

GET
H/1.1 400
Bad Request gumgum Show response
cs.admanmedia.com/sync/ Frame F545 20 B
189 B 3173ms
3046ms Document
text/plain 80.77.87.161
NATCOWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://cs.admanmedia.com/sync/gumgum?puid=e_3669e6a6-26f5-4699-9b14-91acccedbe01&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=&gdpr_consent=&ccpa=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 80.77.87.161 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx /
Resource Hash: c1e253200f916f76ff84eed9148f10f19670158475f152653d064f4c6127558d

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Type: text/plain
Date: Thu, 08 Jun 2023 07:40:17 GMT
Server: nginx
Transfer-Encoding: chunked

GET
H3 200 _gLG9aN8cjF7vXKbMeOxmtCOjM8PIsJVPzQXNT2dY7E.js Show response
pagead2.googlesyndication.com/bg/ Frame 70B7 37 KB
14 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/_gLG9aN8cjF7vXKbMeOxmtCOjM8PIsJVPzQXNT2dY7E.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe02c6f5a37c72317bbd729b31e3b19ad08e8ccf0f22c2553f3417353d9d63b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 19:31:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 130137
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14773
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Jun 2024 19:31:17 GMT

GET
H2 204 pixelSync
pixel.sitescout.com/dmp/ Frame 65D7 0
187 B 42ms
41ms Image
text/plain 98.98.134.241
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D84e816764fcbc1fd
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: A /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Thu, 08 Jun 2023 07:40:14 GMT
cache-control: max-age=0,no-cache,no-store
server: A
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

um
u-ams03.e-planning.net/ Frame 65D7
Redirect Chain

https://sync.admanmedia.com/pbs.gif?redir=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D9937b3fd6e9a979a%26fi%3D84e816764fcbc1fd%26uid%3D%5BUID%5D
https://u-ams03.e-planning.net/um?dc=9937b3fd6e9a979a&fi=84e816764fcbc1fd&uid=9a2e25f0-20cf-4c77-9dab-195c52e0b736

42 B
103 B

39ms
38ms

Image
image/gif

193.3.178.3
E-PLANNING-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-ams03.e-planning.net/um?dc=9937b3fd6e9a979a&fi=84e816764fcbc1fd&uid=9a2e25f0-20cf-4c77-9dab-195c52e0b736
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Server: 193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

server: openresty
date: Thu, 08 Jun 2023 07:40:14 GMT
content-type: image/gif

Redirect headers

Location: https://u-ams03.e-planning.net/um?dc=9937b3fd6e9a979a&fi=84e816764fcbc1fd&uid=9a2e25f0-20cf-4c77-9dab-195c52e0b736
Date: Thu, 08 Jun 2023 07:40:14 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked

GET
H2 200 lotame20230117.js Show response
s.e-planning.net/esb/4/0/1992d/876bf12ed75fef1e/ Frame 65D7 676 B
574 B 52ms
51ms Script
application/x-javascript 193.3.178.2
E-PLANNING-

General

Check archive.org

Show headers Download Go to

Full URL: https://s.e-planning.net/esb/4/0/1992d/876bf12ed75fef1e/lotame20230117.js
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.178.2 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: s.e-planning.net
Software: openresty /
Resource Hash: 631e4c0cb82e03a77dbf7111e8303534d183747050352701d0483b4bdbd3ec81

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:13 GMT
content-encoding: gzip
last-modified: Tue, 17 Jan 2023 20:00:05 GMT
server: openresty
etag: W/"63c6fe45-2a4"
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=157680000
expires: Tue, 06 Jun 2028 07:40:13 GMT

GET
H2

200

um
u-ams03.e-planning.net/ Frame 65D7
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D84e816764fcbc1fd%26uid%3D%24UID
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=84e816764fcbc1fd&uid=2010292523365572458

42 B
103 B

42ms
42ms

Image
image/gif

193.3.178.3
E-PLANNING-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=84e816764fcbc1fd&uid=2010292523365572458
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Server: 193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

server: openresty
date: Thu, 08 Jun 2023 07:40:14 GMT
content-type: image/gif

Redirect headers

Date: Thu, 08 Jun 2023 07:40:14 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 3c0e7717-8fc6-434e-9b9a-7ced28281b43
Server: nginx/1.23.4
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=84e816764fcbc1fd&uid=2010292523365572458
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

um
u-ams03.e-planning.net/ Frame 65D7
Redirect Chain

https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3D84e816764fcbc1fd%26uid%3D%24UID&partner=eplanning
https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=84e816764fcbc1fd&uid=ua-b2417b94-1c48-3964-97db-0ba5156b743c

42 B
103 B

40ms
40ms

Image
image/gif

193.3.178.3
E-PLANNING-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=84e816764fcbc1fd&uid=ua-b2417b94-1c48-3964-97db-0ba5156b743c
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Server: 193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

server: openresty
date: Thu, 08 Jun 2023 07:40:14 GMT
content-type: image/gif

Redirect headers

location: https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=84e816764fcbc1fd&uid=ua-b2417b94-1c48-3964-97db-0ba5156b743c
pragma: no-cache
date: Thu, 08 Jun 2023 07:40:14 GMT
cache-control: no-store
content-length: 0
expires: 0

GET
H/1.1 200
OK us
sync.go.sonobi.com/ Frame 65D7 0
411 B 124ms
123ms Image
text/plain 69.166.1.10
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=%0A%0Ahttps%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De52415579699e09f%26fi%3D84e816764fcbc1fd%26uid%3D%5BUID%5D

Requested by

Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jun 2023 07:40:14 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-5-19
Content-Type: text/plain; charset=utf8
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3 200 prebid
rtb.openx.net/sync/ Frame 65D7 43 B
58 B 58ms
57ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D84e816764fcbc1fd%26uid%3D%24%7BUID%7D
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 07:40:14 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H2

200

um
u-ams03.e-planning.net/ Frame 65D7
Redirect Chain

https://cookies.nextmillmedia.com/sync?type=image&gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%5BNMUID%5D%26dc%...
https://u-ams03.e-planning.net/um?uid=csuid_038148ae-9f03-4456-a7d3-49f8363efbfe&dc=b337141cfdc8cf59&fi=84e816764fcbc1fd

42 B
103 B

39ms
38ms

Image
image/gif

193.3.178.3
E-PLANNING-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-ams03.e-planning.net/um?uid=csuid_038148ae-9f03-4456-a7d3-49f8363efbfe&dc=b337141cfdc8cf59&fi=84e816764fcbc1fd
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Server: 193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

server: openresty
date: Thu, 08 Jun 2023 07:40:14 GMT
content-type: image/gif

Redirect headers

location: https://u-ams03.e-planning.net/um?uid=csuid_038148ae-9f03-4456-a7d3-49f8363efbfe&dc=b337141cfdc8cf59&fi=84e816764fcbc1fd
date: Thu, 08 Jun 2023 07:40:14 GMT
server: fasthttp
content-length: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 1606 34 KB
10 KB 52ms
47ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 0b2cec4a7f5373abdc638ac2803d3edc6d119f64e1aacb62800bfd45eff17b73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Thu, 08 Jun 2023 07:40:14 GMT
Content-Encoding: gzip
Last-Modified: Wed, 07 Jun 2023 14:29:44 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=24514
Connection: keep-alive
Content-Length: 10113
Expires: Thu, 08 Jun 2023 14:28:48 GMT

GET
H/1.1

200
OK

setuid
user-sync.adxpremium.services/ Frame 3514
Redirect Chain

https://as.ck-ie.com/prebid.gif?limit=50&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsmartyads%26uid%3D%5BUID%5D
https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=277e93d456c19b933cab211609ac3880d2fca623cda996fa2448985973b87c36

86 B
564 B

150ms
48ms

Image
image/png

135.125.163.79
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=277e93d456c19b933cab211609ac3880d2fca623cda996fa2448985973b87c36
Requested by: Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Server: 135.125.163.79 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3190286.ip-135-125-163.eu
Software: /
Resource Hash: c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adxbid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:15 GMT
content-length: 86
content-type: image/png

Redirect headers

Location: https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=277e93d456c19b933cab211609ac3880d2fca623cda996fa2448985973b87c36
Pragma: no-cache
Date: Thu, 08 Jun 2023 07:40:15 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Transfer-Encoding: chunked
Expires: 0

GET
H/1.1 200
OK usermatchredir Show response
ssum-sec.casalemedia.com/ Frame AD0C 43 B
632 B 40ms
40ms Document
image/gif 185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif
Date: Thu, 08 Jun 2023 07:40:14 GMT
Expires: 0
Keep-Alive: timeout=1, max=497
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Server: Apache

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame B66C
Redirect Chain

https://creativecdn.com/cm-notify?pi=gumgum
https://usersync.gumgum.com/usersync?b=rth&i=N7fCtP1YxmCs0rveLB0j&pi=gumgum

35 B
250 B

68ms
65ms

Document
image/gif

52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=rth&i=N7fCtP1YxmCs0rveLB0j&pi=gumgum
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Thu, 08 Jun 2023 07:40:14 GMT
Expires: 0
Pragma: no-cache

Redirect headers

cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
date: Thu, 08 Jun 2023 07:40:14 GMT Thu, 08 Jun 2023 07:40:14 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://usersync.gumgum.com/usersync?b=rth&i=N7fCtP1YxmCs0rveLB0j&pi=gumgum
pragma: no-cache

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 0782
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
https://eus.rubiconproject.com/usync.html?p=gumgum

281 B
554 B

41ms
40ms

Document
text/html

23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 08 Jun 2023 07:40:14 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Thu, 08 Jun 2023 07:40:14 GMT
location: https://eus.rubiconproject.com/usync.html?p=gumgum
server: AkamaiGHost
server-timing: ak_p; desc="1686210014741_390277187_9869624_15_828_38_0_255";dur=1

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 1D2D 16 KB
6 KB 40ms
40ms Document
text/html 23.32.184.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://s.adtelligent.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=59532
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Thu, 08 Jun 2023 07:40:14 GMT
expires: Fri, 09 Jun 2023 00:12:26 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 204 /
onetag-sys.com/usync/ Frame 8E6B 0
0 41ms
39ms Document
text/plain 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=0&gdpr_consent=

Requested by

Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://s.adtelligent.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H/1.1

200
OK

csync Show response
sync.spotim.market/ Frame 97E4
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D323548%26extuid%3D%24UID%26%5BGDPR_APPLIES%5D%26gdpr_consent%3D%5BGDPR_CONSENT_STRING%5D
https://sync.spotim.market/csync?t=a&ep=323548&extuid=2010292523365572458&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]

43 B
452 B

206ms
111ms

Document
image/gif

23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.spotim.market/csync?t=a&ep=323548&extuid=2010292523365572458&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://s.adtelligent.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Length: 43
Content-Type: image/gif
Date: Thu, 08 Jun 2023 07:40:14 GMT
Etag: 9dc3a375a1cf0dc5
Server: Adtelligent

Redirect headers

AN-X-Request-Uuid: d67fa34c-1557-4b05-9508-411708164fb1
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=utf-8
Date: Thu, 08 Jun 2023 07:40:14 GMT
Expires: Sat, 15 Nov 2008 16:00:00 GMT
Location: https://sync.spotim.market/csync?t=a&ep=323548&extuid=2010292523365572458&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma: no-cache
Server: nginx/1.23.4
X-Proxy-Origin: 80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection: 0

GET
H/1.1 200
OK csync
sync.adtelligent.com/ Frame 353B 43 B
320 B 112ms
111ms Image
image/gif 23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?redir=
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Thu, 08 Jun 2023 07:40:14 GMT
Server: Adtelligent
Etag: 6c9c680cf91140a1
Content-Length: 43
Content-Type: image/gif

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 8EC7
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu

281 B
554 B

40ms
40ms

Document
text/html

23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 08 Jun 2023 07:40:14 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Thu, 08 Jun 2023 07:40:14 GMT
location: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
server: AkamaiGHost
server-timing: ak_p; desc="1686210014812_390277187_9869732_15_654_38_0_255";dur=1

GET
H/1.1 200
OK usermatch Show response
ssum.casalemedia.com/ Frame 2EDA 2 KB
2 KB 51ms
49ms Document
text/html 185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D84e816764fcbc1fd%26uid%3D
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: 191c02f79afccaef66e4309f04edab1b0c10c636f07a79bd1147122144bcbf44

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache
Connection: Keep-Alive
Content-Length: 1656
Content-Type: text/html
Date: Thu, 08 Jun 2023 07:40:14 GMT
Expires: 0
Keep-Alive: timeout=1, max=497
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Server: Apache

GET
H2 200 navegg_2022_01_br.html Show response
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame D591 1 KB
998 B 49ms
48ms Document
text/html 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 Cantonment, United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=157680000
cf4age: 0
cf4ttl: 157680000.000
content-encoding: gzip
content-length: 624
content-type: text/html
date: Thu, 08 Jun 2023 07:40:14 GMT
etag: W/"61ddbb71-5f5"
expires: Thu, 02 Mar 2028 17:17:56 GMT
last-modified: Tue, 11 Jan 2022 17:16:33 GMT
server: CFS 0215
x-cf-reqid: 65f9c9d3e338aebe3404924735cb7a0e
x-cf-tsc: 1677950277
x-cf1: 29080:fJ.fra2:co:1585621119:cacheN.fra2-01:H
x-cf2: H
x-cf3: M
x-cff: B

GET
H2 204 /
onetag-sys.com/usync/ Frame C727 0
0 49ms
49ms Document
text/plain 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=5927d926323dc2c

Requested by

Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 200 / Show response
spl.zeotap.com/ Frame 0E5A 760 B
908 B 55ms
55ms Document
text/html 2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Requested by

Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a0391aa9568c39968f3449757e35ca11be6a0b0f528f7cb5d9afa179d59f51e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://ads.us.e-planning.net
cf-cache-status: DYNAMIC
cf-ray: 7d3f7c508de7902e-FRA
content-encoding: br
content-type: text/html
date: Thu, 08 Jun 2023 07:40:14 GMT
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
via: 1.1 google
x-content-type-options: nosniff

GET
H/1.1

200
OK

csync Show response
sync.console.adtarget.com.tr/ Frame D17B
Redirect Chain

https://creativecdn.com/cm-notify?pi=admatic
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=N7fCtP1YxmCs0rveLB0j&pi=admatic

43 B
473 B

116ms
113ms

Document
image/gif

23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=N7fCtP1YxmCs0rveLB0j&pi=admatic
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Length: 43
Content-Type: image/gif
Date: Thu, 08 Jun 2023 07:40:14 GMT
Etag: 783f5571dd1dbd41
Server: Adtelligent

Redirect headers

cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
date: Thu, 08 Jun 2023 07:40:14 GMT Thu, 08 Jun 2023 07:40:14 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=N7fCtP1YxmCs0rveLB0j&pi=admatic
pragma: no-cache

GET
H/1.1

200
OK

csync Show response
sync.console.adtarget.com.tr/ Frame 0DD3
Redirect Chain

https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=3774514616463086421

43 B
472 B

144ms
111ms

Document
image/gif

23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=3774514616463086421
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Length: 43
Content-Type: image/gif
Date: Thu, 08 Jun 2023 07:40:14 GMT
Etag: 783f5571dd1dbd41
Server: Adtelligent

Redirect headers

content-length: 0
content-type: text/plain
date: Thu, 08 Jun 2023 07:40:14 GMT
location: https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=3774514616463086421
server: nginx

GET
H/1.1

200
OK

csync Show response
sync.console.adtarget.com.tr/ Frame 2DDB
Redirect Chain

https://ad.360yield.com/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D743408%26extuid%3D%7BPUB_USER_ID%7D%26gdpr%3D%5Breplace_me%...
https://sync.console.adtarget.com.tr/csync?t=a&ep=743408&extuid=4f83d804-a17a-47e8-9910-870fa15f0259&gdpr=[replace_me]&gdpr_consent=[replace_me]

43 B
489 B

211ms
111ms

Document
image/gif

23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.console.adtarget.com.tr/csync?t=a&ep=743408&extuid=4f83d804-a17a-47e8-9910-870fa15f0259&gdpr=[replace_me]&gdpr_consent=[replace_me]
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Length: 43
Content-Type: image/gif
Date: Thu, 08 Jun 2023 07:40:14 GMT
Etag: 783f5571dd1dbd41
Server: Adtelligent

Redirect headers

access-control-allow-origin: *
content-length: 0
content-type: text/plain
date: Thu, 08 Jun 2023 07:40:14 GMT
location: https://sync.console.adtarget.com.tr/csync?t=a&ep=743408&extuid=4f83d804-a17a-47e8-9910-870fa15f0259&gdpr=[replace_me]&gdpr_consent=[replace_me]
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200
OK

csync Show response
sync.console.adtarget.com.tr/ Frame 0E23
Redirect Chain

https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D743845%26extuid%3D%24UID
https://sync.console.adtarget.com.tr/csync?t=a&ep=743845&extuid=3774514616463086421

43 B
472 B

178ms
111ms

Document
image/gif

23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.console.adtarget.com.tr/csync?t=a&ep=743845&extuid=3774514616463086421
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Length: 43
Content-Type: image/gif
Date: Thu, 08 Jun 2023 07:40:14 GMT
Etag: 783f5571dd1dbd41
Server: Adtelligent

Redirect headers

content-length: 0
content-type: text/plain
date: Thu, 08 Jun 2023 07:40:14 GMT
location: https://sync.console.adtarget.com.tr/csync?t=a&ep=743845&extuid=3774514616463086421
server: nginx

GET
H/1.1

200
OK

csync
sync.adtelligent.com/ Frame 6989
Redirect Chain

https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D
https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=783f5571dd1dbd41

43 B
453 B

112ms
111ms

Image
image/gif

23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=783f5571dd1dbd41
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol: HTTP/1.1
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.console.adtarget.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Thu, 08 Jun 2023 07:40:14 GMT
Server: Adtelligent
Etag: 6c9c680cf91140a1
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=783f5571dd1dbd41
Date: Thu, 08 Jun 2023 07:40:14 GMT
Server: Adtelligent
Etag: 783f5571dd1dbd41
Content-Length: 0

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 7C01 0
239 B 43ms
42ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LIMTWKIL-5-GIAW
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: cc9654c54e9aa67bf2b10be1073297a8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 0782 34 KB
10 KB 47ms
46ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 0b2cec4a7f5373abdc638ac2803d3edc6d119f64e1aacb62800bfd45eff17b73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Thu, 08 Jun 2023 07:40:14 GMT
Content-Encoding: gzip
Last-Modified: Wed, 07 Jun 2023 14:29:44 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=24514
Connection: keep-alive
Content-Length: 10113
Expires: Thu, 08 Jun 2023 14:28:48 GMT

GET
H2 200 / Show response
api.purpleads.io/x/v2/b/ Frame 3C0E 2 KB
1 KB 932ms
930ms Fetch
application/json 34.205.5.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.purpleads.io/x/v2/b/?idx=1&pid=ca307ec1213448a0a7ea4c6e1522d041&sizes=[[300,250],[300,250],[200,200],[250,250],[300,100]]&slotid=7371cd68-d679-4b10-8c99-7053d823db67&demand=unifiedPb&ts=1686210014905
Requested by: Host: cdn.prplads.com
URL: https://cdn.prplads.com/agent.js?publisherId=843634950ae7da8212d7bc65d4f0a97e:52301e0c24b64bee47e1918518ccf6ca04407559b11da94db7a58977efa6c61b600e63c341130ae129833a140151abb43deee7f045746681acde1e0accf71bc7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.205.5.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-205-5-140.compute-1.amazonaws.com
Software: /
Resource Hash: d34e0dd2981fe75a6d2367d361cc6c809ea53def8a505aa297562258c3e8114f

Request headers

accept-language: de-DE,de;q=0.9
x-request-url: aHR0cHM6Ly93d3cucGljdWtpLmNvbS9wcm9maWxlL3J1ZHlfaXNyYWVs
pa-user-id: fee7587b-87f1-48d9-b711-e5199e84e7d2
Authorization: Bearer 843634950ae7da8212d7bc65d4f0a97e:52301e0c24b64bee47e1918518ccf6ca04407559b11da94db7a58977efa6c61b600e63c341130ae129833a140151abb43deee7f045746681acde1e0accf71bc7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: application/json
Accept: application/json
Referer: https://www.picuki.com/
x-purpleads-version: 3.0.5

Response headers

date: Thu, 08 Jun 2023 07:40:15 GMT
content-encoding: br
etag: W/"66b-E+UVgrYg6gnrvYe0K2BlBYwuCSI"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.picuki.com
access-control-expose-headers: pa-user-id
access-control-allow-credentials: true

OPTIONS
H2 200 /
api.purpleads.io/x/v2/b/ Frame 0
0 118ms
117ms Preflight 34.205.5.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.purpleads.io/x/v2/b/?idx=1&pid=ca307ec1213448a0a7ea4c6e1522d041&sizes=[[300,250],[300,250],[200,200],[250,250],[300,100]]&slotid=7371cd68-d679-4b10-8c99-7053d823db67&demand=unifiedPb&ts=1686210014905
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.205.5.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-205-5-140.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,pa-user-id,x-purpleads-version,x-request-url
Access-Control-Request-Method: GET
Origin: https://www.picuki.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization,content-type,pa-user-id,x-purpleads-version,x-request-url
access-control-allow-origin: https://www.picuki.com
access-control-expose-headers: pa-user-id
access-control-max-age: 86400
date: Thu, 08 Jun 2023 07:40:14 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2C97 0
0 79ms
79ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvB52AY3Te8OfSaYCJi2b4FAR-bXLCfwrwm77fBJfEQMIEAjlodl4Sk5chEVPpG_MEHzjwXe5JY8199oWFbojBg7eX4JeytBHjjx_oVQWWEwpIBFUUvP0TOqs87E0sTannp25QlYYKEH0HCkYMaSGCyB_cE97IMLuGx1hVX-IMg_P8xbBrE2K49MJrPVWPdFC6u08xmNAOE_QtlnXSoVTNypEJb1A_P1-PIgdgw9bLhL8ErLL37r60RiED1xkWK0yDzwkJ6JaSARaA9w3hS1vHpuGiJnrVE-o3ZCnlvEvaYc1Faf1S8sRqJWo0sasj5IzMTdrosoNfyWToQ6mXL5juA6gWxGyhbNteKsQCZd3kiTa4oLZSYU0kY0XjZHGc5k-CIaiRSZvbz-qcUhEJgdJFhz5FGUVUp9Y9BmlBv1AmxP-N7NlWZS3gbn9FNDo2DtiQvq8OLIsbFfCBHdp7UYaEkUwmcsddr7DLKBuX1IydDis8fcQLJWjaGW6XQW61idw3IdH9uCGRjjapxeo_7VtnMc_3eeCiZfsajGcRz3YoZgJIgvfhFbbRMf-eQ1D8EWvmskWEPbOTgxHM6g1r5JrK3dLIn7qA-ESkB389C90Ia-dao3tTrlweLASMvotYOyb7RzL2WHudDy3Q1kBN_vrj-9gWVDt-OdhadWI1YWLEte9AFqCknWj94bDCwJZ9X5oTLsFJKP23j3wad-X_a_qon8EjbzGWZB_QInVZcMjUVzRj3nEONpeF4dOwWktOYsOWxhz-FHwlclNSKEPUwL_f6MsxX1OonuJeLXxP5AT6Rkov3JETQWrDUkmHvVc7fEtbbqBcmMqpyOLoKunCsZR9it70CGZt7xsmXjiddoguhwwt9CXuhQJlnsyNewCJyH0-m7lwtyzGlO2eMJJFsuLXyEvjoSWqJyw2TE-3qeh9fQo1pKj35nI_L7PrJYvp19SmOL_NNy3owuZ_4ATlhigysXXlA2p86yV5ZFHC5_2e1saXeO-jXwr6QfSBygcPAtKMdKB7fz8WUViibZpImLewH6yMVRpRVIpLPJn72Ph7GzFS-b-u_H7aaw3ZemprHhDzZrBUNuIC8fFdu5mScEyp84dIuts-7DOjWE1ctULF3i0dfqyNcspcCdsxdpbGkb-ChKXaWuSs3hbjC0eLxJ9UMKeIs7npBe0fZ5mEg2CY8smzXR151Q34YyWN04EsJw81pJywNvbTH0Fu2BZICQKSAXWDWu_qPnC-IYlHxVXg_7HEhtWKXLeHJdV-E2fpCwiR-Yw&sai=AMfl-YT7tEipQ6QOvrmWgWHoW_D8dcARfm9zgXuefv53vwTfLfHfzEHTITx6xigweGvfrNBKXgqy7ZX6_zn6gcwEPEbiVRWSGA3mOHnuALuoys4TGbEwYTAn5ph-ZBc4TYXa6dZDfPfkdmojYJQP1MEiKR5-08rEDZfDoPzZLwBJ0n2zspwPra6BU3-v-3Tg20Z6ccQYgxgf9JMCHmFnmZ-g-iZHknxd1oi1rig_WVULMyFvp1WBOxmNZDnsehg&sig=Cg0ArKJSzNjsid02UC1mEAE&uach_m=[UACH]&pr=8:D73E50BD9878A329&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1074&vt=11&dtpt=658&dett=3&cstd=376&cisv=r20230606.98667&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.picuki.com
URL: https://www.picuki.com/profile/rudy_israel

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 08 Jun 2023 07:40:14 GMT

GET
H2 200 ZIGF3crsBtBhjTc7KJhXoQAABKQAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 2EDA 43 B
602 B 59ms
58ms Image
image/gif 2a05:d018:d29:3602:51a:42ee:38f7:77d0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/ZIGF3crsBtBhjTc7KJhXoQAABKQAAAIB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=

Requested by

Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D84e816764fcbc1fd%26uid%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3602:51a:42ee:38f7:77d0 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:14 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 2EDA
Redirect Chain

https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2010292523365572458

43 B
632 B

83ms
41ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2010292523365572458
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D84e816764fcbc1fd%26uid%3D
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jun 2023 07:40:15 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Date: Thu, 08 Jun 2023 07:40:14 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 80.255.7.108; 80.255.7.108; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: aaecc52b-bbff-4a1d-95d3-4b74c0e7651c
Server: nginx/1.23.2
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2010292523365572458
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK ie
match.prod.bidr.io/cookie-sync/ Frame 2EDA 43 B
433 B 56ms
55ms Image
image/gif 54.228.73.172
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/ie

Requested by

Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D84e816764fcbc1fd%26uid%3D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.228.73.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-228-73-172.eu-west-1.compute.amazonaws.com

Software

gunicorn /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
Date: Thu, 08 Jun 2023 07:40:15 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
content-type: image/gif
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 2EDA
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZIGF3gAQJUIl8wAp

43 B
632 B

77ms
41ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZIGF3gAQJUIl8wAp
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D84e816764fcbc1fd%26uid%3D
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jun 2023 07:40:15 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

x-served-by: cache-fra-etou8220048-FRA
pragma: no-cache
date: Thu, 08 Jun 2023 07:40:15 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1686210015.004611,VS0,VE0
x-cache: HIT
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZIGF3gAQJUIl8wAp
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 2EDA
Redirect Chain

https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=gIEClY6AXsGbg1mThoAXkIHQXsCbhQuVj9QwEdh8

43 B
632 B

71ms
40ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=gIEClY6AXsGbg1mThoAXkIHQXsCbhQuVj9QwEdh8
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D84e816764fcbc1fd%26uid%3D
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jun 2023 07:40:15 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 08 Jun 2023 07:40:15 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=gIEClY6AXsGbg1mThoAXkIHQXsCbhQuVj9QwEdh8
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1

200
OK

crum
dsum.casalemedia.com/ Frame 2EDA
Redirect Chain

https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=2010292523365572458

43 B
632 B

124ms
40ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=2010292523365572458
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D84e816764fcbc1fd%26uid%3D
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jun 2023 07:40:15 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

Date: Thu, 08 Jun 2023 07:40:15 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: ed96e5f2-1cf4-4108-911d-012d50d1f1d7
Server: nginx/1.23.4
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=2010292523365572458
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 2EDA
Redirect Chain

https://cm.ctnsnet.com/int/cm?exc=19
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=9f23cfbe9609412eb598ef1193740aa0&expiration=1688802015

43 B
632 B

111ms
46ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=9f23cfbe9609412eb598ef1193740aa0&expiration=1688802015
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D84e816764fcbc1fd%26uid%3D
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jun 2023 07:40:15 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 08 Jun 2023 07:40:14 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=9f23cfbe9609412eb598ef1193740aa0&expiration=1688802015
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dcm
s.amazon-adsystem.com/ Frame 2EDA 43 B
855 B 123ms
121ms Image
image/gif 52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZIGF3crsBtBhjTc7KJhXoQAABKQAAAIB&gpp=&gpp_sid=

Requested by

Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D84e816764fcbc1fd%26uid%3D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jun 2023 07:40:15 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 7ADMNP7FHZFVPV7YZ32X
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 um
u-ams03.e-planning.net/ Frame 2EDA 42 B
103 B 74ms
72ms Image
image/gif 193.3.178.3
E-PLANNING-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-ams03.e-planning.net/um?dc=99e41df815fd80b4&fi=84e816764fcbc1fd&uid=ZIGF3crsBtBhjTc7KJhXoQAA%261188
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D84e816764fcbc1fd%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

server: openresty
date: Thu, 08 Jun 2023 07:40:15 GMT
content-type: image/gif

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 0E5A
Redirect Chain

https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D79a...
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=79a64fcc-6cfc-4445-7207-8c3d4a87e46c&reqId=561114f0-056f-4902-6c2b-d25d22d55e81&zdid=1361&puid=b516...

95 B
165 B

53ms
50ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=79a64fcc-6cfc-4445-7207-8c3d4a87e46c&reqId=561114f0-056f-4902-6c2b-d25d22d55e81&zdid=1361&puid=b516bf00-05cf-11ee-8f69-d1554a111ef4

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:15 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 7d3f7c522faf902e-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

location: https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=79a64fcc-6cfc-4445-7207-8c3d4a87e46c&reqId=561114f0-056f-4902-6c2b-d25d22d55e81&zdid=1361&puid=b516bf00-05cf-11ee-8f69-d1554a111ef4
date: Thu, 08 Jun 2023 07:40:14 GMT
cross-origin-resource-policy: cross-origin
content-length: 0

GET
H2 200 mw
mwzeom.zeotap.com/ Frame 0E5A 95 B
234 B 54ms
53ms Image
image/png 2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?zpartnerid=1353&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=79a64fcc-6cfc-4445-7207-8c3d4a87e46c&reqId=561114f0-056f-4902-6c2b-d25d22d55e81&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:14 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 7d3f7c517ee5902e-FRA
access-control-allow-headers: *
content-length: 95

GET
H2 200 cmp.min.js Show response
spl.zeotap.com/ Frame 0E5A 557 B
494 B 53ms
52ms Script
text/plain 2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=79a64fcc-6cfc-4445-7207-8c3d4a87e46c&reqId=561114f0-056f-4902-6c2b-d25d22d55e81&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

73de5d701f66c7e36612a1c33253d297ff03d59ac9b132531720ad59593f2fc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:15 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 7d3f7c51df43902e-FRA
access-control-allow-headers: *

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 8EC7 34 KB
10 KB 47ms
46ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 0b2cec4a7f5373abdc638ac2803d3edc6d119f64e1aacb62800bfd45eff17b73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Thu, 08 Jun 2023 07:40:14 GMT
Content-Encoding: gzip
Last-Modified: Wed, 07 Jun 2023 14:29:44 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=24514
Connection: keep-alive
Content-Length: 10113
Expires: Thu, 08 Jun 2023 14:28:48 GMT

GET
H2 200 15581 Show response
rtb.gumgum.com/usync/ Frame 86B8 4 KB
2 KB 58ms
57ms Document
text/html 52.51.107.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D84e816764fcbc1fd%26uid%3D
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.107.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-107-69.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: a772cd8843fbb552bbefb5407195efebc73307d159d1914e9aea45eb76510174

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Thu, 08 Jun 2023 07:40:15 GMT
etag: W/"0b394ef8866f012eb14308558414776e7"
server: nginx
timing-allow-origin: *

GET
H2 200 sync Show response
eb2.3lift.com/ Frame C57A 37 B
139 B 40ms
40ms Document
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Thu, 08 Jun 2023 07:40:15 GMT

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 256E 16 KB
6 KB 47ms
46ms Document
text/html 23.32.184.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D84e816764fcbc1fd%26uid%3D
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=59531
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Thu, 08 Jun 2023 07:40:15 GMT
expires: Fri, 09 Jun 2023 00:12:26 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H/1.1 200
OK csync Show response
sync.adtelligent.com/ Frame 1527 43 B
453 B 112ms
111ms Document
image/gif 23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=AIOxlFouGHXuimNR
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Length: 43
Content-Type: image/gif
Date: Thu, 08 Jun 2023 07:40:14 GMT
Etag: 6c9c680cf91140a1
Server: Adtelligent

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1/ Frame C7B2 13 KB
5 KB 42ms
39ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10268516360994813842/1676550659977.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 13:54:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 236733
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Jun 2024 13:54:42 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame C7B2 7 KB
6 KB 96ms
94ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3d656daaa0fa5c4427e17ffc70db286ce4a4538a380ed36e8bd7ea0a05ebac89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5576
x-xss-protection: 0

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 86B8
Redirect Chain

https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
https://usersync.gumgum.com/usersync?b=apn&i=2010292523365572458

35 B
250 B

61ms
61ms

Image
image/gif

52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=apn&i=2010292523365572458
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D84e816764fcbc1fd%26uid%3D
Protocol: HTTP/1.1
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Thu, 08 Jun 2023 07:40:15 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

Date: Thu, 08 Jun 2023 07:40:15 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 80.255.7.108; 80.255.7.108; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: b5ba8fa5-f66a-401e-96db-f06f1b7b4190
Server: nginx/1.23.2
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://usersync.gumgum.com/usersync?b=apn&i=2010292523365572458
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 86B8
Redirect Chain

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_3669e6a6-26f5-4699-9b14-91acccedbe01&gdpr=&gdpr_consent=&us_privacy=
https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=gumgum2&gdpr=&gdpr_consent=
https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=gumgum2&&user_id=So14Z0SMJDNRjyNhTIxtYkvcJDJRiXFnRdgrZCTi
https://usersync.gumgum.com/usersync?b=bsw&i=395da4e5-7a73-425d-b97d-bc53dd5eb6ea&gdpr=&gdpr_consent=&us_privacy=

35 B
250 B

90ms
56ms

Image
image/gif

52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=bsw&i=395da4e5-7a73-425d-b97d-bc53dd5eb6ea&gdpr=&gdpr_consent=&us_privacy=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D84e816764fcbc1fd%26uid%3D
Protocol: HTTP/1.1
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Thu, 08 Jun 2023 07:40:15 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

location: //usersync.gumgum.com/usersync?b=bsw&i=395da4e5-7a73-425d-b97d-bc53dd5eb6ea&gdpr=&gdpr_consent=&us_privacy=
date: Thu, 08 Jun 2023 07:40:15 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 86B8
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
https://usersync.gumgum.com/usersync?b=sta&i=0-f3637285-b477-5d23-47ec-f8e0e7db5f30$ip$80.255.7.108

35 B
250 B

57ms
57ms

Image
image/gif

52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=sta&i=0-f3637285-b477-5d23-47ec-f8e0e7db5f30$ip$80.255.7.108
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D84e816764fcbc1fd%26uid%3D
Protocol: HTTP/1.1
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Thu, 08 Jun 2023 07:40:15 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

Location: https://usersync.gumgum.com/usersync?b=sta&i=0-f3637285-b477-5d23-47ec-f8e0e7db5f30$ip$80.255.7.108
Date: Thu, 08 Jun 2023 07:40:15 GMT
Connection: keep-alive
Content-Length: 126
Content-Type: text/html; charset=utf-8

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 86B8
Redirect Chain

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_3669e6a6-26f5-4699-9b14-91acccedbe01&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
https://usersync.gumgum.com/usersync?b=zem&i=

35 B
250 B

57ms
56ms

Image
image/gif

52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=zem&i=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D84e816764fcbc1fd%26uid%3D
Protocol: HTTP/1.1
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Thu, 08 Jun 2023 07:40:15 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

Location: https://usersync.gumgum.com/usersync?b=zem&i=
Pragma: no-cache
Date: Thu, 08 Jun 2023 07:40:15 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 72
Content-Type: text/html; charset=utf-8

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 86B8
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
https://usersync.gumgum.com/usersync?b=pln&i=sVhBnn5kpWXX&ev=1&pid=558355

35 B
250 B

59ms
55ms

Image
image/gif

52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=pln&i=sVhBnn5kpWXX&ev=1&pid=558355
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D84e816764fcbc1fd%26uid%3D
Protocol: HTTP/1.1
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Thu, 08 Jun 2023 07:40:15 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

strict-transport-security: max-age=15768000
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server: Jetty(10.0.14)
content-language: de-DE
location: https://usersync.gumgum.com/usersync?b=pln&i=sVhBnn5kpWXX&ev=1&pid=558355
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-6d945594b4-rw472
expires: -1

GET
H/1.1

200
OK

syncPlatform
sync.outbrain.com/ Frame 86B8
Redirect Chain

https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRd...
https://usersync.gumgum.com/usersync?b=obn&i=ENC%28nUK4wd7qsiEhPSmg2lcpvaEZ_Z2B8i3P4J5WR5XDfTodQXnunewmCd4oFv_ZsBrQ%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_3669e6a6-26f5-4699-9b14-91acccedbe01&obuid=ENC(nUK4wd7qsiEhPSmg2lcpvaEZ_Z2B8i3P4J5WR5XDfTodQXnunewmCd4oFv_ZsBrQ)
https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51

0
145 B

117ms
116ms

Image
text/plain

64.202.112.31
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D84e816764fcbc1fd%26uid%3D
Protocol: HTTP/1.1
Server: 64.202.112.31 Chicago, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Thu, 08 Jun 2023 07:40:15 GMT
Cache-Control: no-cache
X-TraceId: 41d49d7be9de259ad872ecaf73f96716
Content-Length: 0

Redirect headers

Location: https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51
Date: Thu, 08 Jun 2023 07:40:15 GMT
X-TraceId: f76b35e2453deb7503c6c752efcbd714
Content-Length: 0

GET
H3 200 cm
us-u.openx.net/w/1.0/ Frame 86B8 43 B
75 B 53ms
50ms Image
image/gif 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D84e816764fcbc1fd%26uid%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 07:40:15 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 86B8
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent=
https://usersync.gumgum.com/usersync?b=oth&i=y-MzJs0xxE2pdjfmvBGlnlkqbRiIubzEB7UdSO~A

35 B
250 B

66ms
56ms

Image
image/gif

52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=oth&i=y-MzJs0xxE2pdjfmvBGlnlkqbRiIubzEB7UdSO~A
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D84e816764fcbc1fd%26uid%3D
Protocol: HTTP/1.1
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Thu, 08 Jun 2023 07:40:15 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

date: Thu, 08 Jun 2023 07:40:15 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://usersync.gumgum.com/usersync?b=oth&i=y-MzJs0xxE2pdjfmvBGlnlkqbRiIubzEB7UdSO~A
content-length: 0

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 86B8
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%...
https://usersync.gumgum.com/usersync?b=vnt&i=f4f230c0-4d04-4754-9ccb-a366018deb45

35 B
250 B

57ms
57ms

Image
image/gif

52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=vnt&i=f4f230c0-4d04-4754-9ccb-a366018deb45
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D84e816764fcbc1fd%26uid%3D
Protocol: HTTP/1.1
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Thu, 08 Jun 2023 07:40:15 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

Location: https://usersync.gumgum.com/usersync?b=vnt&i=f4f230c0-4d04-4754-9ccb-a366018deb45
Date: Thu, 08 Jun 2023 07:40:15 GMT
Connection: keep-alive
X-CI-RTID: 09aea43b-a595-4d9e-9bdf-286d4b3f1db0
Content-Length: 108
Content-Type: text/html; charset=utf-8

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 86B8
Redirect Chain

https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
https://usersync.gumgum.com/usersync?b=snc&i=GDPR

35 B
250 B

56ms
55ms

Image
image/gif

52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=snc&i=GDPR
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D84e816764fcbc1fd%26uid%3D
Protocol: HTTP/1.1
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Thu, 08 Jun 2023 07:40:15 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

date: Thu, 08 Jun 2023 07:40:15 GMT
via: 1.1 varnish
server: nginx
age: 0
access-control-allow-methods: POST,GET,HEAD,OPTIONS
x-varnish: 579876431
location: https://usersync.gumgum.com/usersync?b=snc&i=GDPR
access-control-allow-origin: https://rtb.gumgum.com/
access-control-allow-credentials: true
content-length: 0

GET
H2 200 142
match.deepintent.com/usersync/ Frame 86B8 0
16 B 125ms
122ms Image
text/plain 8.18.47.7
DEEPINTENT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D84e816764fcbc1fd%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 8.18.47.7 Miami, United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software: a /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:14 GMT
content-length: 0
server: a

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 86B8
Redirect Chain

https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
https://usersync.gumgum.com/usersync?b=idi&i=4f83d804-a17a-47e8-9910-870fa15f0259

35 B
250 B

57ms
57ms

Image
image/gif

52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=idi&i=4f83d804-a17a-47e8-9910-870fa15f0259
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D84e816764fcbc1fd%26uid%3D
Protocol: HTTP/1.1
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Thu, 08 Jun 2023 07:40:15 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

location: https://usersync.gumgum.com/usersync?b=idi&i=4f83d804-a17a-47e8-9910-870fa15f0259
access-control-allow-origin: *
date: Thu, 08 Jun 2023 07:40:15 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame 86B8 0
75 B 59ms
57ms Image
text/plain 185.86.138.151
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D84e816764fcbc1fd%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.151 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:14 GMT
content-length: 0

GET
H2 200 um
sync.e-planning.net/ Frame 86B8 42 B
103 B 42ms
40ms Image
image/gif 193.3.178.3
E-PLANNING-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.e-planning.net/um?dc=1a6b1d3b3872943b&fi=84e816764fcbc1fd&uid=e_3669e6a6-26f5-4699-9b14-91acccedbe01
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D84e816764fcbc1fd%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

server: openresty
date: Thu, 08 Jun 2023 07:40:15 GMT
content-type: image/gif

GET
H/1.1 400
Bad Request user-sync Show response
sync.adkernel.com/ Frame 6FD5 22 B
192 B 155ms
48ms Document
text/plain 77.245.57.72
WEBAIR-INTERNET-MTL

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adkernel.com/user-sync?zone=181093&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dmdp%26i%3D%5BUID%5D&gdpr=&gdpr_consent=&ccpa=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D84e816764fcbc1fd%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software: nginx /
Resource Hash: 4ca18c247df52dd22650bd7f72f71d7c98102243b0ec474f683c6a279ad3a668

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Age: 0
Cache-Control: no-store
Connection: close
Content-Length: 22
Date: Thu, 08 Jun 2023 07:40:15 GMT
Pragma: no-cache
Server: nginx

GET
H/1.1 400
Bad Request e9d4ff858b5e32317e843f5ed11b2659.gif Show response
cs.iqzone.com/ Frame B30B 20 B
189 B 6032ms
1843ms Document
text/plain 8.2.111.13
NATCOWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://cs.iqzone.com/e9d4ff858b5e32317e843f5ed11b2659.gif?puid=e_3669e6a6-26f5-4699-9b14-91acccedbe01&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diqz
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D84e816764fcbc1fd%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.2.111.13 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx /
Resource Hash: c1e253200f916f76ff84eed9148f10f19670158475f152653d064f4c6127558d

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Type: text/plain
Date: Thu, 08 Jun 2023 07:40:21 GMT
Server: nginx
Transfer-Encoding: chunked

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 461B 16 KB
6 KB 40ms
40ms Document
text/html 23.32.184.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D84e816764fcbc1fd%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=59531
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Thu, 08 Jun 2023 07:40:15 GMT
expires: Fri, 09 Jun 2023 00:12:26 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 generic Show response
match.adsrvr.org/track/cmf/ Frame 0951 70 B
264 B 58ms
58ms Document
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D84e816764fcbc1fd%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-length: 70
content-type: image/gif
date: Thu, 08 Jun 2023 07:40:15 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame 09C7
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
https://usersync.gumgum.com/usersync?b=mmh&i=829f6481-85de-4c00-be7d-06d6e712ce7d&gdpr=&gdpr_consent=

35 B
250 B

57ms
56ms

Document
image/gif

52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=mmh&i=829f6481-85de-4c00-be7d-06d6e712ce7d&gdpr=&gdpr_consent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D84e816764fcbc1fd%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Thu, 08 Jun 2023 07:40:15 GMT
Expires: 0
Pragma: no-cache

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Content-Type: image/gif
Date: Thu, 08 Jun 2023 07:40:15 GMT
Expires: Thu, 08 Jun 2023 07:40:14 GMT
Keep-Alive: timeout=360
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 933 7933424 master pao-pixel-x26 config_version:"808"
location: https://usersync.gumgum.com/usersync?b=mmh&i=829f6481-85de-4c00-be7d-06d6e712ce7d&gdpr=&gdpr_consent=

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame FFF2
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=
https://usersync.gumgum.com/usersync?b=atm&i=ZIGF3gAQJUIl8wAp&gdpr=&gdpr_consent=

35 B
250 B

59ms
56ms

Document
image/gif

52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=atm&i=ZIGF3gAQJUIl8wAp&gdpr=&gdpr_consent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D84e816764fcbc1fd%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Thu, 08 Jun 2023 07:40:15 GMT
Expires: 0
Pragma: no-cache

Redirect headers

accept-ranges: bytes
cache-control: no-cache
content-length: 0
date: Thu, 08 Jun 2023 07:40:15 GMT
location: https://usersync.gumgum.com/usersync?b=atm&i=ZIGF3gAQJUIl8wAp&gdpr=&gdpr_consent=
pragma: no-cache
retry-after: 0
server: Varnish
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-fra-etou8220048-FRA
x-timer: S1686210015.170036,VS0,VE0

GET
H3 200 pixel Show response
cm.g.doubleclick.net/ Frame 4D45 170 B
188 B 57ms
53ms Document
image/png 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D84e816764fcbc1fd%26uid%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 170
content-type: image/png
cross-origin-resource-policy: cross-origin
date: Thu, 08 Jun 2023 07:40:15 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: HTTP server (unknown)
x-xss-protection: 0

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame FE92
Redirect Chain

https://tg.socdm.com/aux/idsync?proto=gumgum
https://usersync.gumgum.com/usersync?b=sus&i=ZIGF38Co5ucAAOzzFQAAAAAA

35 B
250 B

79ms
55ms

Document
image/gif

52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=sus&i=ZIGF38Co5ucAAOzzFQAAAAAA
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D84e816764fcbc1fd%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Thu, 08 Jun 2023 07:40:15 GMT
Expires: 0
Pragma: no-cache

Redirect headers

Cache-Control: private
Connection: keep-alive
Content-Length: 0
Date: Thu, 08 Jun 2023 07:40:15 GMT
Location: https://usersync.gumgum.com/usersync?b=sus&i=ZIGF38Co5ucAAOzzFQAAAAAA
P3P: CP="See also http://www.scaleout.jp/privacy/"
Server: nginx
X-SO-Ads-Time: 3
X-SO-Cluster-ID: 0
X-SO-HostName: a-ad40214.dc2p.scaleout.jp
X-SO-IP: 80.255.7.108
X-SO-Key: ZIGF38Co5ucAAOzzFQAAAAAA
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"ZIGF38Co5ucAAOzzFQAAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"a-ad40214"}
X-SO-LB-Hostname: a-tgng40016.dc2p.scaleout.jp
X-SO-Upstream-ID: a-ad40214

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame C7B2 17 KB
6 KB 55ms
55ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 08 Jun 2023 07:40:15 GMT

GET
H/1.1 400
Bad Request gumgum Show response
cs.admanmedia.com/sync/ Frame 08F9 20 B
189 B 2830ms
2595ms Document
text/plain 80.77.87.161
NATCOWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://cs.admanmedia.com/sync/gumgum?puid=e_3669e6a6-26f5-4699-9b14-91acccedbe01&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=&gdpr_consent=&ccpa=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D84e816764fcbc1fd%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 80.77.87.161 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx /
Resource Hash: c1e253200f916f76ff84eed9148f10f19670158475f152653d064f4c6127558d

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Type: text/plain
Date: Thu, 08 Jun 2023 07:40:17 GMT
Server: nginx
Transfer-Encoding: chunked

GET
H/1.1 200
OK usermatchredir Show response
ssum-sec.casalemedia.com/ Frame C266 43 B
632 B 42ms
42ms Document
image/gif 185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D84e816764fcbc1fd%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif
Date: Thu, 08 Jun 2023 07:40:15 GMT
Expires: 0
Keep-Alive: timeout=1, max=496
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Server: Apache

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame 9A0C
Redirect Chain

https://creativecdn.com/cm-notify?pi=gumgum
https://usersync.gumgum.com/usersync?b=rth&i=N7fCtP1YxmCs0rveLB0j&pi=gumgum

35 B
250 B

57ms
56ms

Document
image/gif

52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=rth&i=N7fCtP1YxmCs0rveLB0j&pi=gumgum
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D84e816764fcbc1fd%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Thu, 08 Jun 2023 07:40:15 GMT
Expires: 0
Pragma: no-cache

Redirect headers

cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
date: Thu, 08 Jun 2023 07:40:15 GMT Thu, 08 Jun 2023 07:40:15 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://usersync.gumgum.com/usersync?b=rth&i=N7fCtP1YxmCs0rveLB0j&pi=gumgum
pragma: no-cache

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame DAF8
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
https://eus.rubiconproject.com/usync.html?p=gumgum

281 B
554 B

139ms
59ms

Document
text/html

23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D84e816764fcbc1fd%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 08 Jun 2023 07:40:15 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Thu, 08 Jun 2023 07:40:15 GMT
location: https://eus.rubiconproject.com/usync.html?p=gumgum
server: AkamaiGHost
server-timing: ak_p; desc="1686210015182_390277187_9870318_15_661_44_0_255";dur=1

GET
H3 200 congstarfont.woff2
s0.2mdn.net/creatives/assets/4234010/ Frame C7B2 98 KB
98 KB 41ms
40ms Font
font/woff2 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4234010/congstarfont.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10268516360994813842/1676550659977.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d019867c120344469403527c7d958861b81d0fc873813c97ee135f707d74122

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/10268516360994813842/1676550659977.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:32:57 GMT
x-content-type-options: nosniff
age: 438
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100772
x-xss-protection: 0
last-modified: Thu, 05 Aug 2021 09:13:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 08 Jun 2023 07:47:57 GMT

GET
H3 200 86bef0b5-fa75-4ca3-8394-cb7b5a474a45-3.woff
s0.2mdn.net/creatives/assets/1881029/ Frame C7B2 57 KB
57 KB 54ms
54ms Font
font/woff 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/1881029/86bef0b5-fa75-4ca3-8394-cb7b5a474a45-3.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10268516360994813842/1676550659977.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

853a8c7e34be5549a44fc541e13876f5c2838123142f527dab2265950feaeefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/10268516360994813842/1676550659977.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:32:10 GMT
x-content-type-options: nosniff
age: 485
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58447
x-xss-protection: 0
last-modified: Wed, 15 Feb 2017 10:23:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 08 Jun 2023 07:47:10 GMT

GET
H3 200 _gLG9aN8cjF7vXKbMeOxmtCOjM8PIsJVPzQXNT2dY7E.js Show response
pagead2.googlesyndication.com/bg/ Frame 8932 37 KB
14 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/_gLG9aN8cjF7vXKbMeOxmtCOjM8PIsJVPzQXNT2dY7E.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe02c6f5a37c72317bbd729b31e3b19ad08e8ccf0f22c2553f3417353d9d63b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 19:31:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 130138
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14773
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Jun 2024 19:31:17 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame DAF8 34 KB
10 KB 41ms
40ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 0b2cec4a7f5373abdc638ac2803d3edc6d119f64e1aacb62800bfd45eff17b73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Thu, 08 Jun 2023 07:40:15 GMT
Content-Encoding: gzip
Last-Modified: Wed, 07 Jun 2023 14:29:44 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=24513
Connection: keep-alive
Content-Length: 10113
Expires: Thu, 08 Jun 2023 14:28:48 GMT

GET
H2 200 sync Show response
vid.vidoomy.com/ Frame EC70 49 KB
18 KB 203ms
76ms Document
text/html 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.vidoomy.com/sync?limit=50&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D
Requested by: Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: ce33815b4c0f7c15686c773ff8b0e5092b36696a6c758ef499dc32e5a8f01e9a

Request headers

Referer: https://adxbid.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
content-encoding: gzip
content-type: text/html
date: Thu, 08 Jun 2023 07:40:15 GMT
etag: W/"64243ed7-c28e"
last-modified: Wed, 29 Mar 2023 13:36:23 GMT
server: CDN77-Turbo
vary: Accept-Encoding
x-77-cache: HIT
x-77-nzt: AcO1rw43ffn/risOAA
x-77-nzt-ray: 90833930e521cf91df8581643fc28823
x-77-pop: frankfurtDE
x-accel-date: 1685281329
x-accel-expires: @1686318129
x-age: 928686
x-cache: HIT

GET
H3 200 03032023-031223216-640_100_intro_animation_kompakt_einzelbilder-reduziert-234713879-1673-4e92-91cd-089543780eaa.gif
s0.2mdn.net/4528404/ Frame C7B2 5 KB
5 KB 41ms
40ms Image
image/gif 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/03032023-031223216-640_100_intro_animation_kompakt_einzelbilder-reduziert-234713879-1673-4e92-91cd-089543780eaa.gif

Requested by

Host: www.picuki.com
URL: https://www.picuki.com/profile/rudy_israel

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebf690a3dbb1cc85abbe0da33b0d4d3431873e69c97ead84ee79f1cef173fcba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/10268516360994813842/index.html?e=69&leftOffset=0&topOffset=0&c=pcCPQ3X2yb&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 14:46:32 GMT
x-content-type-options: nosniff
age: 60823
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5525
x-xss-protection: 0
last-modified: Fri, 03 Mar 2023 11:12:23 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 08 Jun 2023 14:46:32 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 70B7 0
20 B 77ms
77ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bdhuj3YWBZNPFK7Sn9u8PsvC5gA0AAAAAOAHgBAI&bg=!OTqlOm7NAAaGYqkwpmI7ADkAdvg8Wngw9zUv6kdXCXkHjJylocFh2nYr48PADEydrmW55Us6naCXSKAKkevE7TNvIF3EhseoTRICAAABt1IAAAADaAEHCgB9ruyU1huVzKDCNLFyI55Emz6Oq0Zyj2jsZxfTaIEkz7KMvErv0Iofo1a3PYgOIRilkA_ilPgSCqSUbMMPxtEPBJjTzxLqcV46uEPVjxu4Htk6nPZoMj-0IhYR1WXizYILPp-7Di-78rF7WP5YkBjIX59TyR8kxHxKFBfW6zmZAuR_rxgZHLYFLCABar99PyQerYD_giTXhElqW6C0Qp5aISxTRzHw6vMFZPHGZO8eIbTpl-xXd1K3hnqEriMsDBCzhIL5Tg28H7UEMG4uXfvJNAXKBQnE__e8NQzJWVVJHlfUhTq0o_vhFScHDfCgpuJDNwVzbNUNqulkIgwv4XlFlLwcaQ789XDbrtBOUe1Z2WNfCNGIsJIfmBc19dXNIITdjzMsdInn5SgOoeeTREGZx0zYw9Qjq1tj2JMQryr2AdtYnw8zSGFEZV6Cc5yOds9XY0BoEPcK9j7Y6g3AVrpfJzrjLTzRs3OYumRajGZq6Mm0VLGizERwMaYYD3zoSmDSHdEUFFn9ooLqgQ4RHAQf2eWepKmBQ913n5g8kcpycm5laTgu0S2gBSHaZ6Fdby-UAu0U-LyP6iOOrx3LEPhFgSf1etOmExsCt-imgYaUvhL-f3bEdsfqxlW6iwIjtW6vcaQ-x1QA76ea1LjqqZ7LQUtaHY1w8n0M0YSx4bpz5MQL3IO2qZtjWyCUAAN_kfF5AFhdmLTPbDXdUuknFV_6nb9sl-SSLivQREpHl7SIynspjYomkmNPt4Yb4Cef8wp-SsPw70rxjklF80uC8EIur5ZkllMoDu60SWvq8fHkP2UzXIJGAlzoSrkIIw3ZPRK9j7SqQL4e_q9hoIY9HRbEiXFIxtqNz-a7_k9yj7DwbGniwDXuGZJqGQLA-VH41MJqzQdsmYkmPg-WPoyPybupCEMFomqw54wPsoGe5diOHM83UHsdnlFbAraDVhXjAFeUfCiIc5ZdKMTMau08oBoV7aAhacAkp-Vi2f2IxD3jfdRIUuIylUyfGfyfTpoLdaa1E6XqXWyewyno51D-CzeSDFYo3wp109q1Bn18uP7fSY9QrsA2jDRFkcHw2ylqxMmHDSXMDOZw7fYXygRLpFmbWbB7PWcCW9viw63LZac_1HMRQh6KqKWpRXm_euR_mU5E0rHcpA

Requested by

Host: www.picuki.com
URL: https://www.picuki.com/profile/rudy_israel

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 07:40:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/03032023-031223216-640_100_intro_animation_kompakt_einzelbilder-reduziert-234713879-1673-4e92-91cd-089543780eaa.gif

Requested by

Host: www.picuki.com
URL: https://www.picuki.com/profile/rudy_israel

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebf690a3dbb1cc85abbe0da33b0d4d3431873e69c97ead84ee79f1cef173fcba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10268516360994813842/index.html?e=69&leftOffset=0&topOffset=0&c=pcCPQ3X2yb&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 14:46:32 GMT
x-content-type-options: nosniff
age: 60823
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5525
x-xss-protection: 0
last-modified: Fri, 03 Mar 2023 11:12:23 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 08 Jun 2023 14:46:32 GMT

GET
H/1.1

200
OK

setuid
user-sync.adxpremium.services/ Frame 3514
Redirect Chain

https://ssum.casalemedia.com/usermatchredir?s=194962&limit=50&cb=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dix%26uid%3D
https://user-sync.adxpremium.services/setuid?bidder=ix&uid=ZIGF3crsBtBhjTc7KJhXoQAA%261188

86 B
696 B

41ms
40ms

Image
image/png

135.125.163.79
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://user-sync.adxpremium.services/setuid?bidder=ix&uid=ZIGF3crsBtBhjTc7KJhXoQAA%261188
Requested by: Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Server: 135.125.163.79 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3190286.ip-135-125-163.eu
Software: /
Resource Hash: c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adxbid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:15 GMT
content-length: 86
content-type: image/png

Redirect headers

Pragma: no-cache
Date: Thu, 08 Jun 2023 07:40:15 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://user-sync.adxpremium.services/setuid?bidder=ix&uid=ZIGF3crsBtBhjTc7KJhXoQAA%261188
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=496
Content-Length: 0
Expires: 0

GET
H2 200 urlsvid.json Show response
vpaid.vidoomy.com/sync/ Frame EC70 1 KB
814 B 204ms
40ms XHR
application/json 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.vidoomy.com/sync/urlsvid.json
Requested by: Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?limit=50&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 81a4bd27e957576653d3059ac699bf25e16698b98a98e26a6a84cf1d6d9660b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vid.vidoomy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 08 Jun 2023 07:40:15 GMT
content-encoding: gzip
x-cache: HIT
x-77-cache: HIT
x-age: 939565
x-accel-date: 1685270450
x-77-nzt: AcO1rw5AWNv/LVYOAA
x-accel-expires: @1686307250
last-modified: Wed, 29 Mar 2023 10:31:18 GMT
server: CDN77-Turbo
etag: W/"64241376-446"
x-77-nzt-ray: 90833930fb222e99df85816494cf7635
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://vid.vidoomy.com
access-control-allow-credentials: true

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame C7A6 16 KB
6 KB 40ms
40ms Document
text/html 23.32.184.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by: Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://adxbid.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=59531
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Thu, 08 Jun 2023 07:40:15 GMT
expires: Fri, 09 Jun 2023 00:12:26 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame 3514 0
277 B 143ms
48ms Image
text/plain 216.52.2.91
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?limit=50&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
Requested by: Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.91 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adxbid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 08 Jun 2023 07:40:15 GMT
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2C97 0
20 B 73ms
73ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=510740750058&version=m202301230201&ct=76&x=8&cor=2546406033580412000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 07:40:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 i
api.purpleads.io/x/a/3baadb0026951e13281140297830fef1:961c755a0aaded6515323125ee04d0b4a9ee8cc8cc98b78f64ab4d29307efc19c01e3cbea06a2cd0c5710b01fb486a886fb92606e026141b2cd52de1c1bb723ae5d9f1fc32b0847... Frame 0
0 118ms
117ms Preflight 34.205.5.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.purpleads.io/x/a/3baadb0026951e13281140297830fef1:961c755a0aaded6515323125ee04d0b4a9ee8cc8cc98b78f64ab4d29307efc19c01e3cbea06a2cd0c5710b01fb486a886fb92606e026141b2cd52de1c1bb723ae5d9f1fc32b0847930c03d54331f862959922d14735f1daef0b653f59ea236923321ac591e36a99bc70e249d106c1725b063909ca459ac7a11808ba1d7093fc4a4ad6863e619b234d7b4440ce919d2f0/i?id=97601d0f-cdfd-4212-b0be-3a43ec20af2b&ts=1686210015968
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.205.5.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-205-5-140.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,pa-user-id,x-purpleads-version,x-request-url
Access-Control-Request-Method: GET
Origin: https://www.picuki.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization,content-type,pa-user-id,x-purpleads-version,x-request-url
access-control-allow-origin: https://www.picuki.com
access-control-expose-headers: pa-user-id
access-control-max-age: 86400
date: Thu, 08 Jun 2023 07:40:16 GMT

GET
H2 200 i Show response
api.purpleads.io/x/a/3baadb0026951e13281140297830fef1:961c755a0aaded6515323125ee04d0b4a9ee8cc8cc98b78f64ab4d29307efc19c01e3cbea06a2cd0c5710b01fb486a886fb92606e026141b2cd52de1c1bb723ae5d9f1fc32b0847... Frame 3C0E 15 B
243 B 244ms
244ms Fetch
application/json 34.205.5.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.purpleads.io/x/a/3baadb0026951e13281140297830fef1:961c755a0aaded6515323125ee04d0b4a9ee8cc8cc98b78f64ab4d29307efc19c01e3cbea06a2cd0c5710b01fb486a886fb92606e026141b2cd52de1c1bb723ae5d9f1fc32b0847930c03d54331f862959922d14735f1daef0b653f59ea236923321ac591e36a99bc70e249d106c1725b063909ca459ac7a11808ba1d7093fc4a4ad6863e619b234d7b4440ce919d2f0/i?id=97601d0f-cdfd-4212-b0be-3a43ec20af2b&ts=1686210015968
Requested by: Host: cdn.prplads.com
URL: https://cdn.prplads.com/agent.js?publisherId=843634950ae7da8212d7bc65d4f0a97e:52301e0c24b64bee47e1918518ccf6ca04407559b11da94db7a58977efa6c61b600e63c341130ae129833a140151abb43deee7f045746681acde1e0accf71bc7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.205.5.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-205-5-140.compute-1.amazonaws.com
Software: /
Resource Hash: 8063e5a51719c58189c7d5209a5f37b34d14764198145a3f84bfd11c062f11d2

Request headers

accept-language: de-DE,de;q=0.9
x-request-url: aHR0cHM6Ly93d3cucGljdWtpLmNvbS9wcm9maWxlL3J1ZHlfaXNyYWVs
pa-user-id: fee7587b-87f1-48d9-b711-e5199e84e7d2
Authorization: Bearer 843634950ae7da8212d7bc65d4f0a97e:52301e0c24b64bee47e1918518ccf6ca04407559b11da94db7a58977efa6c61b600e63c341130ae129833a140151abb43deee7f045746681acde1e0accf71bc7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: application/json
Accept: application/json
Referer: https://www.picuki.com/
x-purpleads-version: 3.0.5

Response headers

date: Thu, 08 Jun 2023 07:40:16 GMT
etag: W/"f-lWSD52foMX4qLT82tweJE091S9Q"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.picuki.com
access-control-expose-headers: pa-user-id
access-control-allow-credentials: true
content-length: 15

GET
H2 200 eyJpdSI6IjU3YTAwMjBlMjgzODhjZmI2ZmU3YjA5Y2JjNDFjZmZmZmY3M2YxMWQ1M2ZlYzExZTBhZDUyZjM3ZWIxMDE1OTEiLCJ3Ijo1MDAsImgiOjM3NSwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ Frame 60C6 35 KB
35 KB 132ms
41ms Image
image/webp 23.212.89.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjU3YTAwMjBlMjgzODhjZmI2ZmU3YjA5Y2JjNDFjZmZmZmY3M2YxMWQ1M2ZlYzExZTBhZDUyZjM3ZWIxMDE1OTEiLCJ3Ijo1MDAsImgiOjM3NSwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.picuki.com
URL: https://www.picuki.com/profile/rudy_israel
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.89.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-89-151.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 69f2ffffca046bf2fa8c90854002460047a8832e12d9b54075587004ac7a3886

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:16 GMT
last-modified: Tue, 30 May 2023 14:30:48 GMT
access-control-allow-methods: GET,POST
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=1714241
access-control-allow-credentials: false
x-traceid: b38485e9431b2315433ade94727781ee
timing-allow-origin: *, *
content-length: 35782

GET
H2 204 i
api.purpleads.io/x/a/3baadb0026951e13281140297830fef1:961c755a0aaded6515323125ee04d0b4a9ee8cc8cc98b78f64ab4d29307efc19c01e3cbea06a2cd0c5710b01fb486a886fb92606e026141b2cd52de1c1bb723ae5d9f1fc32b0847... Frame 60C6 0
126 B 264ms
263ms Image
text/plain 34.205.5.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.purpleads.io/x/a/3baadb0026951e13281140297830fef1:961c755a0aaded6515323125ee04d0b4a9ee8cc8cc98b78f64ab4d29307efc19c01e3cbea06a2cd0c5710b01fb486a886fb92606e026141b2cd52de1c1bb723ae5d9f1fc32b0847930c03d54331f862959922d14735f1daef0b653f59ea236923321ac591e36a99bc70e249d106c1725b063909ca459ac7a11808ba1d7093fc4a4ad6863e619b234d7b4440ce919d2f0/i?id=97601d0f-cdfd-4212-b0be-3a43ec20af2b
Requested by: Host: www.picuki.com
URL: https://www.picuki.com/profile/rudy_israel
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.205.5.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-205-5-140.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-origin: api.purpleads.io
date: Thu, 08 Jun 2023 07:40:16 GMT
access-control-expose-headers: pa-user-id
access-control-allow-credentials: true

GET
H/1.1 200
OK widgetGlobalEvent
log.outbrainimg.com/loggerServices/ Frame 60C6 4 B
325 B 463ms
116ms Image
application/json 64.202.112.31
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=24ce15dde6623ae342029186bf3082e7&pvId=24ce15dde6623ae342029186bf3082e7&sid=10044271&pid=45718&idx=1&wId=171&pad=1&org=0&tm=0&eT=3&cnsnt=no_consent
Requested by: Host: www.picuki.com
URL: https://www.picuki.com/profile/rudy_israel
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.31 Chicago, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jun 2023 07:40:16 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: fb58c951481b01f7e27b762515b84361
Content-Length: 4
Expires: 0

GET
H/1.1 200
OK log-viewability
log.outbrainimg.com/loggerServices/ Frame 60C6 4 B
325 B 464ms
116ms Image
application/json 64.202.112.31
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.outbrainimg.com/loggerServices/log-viewability?requestId=24ce15dde6623ae342029186bf3082e7&position=0
Requested by: Host: www.picuki.com
URL: https://www.picuki.com/profile/rudy_israel
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.31 Chicago, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jun 2023 07:40:16 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 09affcaa6b420f84eb939b54f4c8aa2d
Content-Length: 4
Expires: 0

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 3514 0
239 B 44ms
43ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-lupon&limit=50
Requested by: Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adxbid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 5b959e9b7aef6dd90a6fa539ca64ac62
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

setuid
user-sync.adxpremium.services/ Frame 3514
Redirect Chain

https://cm.adform.net/cookie?limit=50&redirect_url=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dadform%26uid%3D%24UID
https://user-sync.adxpremium.services/setuid?bidder=adform&uid=3774514616463086421

86 B
808 B

41ms
40ms

Image
image/png

135.125.163.79
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://user-sync.adxpremium.services/setuid?bidder=adform&uid=3774514616463086421
Requested by: Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Server: 135.125.163.79 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3190286.ip-135-125-163.eu
Software: /
Resource Hash: c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adxbid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:16 GMT
content-length: 86
content-type: image/png

Redirect headers

location: https://user-sync.adxpremium.services/setuid?bidder=adform&uid=3774514616463086421
date: Thu, 08 Jun 2023 07:40:16 GMT
server: nginx
content-length: 0
content-type: text/plain

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame 6DD5 0
128 B 57ms
48ms Script
text/plain 185.64.190.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=156631&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:16 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame A560 2 KB
2 KB 47ms
47ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=52277900&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 6f6e284d4b297045ba38e8edcf387aa6ac7a8cf022006457858e0942b329097b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Thu, 08 Jun 2023 07:40:15 GMT
content-length: 1570
content-type: text/html; charset=UTF-8

GET
H2 200 match Show response
c1.adform.net/serving/cookie/ Frame F207 35 B
591 B 39ms
39ms Document
image/gif 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?party=14&cid=F1189970-D5EB-4D10-A457-2B376BA0A465&gdpr=0&gdpr_consent=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
date: Thu, 08 Jun 2023 07:40:17 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

i.match Show response
s.tribalfusion.com/z/ Frame A266
Redirect Chain

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...

43 B
414 B

197ms
196ms

Document
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache private
cf-cache-status: DYNAMIC
cf-ray: 7d3f7c605f3d3807-FRA
content-length: 43
content-type: image/gif; charset=utf-8
date: Thu, 08 Jun 2023 07:40:17 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
x-function: 302

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache private
cf-cache-status: DYNAMIC
cf-ray: 7d3f7c5f0dec3807-FRA
content-type: text/html
date: Thu, 08 Jun 2023 07:40:17 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
x-function: 206
x-reuse-index: 60

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame D4E3
Redirect Chain

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1686210017142
https://ad.turn.com/r/cs?pid=45&rndcb=6738148346
https://sync.1rx.io/usersync/turn/7058944085178254639?dspret=1&gdpr=&gdpr_consent=&us_privacy=
https://sync.targeting.unrulymedia.com/csync/RX-066a66fc-e29c-4985-983a-818a7e1795f8-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-066a66fc-e29c-4985-983a-818a7e1795f8-003

42 B
333 B

48ms
48ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-066a66fc-e29c-4985-983a-818a7e1795f8-003
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Thu, 08 Jun 2023 07:40:17 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-type: text/html
date: Thu, 08 Jun 2023 07:40:17 GMT
etag: RX066a66fce29c4985983a818a7e1795f8003
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-066a66fc-e29c-4985-983a-818a7e1795f8-003
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

GET
H/1.1 204
No Content pub
matching.truffle.bid/sync/ Frame 1AB4 0
0 127ms
38ms Document
text/plain 162.55.120.196
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

162.55.120.196 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.196.120.55.162.clients.your-server.de

Software

nginx/1.23.3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Date: Thu, 08 Jun 2023 07:40:17 GMT
Server: nginx/1.23.3
Strict-Transport-Security: max-age=15768000

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame EB57
Redirect Chain

https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:D998252CA44F4710BFAB481463D50A6D&gdpr=0&gdpr_consent=

1 B
73 B

47ms
47ms

Document
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:D998252CA44F4710BFAB481463D50A6D&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 1
content-type: text/html; charset=utf-8
date: Thu, 08 Jun 2023 07:40:17 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-length: 142
content-type: text/html
date: Thu, 08 Jun 2023 07:40:17 GMT
expires: Wed, 07 Jun 2023 07:40:17 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:D998252CA44F4710BFAB481463D50A6D&gdpr=0&gdpr_consent=
server: openresty
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff

GET
H2 200 um Show response
u-ams03.e-planning.net/ Frame FDF0 42 B
103 B 39ms
39ms Document
image/gif 193.3.178.3
E-PLANNING-

General

Check archive.org

Show headers Download Go to

Full URL: https://u-ams03.e-planning.net/um?dc=a208d9366469aa64&fi=719ef7d6c453fa93&uid=F1189970-D5EB-4D10-A457-2B376BA0A465
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-type: image/gif
date: Thu, 08 Jun 2023 07:40:17 GMT
server: openresty

GET
H2 200 mw
mwzeom.zeotap.com/ Frame A560 95 B
195 B 53ms
52ms Image
image/png 2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=F1189970-D5EB-4D10-A457-2B376BA0A465

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:17 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 7d3f7c5e8ae9902e-FRA
access-control-allow-headers: *
content-length: 95

GET
H/1.1

200
OK

info2
uipglob.semasio.net/pubmatic/1/ Frame A560
Redirect Chain

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=F1189970-D5EB-4D10-A457-2B376BA0A465&sInitiator=external&gdpr=0&gdpr_consent=
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=F1189970-D5EB-4D10-A457-2B376BA0A465&sInitiator=external&gdpr=0&gdpr_consent=

42 B
603 B

53ms
53ms

Image
image/gif

77.243.51.121
NETIC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=F1189970-D5EB-4D10-A457-2B376BA0A465&sInitiator=external&gdpr=0&gdpr_consent=
Requested by: Host: www.picuki.com
URL: https://www.picuki.com/profile/rudy_israel
Protocol: HTTP/1.1
Server: 77.243.51.121 , Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 07:40:28 GMT
frontend-id: 5
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type: image/gif
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin: *
content-length: 42
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 08 Jun 2023 07:40:28 GMT
frontend-id: 6
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location: /pubmatic/1/info2?sType=sync&sExtCookieId=F1189970-D5EB-4D10-A457-2B376BA0A465&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin: *
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H2

200

generic
match.adsrvr.org/track/cmf/ Frame A560
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=F1189970-D5EB-4D10-A457-2B376BA0A465&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0

70 B
264 B

57ms
57ms

Image
image/gif

3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol: H2
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 08 Jun 2023 07:40:17 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
content-length: 0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame A560
Redirect Chain

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2010292523365572458

42 B
95 B

47ms
47ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2010292523365572458
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Thu, 08 Jun 2023 07:40:17 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Thu, 08 Jun 2023 07:40:17 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 80.255.7.108; 80.255.7.108; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: b7706ef8-624e-47ab-bc0c-9970f36b9302
Server: nginx/1.23.2
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2010292523365572458
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 0D13 0
39 B 47ms
47ms Script
text/plain 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=20936158&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent={gdpr_consent}&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent={gdpr_consent}&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:16 GMT
content-length: 0

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame BFAB 47 B
226 B 47ms
47ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=91088449&p=158127&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Thu, 08 Jun 2023 07:40:15 GMT
content-length: 47
content-type: text/html; charset=UTF-8

GET
H3 200 logo.svg
s0.2mdn.net/sadbundle/10268516360994813842/ Frame C7B2 5 KB
2 KB 40ms
40ms Image
image/svg+xml 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10268516360994813842/logo.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10268516360994813842/1676550659977.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b810f1d6c9c09f151e83b74626ee412411683ef6c247520f049d2bacadf5db9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10268516360994813842/1676550659977.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 21:51:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 467320
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1620
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 16:02:01 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 01 Jun 2024 21:51:37 GMT

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame EC70 0
239 B 42ms
41ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-vidoomy&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: www.picuki.com
URL: https://www.picuki.com/profile/rudy_israel
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vid.vidoomy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 5b959e9b7aef6dd90a6fa539ca64ac62
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

204

pbscookie
a.vidoomy.com/api/rtbserver/ Frame EC70
Redirect Chain

https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D%24UID%26vid%3Da6f37f0123013099a595be2217fc435a%26dspid%3Dadf
https://a.vidoomy.com/api/rtbserver/pbscookie?uid=3774514616463086421&vid=a6f37f0123013099a595be2217fc435a&dspid=adf

0
196 B

198ms
40ms

Image
text/plain

3.64.110.9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.vidoomy.com/api/rtbserver/pbscookie?uid=3774514616463086421&vid=a6f37f0123013099a595be2217fc435a&dspid=adf
Requested by: Host: www.picuki.com
URL: https://www.picuki.com/profile/rudy_israel
Protocol: H2
Server: 3.64.110.9 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-64-110-9.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vid.vidoomy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 08 Jun 2023 07:40:17 GMT
access-control-expose-headers: X-VD-C
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS

Redirect headers

location: https://a.vidoomy.com/api/rtbserver/pbscookie?uid=3774514616463086421&vid=a6f37f0123013099a595be2217fc435a&dspid=adf
date: Thu, 08 Jun 2023 07:40:17 GMT
server: nginx
content-length: 0
content-type: text/plain

GET
H2

204

pbscookie
a.vidoomy.com/api/rtbserver/ Frame EC70
Redirect Chain

https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D$%7BUID%7D%26vid%3Da6f37f0123013099a595be2217fc435a%26dspid%3Dopenx
https://a.vidoomy.com/api/rtbserver/pbscookie?uid=8464df2e-e98c-4dce-abb6-8bc9643cf375&vid=a6f37f0123013099a595be2217fc435a&dspid=openx

0
195 B

193ms
40ms

Image
text/plain

3.64.110.9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.vidoomy.com/api/rtbserver/pbscookie?uid=8464df2e-e98c-4dce-abb6-8bc9643cf375&vid=a6f37f0123013099a595be2217fc435a&dspid=openx
Requested by: Host: www.picuki.com
URL: https://www.picuki.com/profile/rudy_israel
Protocol: H2
Server: 3.64.110.9 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-64-110-9.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vid.vidoomy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 08 Jun 2023 07:40:17 GMT
access-control-expose-headers: X-VD-C
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS

Redirect headers

pragma: no-cache
date: Thu, 08 Jun 2023 07:40:17 GMT
via: 1.1 google
content-type: text/html; charset=utf-8
location: https://a.vidoomy.com/api/rtbserver/pbscookie?uid=8464df2e-e98c-4dce-abb6-8bc9643cf375&vid=a6f37f0123013099a595be2217fc435a&dspid=openx
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 166

GET
H/1.1 200 usersync Show response
usersync.gumgum.com/ Frame DB21 35 B
250 B 57ms
56ms Document
image/gif 52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=pbm&i=F1189970-D5EB-4D10-A457-2B376BA0A465
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Thu, 08 Jun 2023 07:40:17 GMT
Expires: 0
Pragma: no-cache

GET
H/1.1 200 usersync Show response
usersync.gumgum.com/ Frame 1368 35 B
250 B 56ms
55ms Document
image/gif 52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=pbm&i=F1189970-D5EB-4D10-A457-2B376BA0A465
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Thu, 08 Jun 2023 07:40:17 GMT
Expires: 0
Pragma: no-cache

GET
H2 200 um Show response
u-ams03.e-planning.net/ Frame 7E76 42 B
103 B 39ms
39ms Document
image/gif 193.3.178.3
E-PLANNING-

General

Check archive.org

Show headers Download Go to

Full URL: https://u-ams03.e-planning.net/um?dc=a208d9366469aa64&fi=719ef7d6c453fa93&uid=F1189970-D5EB-4D10-A457-2B376BA0A465
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-type: image/gif
date: Thu, 08 Jun 2023 07:40:17 GMT
server: openresty

GET
H/1.1 200
OK csync Show response
sync.adtelligent.com/ Frame A37B 43 B
473 B 112ms
112ms Document
image/gif 23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=281178&extuid=F1189970-D5EB-4D10-A457-2B376BA0A465
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Length: 43
Content-Type: image/gif
Date: Thu, 08 Jun 2023 07:40:16 GMT
Etag: 6c9c680cf91140a1
Server: Adtelligent

GET
H/1.1 200
OK csync Show response
sync.adtelligent.com/ Frame 82AB 43 B
473 B 112ms
112ms Document
image/gif 23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=558003&extuid=F1189970-D5EB-4D10-A457-2B376BA0A465
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent={gdpr_consent}&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Length: 43
Content-Type: image/gif
Date: Thu, 08 Jun 2023 07:40:17 GMT
Etag: 6c9c680cf91140a1
Server: Adtelligent

GET
H/1.1 200 usersync Show response
usersync.gumgum.com/ Frame A46D 35 B
250 B 56ms
56ms Document
image/gif 52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=pbm&i=F1189970-D5EB-4D10-A457-2B376BA0A465
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Thu, 08 Jun 2023 07:40:18 GMT
Expires: 0
Pragma: no-cache

GET
H/1.1 200
OK csync Show response
sync.adtelligent.com/ Frame D96A 43 B
473 B 112ms
111ms Document
image/gif 23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=281178&extuid=F1189970-D5EB-4D10-A457-2B376BA0A465
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Length: 43
Content-Type: image/gif
Date: Thu, 08 Jun 2023 07:40:17 GMT
Etag: 6c9c680cf91140a1
Server: Adtelligent

GET
H2 200 um Show response
u-ams03.e-planning.net/ Frame 13B4 42 B
103 B 39ms
38ms Document
image/gif 193.3.178.3
E-PLANNING-

General

Check archive.org

Show headers Download Go to

Full URL: https://u-ams03.e-planning.net/um?dc=a208d9366469aa64&fi=84e816764fcbc1fd&uid=F1189970-D5EB-4D10-A457-2B376BA0A465
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D84e816764fcbc1fd%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-type: image/gif
date: Thu, 08 Jun 2023 07:40:18 GMT
server: openresty

GET
H/1.1 200 usersync Show response
usersync.gumgum.com/ Frame 449C 35 B
250 B 56ms
55ms Document
image/gif 52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=pbm&i=F1189970-D5EB-4D10-A457-2B376BA0A465
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Thu, 08 Jun 2023 07:40:18 GMT
Expires: 0
Pragma: no-cache

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2C97 42 B
64 B 75ms
75ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvRdxfKXCHL9_n-KoapYI0ep3n0G3QzqSUcnJ_EUP95joXn4MilJD6-k8Kg5NozVaMv9A4zB2oDQZKSKgerWLlctf77tDLBbp8&sig=Cg0ArKJSzEt7AUPr7CknEAE&id=lidar2&mcvt=1000&p=0,0,50,320&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230607&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=34&adk=0&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1686210013390&rpt=1250&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 07:40:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK cw_vtr.php Show response
served-by.pixfuture.com/www/headerbid/library/tracking/ 0
189 B 113ms
112ms XHR
text/plain 161.35.253.218
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://served-by.pixfuture.com/www/headerbid/library/tracking/cw_vtr.php?
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/cw/cw_ad.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 161.35.253.218 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.picuki.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 08 Jun 2023 07:40:18 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/03032023-031223216-640_100_intro_animation_kompakt_einzelbilder-reduziert-234713879-1673-4e92-91cd-089543780eaa.gif

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10268516360994813842/1676550659977.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebf690a3dbb1cc85abbe0da33b0d4d3431873e69c97ead84ee79f1cef173fcba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10268516360994813842/index.html?e=69&leftOffset=0&topOffset=0&c=pcCPQ3X2yb&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 14:46:32 GMT
x-content-type-options: nosniff
age: 60826
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5525
x-xss-protection: 0
last-modified: Fri, 03 Mar 2023 11:12:23 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 08 Jun 2023 14:46:32 GMT

GET
H2 200 dc_oe=ChMIk6iJ55Wz_wIVtJP9Bx0yeA7QEAAYACC63uxKQhMI0YLn5pWz_wIVGU7gCh02pA_R;stragg=1;&timestamp=1686210018544;str=Show%20Slide%200;strtype=1
ade.googlesyndication.com/ddm/activity/ Frame 2C97 42 B
401 B 178ms
76ms Image
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIk6iJ55Wz_wIVtJP9Bx0yeA7QEAAYACC63uxKQhMI0YLn5pWz_wIVGU7gCh02pA_R;stragg=1;&timestamp=1686210018544;str=Show%20Slide%200;strtype=1

Requested by

Host: www.picuki.com
URL: https://www.picuki.com/profile/rudy_israel

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 07:40:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK setuid Show response
user-sync.adxpremium.services/ Frame DA57 86 B
952 B 42ms
42ms Document
image/png 135.125.163.79
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://user-sync.adxpremium.services/setuid?bidder=pubmatic&uid=F1189970-D5EB-4D10-A457-2B376BA0A465
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 135.125.163.79 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3190286.ip-135-125-163.eu
Software: /
Resource Hash: c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 86
content-type: image/png
date: Thu, 08 Jun 2023 07:40:18 GMT

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame A560 0
129 B 50ms
48ms Script
text/plain 185.64.190.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=156631&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D719ef7d6c453fa93%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 02:34:36 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK setuid Show response
user-sync.adxpremium.services/ Frame EC70 86 B
1 KB 41ms
41ms Document
image/png 135.125.163.79
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://user-sync.adxpremium.services/setuid?bidder=vidoomy&uid=a6f37f0123013099a595be2217fc435a
Requested by: Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?limit=50&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 135.125.163.79 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3190286.ip-135-125-163.eu
Software: /
Resource Hash: c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

Referer: https://vid.vidoomy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 86
content-type: image/png
date: Thu, 08 Jun 2023 07:40:19 GMT

POST
H2 200 ajax.php Show response
www.picuki.com/app/controllers/ 0
303 B 160ms
159ms XHR
text/html 172.67.68.160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.picuki.com/app/controllers/ajax.php
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.68.160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://www.picuki.com/profile/rudy_israel
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Thu, 08 Jun 2023 07:40:20 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6UeYmB9rEr%2BlXirgL0DZNIEGFbMHGQZsk0U7mklnN28FFD%2FsOPEKn0XgruV9CLWhThOaU%2FG3fSx7oYgwOTOjCR5L8LBPLmqcXOVaenASZVOQETet0KEsjtBIWZCxShnM"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 7d3f7c710e022c46-FRA

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 89ms
89ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202306050101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306050101/pubads_impl.js?cb=31075139

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b0a585ffc56c640df80dbc13b94613a571ae899a21c14de7489322a7a4696cb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11115
x-xss-protection: 0

GET
H2 200 sync Show response
eb2.3lift.com/ Frame 42CF 37 B
139 B 40ms
40ms Document
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?max=10&cb=80177
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-e09f10f-032e20a2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://www.picuki.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Thu, 08 Jun 2023 07:40:21 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 08 Jun 2023 07:40:21 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5E71 13 KB
5 KB 40ms
39ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.picuki.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1273
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 08 Jun 2023 07:19:08 GMT
expires: Fri, 07 Jun 2024 07:19:08 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 615A 783 B
537 B 51ms
51ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

be3b1ca3a392481d33d0571a701e9c49349a63cbf94b5b5455f8378740fd8ac1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-m6WPDM6zEk39Ne-LdR034A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.picuki.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 515
content-security-policy: script-src 'report-sample' 'nonce-m6WPDM6zEk39Ne-LdR034A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 08 Jun 2023 07:40:21 GMT
expires: Thu, 08 Jun 2023 07:40:21 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 _gLG9aN8cjF7vXKbMeOxmtCOjM8PIsJVPzQXNT2dY7E.js Show response
pagead2.googlesyndication.com/bg/ Frame 5E71 37 KB
14 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/_gLG9aN8cjF7vXKbMeOxmtCOjM8PIsJVPzQXNT2dY7E.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe02c6f5a37c72317bbd729b31e3b19ad08e8ccf0f22c2553f3417353d9d63b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 19:31:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 130144
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14773
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Jun 2024 19:31:17 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 615A 0
0 74ms
73ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202306050101&jk=1130041999921449&rc=null
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 5E71 0
10 B 41ms
41ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?a__v_w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:40:21 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 78ms
78ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202306050101&jk=1130041999921449&bg=!MjGlMWXNAAaGYqkwpmI7ADkAdvg8Wv3kGzVR_1EcgJ0-2PQjYM9u1yROWn3CppJ2txI0WvNX_PVVMJFyZkopMB8BhO1Qh-Bysb0CAAAAX1IAAAADaAEHCgA0W4NZqHm6oiofDRUwNOKNkV9LJtMr1mNc4hznH0OqvI4YQWeQfZhT4BDf9BwKECUzWVN4FpkC7WV1XpLXCoZnq6iXiKc4GhwSz92q4WBPAObA8CieOQgwouQUEcsUdMep98brR8E7njgeyMlpnnuOavX6jRuWC61n_jVVPmdV1-XoGoDqEUKKIBV97284938JS5X5jwwGuoEPYe_s01CIvNZ_KRHOYc2sXLFMyAz3xMYWwDklPusFyR7mX83QRoQQZZAquKOghhCxnVbD0pCXrAZLMz96xyPRM5-5hffvAHEpde-G4Vo8UpwXWjxVi7mYMcYVJaUuJxNk27ayfB1t-FNWJd7s8EaJ6hyy73uHW2JtOodx1NqfJ471symilers7uOxuDlkzK_JoKzIzCPXxMMAQkKT0u3zd6YKHddAwkdRZlcYzJfFWsr_9KrsjHTwKK2hhuo9gFk4Q1kffNaNzcr6Izvzt8e-ba75QmNXWv9MxNwXjFtA6VrH08Jt-9j2aamfY7AMh7I0SQUvL7spsIj6z8F46f43WdI9O_-4puBMDzRP0p0pepeAXGIwcn3GsxF4Z79uve22JzYdQnFlQjQWrfLUXh_E8DnEmo3LZyxuZ92L54HKqeZ3Ls2z4CWQKqM0xwSR1XiAQ55_v1JMI13JXDB0E2p79OZIqH1wvxX4dImvrRSZ_j-Xfbk07LPg_wkcQ4QF_MnA53SqI5fZSZlY2-EKOg2Djw4P-aD3JZhL5wlHdYUpB_hsf4PQJqBhKqGRoDia5XXEHL6YEZUUgX7PD7KmooPuvma-W5Ca-bcOABOdTqEx1gp0jMeZeNMcUsXHxaSRTJVPi3xun6EEU0P8DHd6dpntet7DsRg64UODy0bYlLJl0AGTw9fMlpYsrGObmI6LaAUnPQEtFaUQSWsQeaVbAVaos6hA1Qv01CeGP8TWHntvG3RzXKx60KvaLPofdhXxv5DZLm8QCtN-f2ISnmpTveV_Wr3vnoJwNyCQRUkpp9kZ3LAfgv7qX2odAJtrvJHwVvHdhiulQsUrKqP8LPFYT9GCj0djrzhvwjg2g5XE
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picuki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ 0
73 B 204ms
48ms Ping
text/plain 99.83.181.31

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/6a105cf8-5d47-4e0a-8c4b-7c60422256d2/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.picuki.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 08 Jun 2023 07:40:24 GMT
content-length: 0
vary: Origin

POST
H2 200 metrics
signal-metrics-collector-beta.s-onetag.com/ 0
72 B 83ms
49ms Ping
text/plain 99.83.181.31

General

Check archive.org

Show headers Download Go to

Full URL: https://signal-metrics-collector-beta.s-onetag.com/metrics
Requested by: Host: signal-beacon.s-onetag.com
URL: https://signal-beacon.s-onetag.com/beacon.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.picuki.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 08 Jun 2023 07:40:24 GMT
content-length: 0
vary: Origin

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tag.1rx.io
URL: https://tag.1rx.io/rmp/247379/0/mvo?z=1r&hbv=6.6,2.1

Domain: fid.agkn.com
URL: https://fid.agkn.com/f?apiKey=2194730263&i4=80.255.7.108&r=https%3A%2F%2Fwww.picuki.com%2Fprofile%2Frudy_israel

Domain: api.rlcdn.com
URL: https://api.rlcdn.com/api/identity/envelope?pid=c2d18b01-4905-4aba-a83e-e41eac932694

Domain: fid.agkn.com
URL: https://fid.agkn.com/f?apiKey=2194730263&i4=80.255.7.108&r=https%3A%2F%2Fwww.picuki.com%2Fprofile%2Frudy_israel

Verdicts & Comments Add Verdict or Comment

329 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

174 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.picuki.com/	1970-01-20 12:23:31	Name: stpdOrigin Value: {"origin":"direct"}
.picuki.com/	1970-01-20 21:59:30	Name: _ga_D9ZR5E8BN1 Value: GS1.1.1686210010.1.0.1686210010.0.0.0
www.picuki.com/	1970-01-20 13:06:42	Name: _pbjs_userid_consent_data Value: 3524755945110770
.picuki.com/	1970-01-20 21:59:30	Name: _ga Value: GA1.2.1356459163.1686210010
.picuki.com/	1970-01-20 12:24:56	Name: _gid Value: GA1.2.409458181.1686210010
.picuki.com/	1970-01-20 12:23:30	Name: _gat_gtag_UA_153071106_1 Value: 1
.picuki.com/	1970-01-20 12:23:31	Name: __cf_bm Value: _adWv1LLjNJnA1tZt3N9lwZQ1yd5pLtU3RrvMP6zSbE-1686210010-0-ATSDachhbu0yrima87wG1rUfRRJpFnQasenT0JR3lbydRfJ5uD7gb71v6R8n6iNdcA==
.picuki.com/	1970-01-20 12:23:30	Name: lotame_domain_check Value: picuki.com
.criteo.com/	1970-01-20 21:45:06	Name: uid Value: 24dcf996-0278-46a9-bb1f-49e037f69146
.adnxs.com/	1970-01-20 14:33:06	Name: icu Value: ChgIuJJ8EAoYASABKAEw2ouGpAY4AUABSAEQ2ouGpAYYAA..
.adnxs.com/	1970-01-20 14:33:06	Name: uuid2 Value: 2010292523365572458
.openx.net/	1970-01-20 21:09:06	Name: i Value: 6e166fb8-f994-41d0-9aec-833481400205\|1686210010
.picuki.com/	1970-01-20 21:45:06	Name: __gads Value: ID=06ca195b962b2dfc:T=1686210011:RT=1686210011:S=ALNI_MaNlhApAfaJ9ccfRlliU2Y1-i9RBw
.picuki.com/	1970-01-20 21:45:06	Name: __gpi Value: UID=00000c2d4af0531b:T=1686210011:RT=1686210011:S=ALNI_MZ8qSItVfHJGUPpdy3NwekgwhdUSA
.picuki.com/	1970-01-20 21:45:06	Name: cto_bundle Value: 4bhD2F94d2xNR00wVldtVzYzSWdmVmtISjVzR0o3RTklMkJhY1ZhRjl2WkFaTGlWb2VkSHQ3a2hWbzEzWndNSDduVkdEUmdMMTVSUUZXQTZlTWwxcXBWWWE4JTJGJTJCJTJGdTJyQmpMUyUyQmRXMERrb1N0Nk5sa0ptekU4ejFoRkQ2bDFIREd3SXRiRFBYdzh3dVV2MUhhRFV3JTJGJTJGM2t0TCUyRlBRJTNEJTNE
.doubleclick.net/	1970-01-20 21:45:06	Name: IDE Value: AHWqTUnuXHiMdqajzs8AUES0m7AJvlIl7qwQmfo481uItzoNvAMvKg9zm8GcfDSqImY
.agkn.com/	1970-01-20 21:09:06	Name: ab Value: 0001%3AQrgWQ3Z%2B%2FaH20D%2FnBv02DqjrwimLClUz
.bing.com/	1970-01-20 21:45:06	Name: MUID Value: 2BE67E3FB99C6E241C3A6D15B87B6FCA
.picuki.com/	1970-01-20 16:42:42	Name: _pubcid Value: dd440342-4b7d-4c0b-9152-0ed9341d1522
www.picuki.com/	1970-01-20 12:23:33	Name: _lr_retry_request Value: true
www.picuki.com/	1970-01-20 13:06:42	Name: _lr_env_src_ats Value: false
.adnxs.com/	1970-01-20 14:33:06	Name: anj Value: dTM7k!M4/8CxrEQF']wIg2GTuLLzrA!@wnf-Te9(>wL5L!!'3:$W%m:
www.picuki.com/	1970-01-20 13:49:54	Name: pbjs-unifiedid Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-06-08T07%3A40%3A12%22%7D
.rubiconproject.com/	1970-01-20 21:09:06	Name: khaos Value: LIMTWKIL-5-GIAW
.rubiconproject.com/	1970-01-20 21:09:06	Name: audit Value: 1\|naVuGyos1qr/a3L1CQf1VgNb0fGVcfL/XWaA1sYWTLG+SmvwaNDOnqfdrz8Eo+QrTwaw2FbLgj9YcuwTFue3FCL5hAXvaZVpaZ+OBOzUVQw=
.go.sonobi.com/	1970-01-20 13:06:42	Name: __uis Value: 08221a35-5265-4cf1-9668-c7b54ee00d97
.go.sonobi.com/	1970-01-20 12:24:56	Name: _usd_picuki.com Value: f470b2e7-b76c-4f4d-a9fa-8b6a7f9c8fc9
.go.sonobi.com/	1970-01-20 21:09:06	Name: __uin_tl Value: 3296843075967034943785
.go.sonobi.com/	1970-01-20 21:09:06	Name: __uin_td Value: 00561ba9-d192-4cd9-aba5-1fb22841ee88
.go.sonobi.com/	1970-01-20 21:09:06	Name: __uin_mm Value: ab2e645f-8de5-4700-9279-cc7f9d9519d8
.go.sonobi.com/	1970-01-20 21:09:06	Name: __uin_zt Value: 2810316561606387844
.go.sonobi.com/	1970-01-20 21:09:06	Name: __uin_yh Value: y-mB12zdFE2uG112bBVGbuefpIwv222PIXcfqnppk-~A
.go.sonobi.com/	1970-01-20 21:09:06	Name: __uin_pp Value: Zbmwa6vUN331
.go.sonobi.com/	1970-01-20 21:09:06	Name: __uin_bw Value: c02d6eef-2b75-4fa2-8c8b-7d449de267bc
.go.sonobi.com/	1970-01-20 12:23:30	Name: __uih Value: 1
.go.sonobi.com/	1970-01-20 21:09:06	Name: __uin_z1 Value: 1
.go.sonobi.com/	1970-01-20 12:24:04	Name: __uir_z1 Value: 58734588319541964
.go.sonobi.com/	1970-01-20 12:42:13	Name: __uir_eb Value: 58734588319541964
.bidswitch.net/	1970-01-20 21:09:06	Name: tuuid Value: 395da4e5-7a73-425d-b97d-bc53dd5eb6ea
.bidswitch.net/	1970-01-20 21:09:06	Name: c Value: 1686210012
.bidswitch.net/	1970-01-20 21:09:06	Name: tuuid_lu Value: 1686210012
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8A Value: s85115\|ZIGF4
ads.us.e-planning.net/	1969-12-31 23:59:59	Name: CT Value: 1
.e-planning.net/	1970-01-20 21:59:30	Name: E Value: AIOxlFouGHXuimNR
.zeotap.com/	1970-01-20 21:09:06	Name: zc Value: 79a64fcc-6cfc-4445-7207-8c3d4a87e46c
.casalemedia.com/	1970-01-20 21:09:06	Name: CMID Value: ZIGF3crsBtBhjTc7KJhXoQAA
.casalemedia.com/	1970-01-20 14:33:06	Name: CMPS Value: 1188
.casalemedia.com/	1970-01-20 14:33:06	Name: CMPRO Value: 1188
prebidserver.pixfuture.com/	1970-01-20 14:33:06	Name: uids Value: eyJ0ZW1wVUlEcyI6eyJlcGxhbm5pbmciOnsidWlkIjoiQUlPeGxGb3VHSFh1aW1OUiIsImV4cGlyZXMiOiIyMDIzLTA2LTIyVDA3OjQwOjEzLjg0MjIzODkzMVoifSwiZ3JpZCI6eyJ1aWQiOiIzOTVkYTRlNS03YTczLTQyNWQtYjk3ZC1iYzUzZGQ1ZWI2ZWEiLCJleHBpcmVzIjoiMjAyMy0wNi0yMlQwNzo0MDoxMi45NzQyMjAzMTdaIn19LCJiZGF5IjoiMjAyMy0wNi0wOFQwNzo0MDoxMi45NzQyMDM1OTVaIn0=
.gumgum.com/	1970-01-20 21:09:06	Name: vst Value: e_3669e6a6-26f5-4699-9b14-91acccedbe01
.tapad.com/	1970-01-20 13:49:54	Name: TapAd_TS Value: 1686210013952
.tapad.com/	1970-01-20 13:49:54	Name: TapAd_DID Value: 23792f1e-5155-4657-8295-3ca526e3c4a5
.pubmatic.com/	1970-01-20 21:09:06	Name: KADUSERCOOKIE Value: F1189970-D5EB-4D10-A457-2B376BA0A465
.disqus.com/	1970-01-20 21:09:06	Name: zeta-ssp-user-id Value: ua-b2417b94-1c48-3964-97db-0ba5156b743c
.simpli.fi/	1970-01-20 21:10:32	Name: suid Value: D998252CA44F4710BFAB481463D50A6D
.tapad.com/	1970-01-20 13:49:54	Name: TapAd_3WAY_SYNCS Value:
.demdex.net/	1970-01-20 16:42:42	Name: demdex Value: 35334879380354041431483445415835073194
.adfarm1.adition.com/	1970-01-20 14:33:06	Name: UserID1 Value: 7242216864319142038
.ads.avads.net/	1970-01-20 21:59:30	Name: av-mid Value: 34a20656-135b-472d-a6d1-d1724b320c30
.ads.avads.net/	1970-01-20 12:26:22	Name: av-tp-bsw Value: 1
cookies.nextmillmedia.com/	1970-01-20 12:33:34	Name: NMUID Value: csuid_038148ae-9f03-4456-a7d3-49f8363efbfe
.weborama.fr/	1970-01-20 21:49:25	Name: AFFICHE_W Value: wdomh95Vw0vB34
www.picuki.com/	1970-01-20 13:06:42	Name: hb_insticator_uid Value: a50d28fe-33b6-43cb-ac18-6287bfb84409
.admanmedia.com/	1970-01-20 21:09:06	Name: admtr Value: 9a2e25f0-20cf-4c77-9dab-195c52e0b736
.prebid.a-mo.net/	1970-01-20 21:09:06	Name: __amc Value: 2_1686210010_1686210014
.yahoo.com/	1970-01-20 21:09:27	Name: A3 Value: d=AQABBN6FgWQCEFOMZjOKGq338Vw3FWBXjjAFEgEBAQHXgmSLZAAAAAAA_eMAAA&S=AQAAAscyD3gtCpSXaA7n5aDD8aE
.dpm.demdex.net/	1970-01-20 16:42:42	Name: dpm Value: 35334879380354041431483445415835073194
.krxd.net/	1970-01-20 16:42:42	Name: _kuid_ Value: PmkSaeTL
.scoota.co/	1970-01-20 21:59:30	Name: tuuid Value: 882165fd-8124-4f91-82f3-530e3c4e40ee
.scoota.co/	1970-01-20 21:59:30	Name: c Value: 1686210014
.scoota.co/	1970-01-20 21:59:30	Name: tuuid_lu Value: 1686210014
.adform.net/	1970-01-20 13:06:42	Name: C Value: 1
.creative-serving.com/	1970-01-20 21:45:06	Name: tuuid Value: 309d29a5-dbf4-4b1f-ae51-a2916d257dd7
.creative-serving.com/	1970-01-20 21:45:06	Name: c Value: 1686210014
.creative-serving.com/	1970-01-20 21:45:06	Name: tuuid_lu Value: 1686210014
.everesttech.net/	1970-01-20 21:09:06	Name: everest_g_v2 Value: g_surferid~ZIGF3gAQJUIl8wAp
.adform.net/	1970-01-20 13:49:54	Name: uid Value: 3774514616463086421
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: 3dc335d68eb9abba
.richaudience.com/	1970-01-20 14:33:06	Name: avcid-zeo-uid Value: 79a64fcc-6cfc-4445-7207-8c3d4a87e46c
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8S Value: s8519\|ZIGF4
.creativecdn.com/	1970-01-20 21:09:06	Name: ts Value: 1686210014
.creativecdn.com/	1970-01-20 21:09:06	Name: u Value: N7fCtP1YxmCs0rveLB0j
.360yield.com/	1970-01-20 14:33:06	Name: tuuid_lu Value: 1686210014
.360yield.com/	1970-01-20 14:33:06	Name: tuuid Value: 4f83d804-a17a-47e8-9910-870fa15f0259
.fwmrm.net/	1970-01-20 16:42:42	Name: _uid Value: "o280d_7242216864318004516"
.analytics.yahoo.com/	1970-01-20 21:09:06	Name: IDSYNC Value: 18z8~2c3j
.betweendigital.com/	1970-01-20 21:09:06	Name: dc Value: lux1
.betweendigital.com/	1970-01-20 21:09:06	Name: tuuid Value: 9f633271-48a5-529f-8ec7-abbcea462e62
.betweendigital.com/	1970-01-20 21:09:06	Name: ss Value: 1
.quantserve.com/	1970-01-20 21:53:44	Name: mc Value: 648185de-6c705-47edd-0119a
.bidr.io/	1970-01-20 21:52:03	Name: bito Value: AABUJE7JAwwAACKUk8iBSg
.bidr.io/	1970-01-20 21:52:03	Name: bitoIsSecure Value: ok
.adtelligent.com/	1970-01-20 13:52:46	Name: a733849 Value: 2010292523365572458
.csync.loopme.me/	1970-01-20 14:35:58	Name: viewer_token Value: 0ceb9b3a-c2bb-4ee2-ade1-0af155015c3d
.adtelligent.com/	1970-01-20 13:52:46	Name: a307971 Value: AIOxlFouGHXuimNR
.de17a.com/	1970-01-20 21:01:54	Name: guid Value: 1.1231002253622186881
.adsby.bidtheatre.com/	1970-01-20 12:33:34	Name: __kuid Value: 0f88bb8b-5921-4474-8040-9794c72f09a8.455424014
.rfihub.com/	1970-01-20 21:45:06	Name: eud Value: H4sIAAAAAAAA_9vEyGtoZmFmZGhgYGhiamgJALPdCaMQAAAA
.rfihub.com/	1970-01-20 21:45:06	Name: rud Value: H4sIAAAAAAAA_-MSNjU0MjE2MjI2MrMwNDM2MDUztRDiM9R1yw90SsvLNHF2M0oDAGHANFYlAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjU0MjE2MjI2MrMwNDM2MDUztRDiM9R1yw90SsvLNHF2M0oDAGHANFYlAAAA
.technoratimedia.com/	1970-01-20 21:59:30	Name: tads_uid Value: GDPR
.pubmatic.com/	1970-01-20 13:06:42	Name: KRTBCOOKIE_57 Value: 22776-2010292523365572458&KRTB&23339-2010292523365572458
.pubmatic.com/	1970-01-20 13:06:42	Name: KRTBCOOKIE_1101 Value: 23040-7242216864319142038&KRTB&23369-7242216864319142038
.pubmatic.com/	1970-01-20 13:06:42	Name: KRTBCOOKIE_391 Value: 22924-3774514616463086421&KRTB&23263-3774514616463086421&KRTB&23481-3774514616463086421
.betweendigital.com/	1970-01-20 21:09:06	Name: ut Value: ZIGF3gAJDGjia_6FPyJ57ZhVsGUipYNZ1TTP1w==
.pubmatic.com/	1970-01-20 13:06:42	Name: KRTBCOOKIE_18 Value: 22947-5124322326816305658
.pubmatic.com/	1970-01-20 13:06:42	Name: KRTBCOOKIE_153 Value: 1923-1vhTu9j5D-_N-gi90PlGvtepD-7N_Fq72a2_o3f7&KRTB&19420-1vhTu9j5D-_N-gi90PlGvtepD-7N_Fq72a2_o3f7&KRTB&22979-1vhTu9j5D-_N-gi90PlGvtepD-7N_Fq72a2_o3f7&KRTB&23462-1vhTu9j5D-_N-gi90PlGvtepD-7N_Fq72a2_o3f7
.pubmatic.com/	1970-01-20 13:06:42	Name: KRTBCOOKIE_336 Value: 5844-1231002253622186881
.pubmatic.com/	1970-01-20 13:06:42	Name: KRTBCOOKIE_80 Value: 16514-CAESEOZpGakKsn2VDYyNzP-cro4&KRTB&22987-CAESEOZpGakKsn2VDYyNzP-cro4&KRTB&23025-CAESEOZpGakKsn2VDYyNzP-cro4&KRTB&23386-CAESEOZpGakKsn2VDYyNzP-cro4
.ipredictive.com/	1970-01-20 21:09:06	Name: cu Value: f4f230c0-4d04-4754-9ccb-a366018deb45\|1686210014565
sync.srv.stackadapt.com/	1970-01-20 21:09:06	Name: sa-user-id Value: s%3A0-f3637285-b477-5d23-47ec-f8e0e7db5f30.7dg8Luy%2FdF2SrLlqe56BqNqiuYRUxbbDmsoJ8Tau7XE
sync.srv.stackadapt.com/	1970-01-20 21:09:06	Name: sa-user-id-v2 Value: s%3A82NyhbR3XSNH7Pjg59tfMFD_B2w.6h56y2ZQ5IppI50dzLQWiqRB2cVNPRPL97Z%2BNISnMfk
.srv.stackadapt.com/	1970-01-20 21:09:06	Name: sa-user-id-v2 Value: s%3A82NyhbR3XSNH7Pjg59tfMFD_B2w.6h56y2ZQ5IppI50dzLQWiqRB2cVNPRPL97Z%2BNISnMfk
.outbrain.com/	1970-01-20 14:33:06	Name: obuid Value: 9e2ff6e5-f6f5-457d-9b63-121baead9c84
.adtelligent.com/	1970-01-20 13:52:46	Name: vmuid Value: 6c9c680cf91140a1
.pubmatic.com/	1970-01-20 13:06:42	Name: KRTBCOOKIE_1305 Value: 23408-F1189970-D5EB-4D10-A457-2B376BA0A465&KRTB&23413-F1189970-D5EB-4D10-A457-2B376BA0A465&KRTB&23479-F1189970-D5EB-4D10-A457-2B376BA0A465
.pubmatic.com/	1970-01-20 13:06:42	Name: KRTBCOOKIE_860 Value: 16335-82NyhbR3XSNH7Pjg59tfMFD_B2w&KRTB&23334-82NyhbR3XSNH7Pjg59tfMFD_B2w&KRTB&23417-82NyhbR3XSNH7Pjg59tfMFD_B2w&KRTB&23426-82NyhbR3XSNH7Pjg59tfMFD_B2w
.onaudience.com/	1970-01-20 21:09:06	Name: cookie Value: 51b56daa6de101aa
.onaudience.com/	1970-01-20 12:24:56	Name: done_redirects200 Value: 1
.amazon-adsystem.com/	1970-01-20 21:59:30	Name: ad-privacy Value: 0
.adtelligent.com/	1970-01-20 13:52:46	Name: a743293 Value: 3774514616463086421
.console.adtarget.com.tr/	1970-01-20 13:52:46	Name: vmuid Value: 783f5571dd1dbd41
.console.adtarget.com.tr/	1970-01-20 13:52:46	Name: a307080 Value: N7fCtP1YxmCs0rveLB0j
.smartadserver.com/	1970-01-20 21:55:10	Name: pid Value: 3688540480025365657
.smartadserver.com/	1970-01-20 21:55:10	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-20 21:10:32	Name: csync Value: 127:AABUJE7JAwwAACKUk8iBSg
.turn.com/	1970-01-20 16:42:42	Name: uid Value: 7058944085178254639
.pubmatic.com/	1970-01-20 13:06:42	Name: KRTBCOOKIE_27 Value: 16735-uid:48866481-85de-4f00-8fe9-3444e552210b&KRTB&16736-uid:48866481-85de-4f00-8fe9-3444e552210b&KRTB&23019-uid:48866481-85de-4f00-8fe9-3444e552210b&KRTB&23114-uid:48866481-85de-4f00-8fe9-3444e552210b
.amazon-adsystem.com/	1970-01-20 17:21:34	Name: ad-id Value: A_3GIEMJVUvggX_9lgM7rWo
.console.adtarget.com.tr/	1970-01-20 13:52:46	Name: a743408 Value: 4f83d804-a17a-47e8-9910-870fa15f0259
.zeotap.com/	1970-01-20 12:24:56	Name: zsc Value: %04%8E%0A%D64%01%84%D5%A3%93%8B%146x%8E%9CN%E5Dj%EB%CE%08%C0%14%3E5%B8%10%CD%B8Gb%0BD%0A%2FA%FFBbO%DE%7F%BF%1E%40%D7k%24%03%1A7%9E.%F3%D4%93%05%81%3BP%A3W%D3%12%FF%D4%8DLP%E63%03%22S%F3%87%87%93%BE2Ii%A6V%F5Ov%AE%91%FF%8EA%F1%FC%1Abx%C7%16%ABq%C32%F9%C4%AE%DFvht%00%9AS5%EE%AA%3F%95%D1%24G%87%3D%2B%A2%19%FF%D0%3FS%95%96%E5fF%2AU%E0qW%3E%E51%40%9C%82%CF%DD%87%B5%82O%27%B0%DBF%28V7%F3yDy%8A%86%9B%28j%B0
.pubmatic.com/	1970-01-20 13:06:42	Name: KRTBCOOKIE_409 Value: 22966-uroLIz3lVbhVUQggUQnbabgg
.audrte.com/	1970-01-20 12:45:06	Name: arcki2 Value: 65aMom0gQ2sTiS0YOrLz4VeYA!20220908!1686210014774!ip#80.255.7.108
.audrte.com/	1970-01-20 12:45:06	Name: arcki2_pubmatic Value: F1189970-D5EB-4D10-A457-2B376BA0A465!20220908!1686210014777
.spotim.market/	1970-01-20 13:52:46	Name: vmuid Value: 9dc3a375a1cf0dc5
.spotim.market/	1970-01-20 13:52:46	Name: a323548 Value: 2010292523365572458
.mathtag.com/	1970-01-20 21:49:25	Name: uuid Value: 829f6481-85de-4c00-be7d-06d6e712ce7d
.linkedin.com/	1970-01-20 21:09:06	Name: bcookie Value: "v=2&8cdaeb81-7ded-482b-84e9-1cddd7749a07"
.linkedin.com/	1970-01-20 16:42:42	Name: li_gc Value: MTswOzE2ODYyMTAwMTQ7MjswMjGQDlqrXRCCsZ+hYN+OWP3zFq5dTRZh9TipDUK6/p3q6A==
.linkedin.com/	1970-01-20 12:24:56	Name: lidc Value: "b=TGST08:s=T:r=T:a=T:p=T:g=2538:u=1:x=1:i=1686210014:t=1686296414:v=2:sig=AQEDLfOrONeeWJH57f4eQ-pbb40zcsox"
pool.admedo.com/	1970-01-20 21:09:06	Name: tuuid Value: 2d70351a-f4af-4822-b3c9-9f8c985a601d
pool.admedo.com/	1970-01-20 21:09:06	Name: c Value: 1686210014
.pubmatic.com/	1970-01-20 13:06:42	Name: KRTBCOOKIE_22 Value: 14911-7058944085178254639&KRTB&23150-7058944085178254639
ads.avct.cloud/	1970-01-20 21:09:06	Name: uuid Value: eb8be46f-aed6-4dc4-aa9d-aa40b5263471
.console.adtarget.com.tr/	1970-01-20 13:52:46	Name: a307457 Value: 3774514616463086421
.console.adtarget.com.tr/	1970-01-20 13:52:46	Name: a743845 Value: 3774514616463086421
.pubmatic.com/	1970-01-20 13:06:42	Name: KRTBCOOKIE_699 Value: 22727-AABUJE7JAwwAACKUk8iBSg
.gammaplatform.com/	1970-01-20 12:24:56	Name: _aGeoIp Value: US\|Bronx
.gammaplatform.com/	1970-01-20 21:59:30	Name: _aUID Value: 16yp2tak7zyl
pool.admedo.com/	1970-01-20 21:09:06	Name: tuuid_lu Value: 1686210015
.ctnsnet.com/	1970-01-20 21:09:06	Name: cid Value: 9f23cfbe9609412eb598ef1193740aa0
.adtelligent.com/	1970-01-20 13:52:46	Name: a318342 Value: 783f5571dd1dbd41
.as.ck-ie.com/	1970-01-20 12:33:34	Name: CID Value: 066538cd373d2e17a00c8f1203e4b46d6d2df7e5
.pubmatic.com/	1970-01-20 13:06:42	Name: KRTBCOOKIE_1310 Value: 23431-16yp2tak7zyl&KRTB&23446-16yp2tak7zyl&KRTB&23465-16yp2tak7zyl
.pubmatic.com/	1970-01-20 13:06:42	Name: KRTBCOOKIE_466 Value: 16530-395da4e5-7a73-425d-b97d-bc53dd5eb6ea
.quantserve.com/	1970-01-20 14:33:06	Name: d Value: EJUBFwGXKfijC_vLEL7iAA
.audrte.com/	1970-01-20 12:45:06	Name: arcki2_ddp2 Value: 65aMom0gQ2sTiS0YOrLz4VeYA!20220908!1686210015340
.audrte.com/	1970-01-20 12:45:06	Name: arcki2_adform Value: 3774514616463086421!20220908!1686210015549
.pubmatic.com/	1970-01-20 14:33:06	Name: DPSync3 Value: 1687392000%3A226_219_197_245_241_235_201_227
.pubmatic.com/	1970-01-20 14:33:06	Name: SyncRTB3 Value: 1691366400%3A69%7C1687478400%3A35%7C1687392000%3A166_254_88_249_56_71_46_99_220_13_214_234_238_165_251_3_233_81_204_8_7_54_22_21_161_55_176_243%7C1688774400%3A203%7C1687046400%3A63%7C1686787200%3A2_15_223
.pubmatic.com/	1970-01-20 14:33:06	Name: chkChromeAb67Sec Value: 3
.ads.pubmatic.com/	1970-01-20 12:24:56	Name: pubsyncexp Value: 1686231617121
ads.playground.xyz/	1970-01-20 12:33:31	Name: connect.sid Value: s%3A7CRpCEavTdh4OxFGtUyF1RfU-iF6W_xa.h0P08fI2s%2BXhUt0w77rtU7hzZ4IiXzoDj8l%2B8r1Nhw0
.onaudience.com/	1970-01-20 12:24:56	Name: done_redirects147 Value: 1
.1rx.io/	1970-01-20 21:09:06	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-066a66fc-e29c-4985-983a-818a7e1795f8-003%22%2C%22nxtrdr%22%3Afalse%7D
.targeting.unrulymedia.com/	1970-01-20 21:09:06	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-066a66fc-e29c-4985-983a-818a7e1795f8-003%22%7D
.pubmatic.com/	1970-01-20 13:06:42	Name: KRTBCOOKIE_594 Value: 17105-RX-066a66fc-e29c-4985-983a-818a7e1795f8-003&KRTB&17107-RX-066a66fc-e29c-4985-983a-818a7e1795f8-003
.pubmatic.com/	1970-01-20 13:06:42	Name: PugT Value: 1686210017
.tribalfusion.com/	1970-01-20 14:33:06	Name: ANON_ID Value: aWnseFujieEo7YxU36h35ZaLtB0vQ8LDMLKXEmgfGolCEIZdYTnqIdsrxZaHQcyyJr7LKOBnX1eiHPTXAqtchVW
.semasio.net/	1970-01-20 21:09:06	Name: SEUNCY Value: 5D388948A8A24DE8
.adtelligent.com/	1970-01-20 13:52:46	Name: a281178 Value: F1189970-D5EB-4D10-A457-2B376BA0A465
.adtelligent.com/	1970-01-20 13:52:46	Name: a558003 Value: F1189970-D5EB-4D10-A457-2B376BA0A465
.adxpremium.services/	1970-01-20 14:33:06	Name: uids Value: eyJ0ZW1wVUlEcyI6eyJhZGZvcm0iOnsidWlkIjoiMzc3NDUxNDYxNjQ2MzA4NjQyMSIsImV4cGlyZXMiOiIyMDIzLTA2LTIyVDA5OjQwOjE2LjA4OTkzODQ5KzAyOjAwIn0sIml4Ijp7InVpZCI6IlpJR0YzY3JzQnRCaGpUYzdLSmhYb1FBQVx1MDAyNjExODgiLCJleHBpcmVzIjoiMjAyMy0wNi0yMlQwOTo0MDoxNS43NDkxODY5MjUrMDI6MDAifSwicHVibWF0aWMiOnsidWlkIjoiRjExODk5NzAtRDVFQi00RDEwLUE0NTctMkIzNzZCQTBBNDY1IiwiZXhwaXJlcyI6IjIwMjMtMDYtMjJUMDk6NDA6MTguODYxNjMxOTYxKzAyOjAwIn0sInNtYXJ0eWFkcyI6eyJ1aWQiOiIyNzdlOTNkNDU2YzE5YjkzM2NhYjIxMTYwOWFjMzg4MGQyZmNhNjIzY2RhOTk2ZmEyNDQ4OTg1OTczYjg3YzM2IiwiZXhwaXJlcyI6IjIwMjMtMDYtMjJUMDk6NDA6MTUuMjMzNzA3OTkzKzAyOjAwIn19LCJiZGF5IjoiMjAyMy0wNi0wOFQwOTo0MDoxNS4yMzM3MDc2MzQrMDI6MDAifQ==
.pubmatic.com/	1970-01-20 13:06:42	Name: SPugT Value: 1686191676

39 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://www.picuki.com/profile/rudy_israel Message: Access to XMLHttpRequest at 'https://tag.1rx.io/rmp/247379/0/mvo?z=1r&hbv=6.6,2.1' from origin 'https://www.picuki.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://tag.1rx.io/rmp/247379/0/mvo?z=1r&hbv=6.6,2.1 Message: Failed to load resource: net::ERR_FAILED
security	warning	URL: https://tagan.adlightning.com/setupad/op.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
javascript	error	URL: https://www.picuki.com/profile/rudy_israel Message: Access to XMLHttpRequest at 'https://fid.agkn.com/f?apiKey=2194730263&i4=80.255.7.108&r=https%3A%2F%2Fwww.picuki.com%2Fprofile%2Frudy_israel' from origin 'https://www.picuki.com' has been blocked by CORS policy: The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.
network	error	URL: https://fid.agkn.com/f?apiKey=2194730263&i4=80.255.7.108&r=https%3A%2F%2Fwww.picuki.com%2Fprofile%2Frudy_israel Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.picuki.com/profile/rudy_israel Message: Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=c2d18b01-4905-4aba-a83e-e41eac932694' from origin 'https://www.picuki.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=c2d18b01-4905-4aba-a83e-e41eac932694 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.picuki.com/profile/rudy_israel Message: Access to XMLHttpRequest at 'https://fid.agkn.com/f?apiKey=2194730263&i4=80.255.7.108&r=https%3A%2F%2Fwww.picuki.com%2Fprofile%2Frudy_israel' from origin 'https://www.picuki.com' has been blocked by CORS policy: The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.
network	error	URL: https://fid.agkn.com/f?apiKey=2194730263&i4=80.255.7.108&r=https%3A%2F%2Fwww.picuki.com%2Fprofile%2Frudy_israel Message: Failed to load resource: net::ERR_FAILED
security	error	URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map Message: Refused to execute script from 'https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6ba0c5d9-c240-4ffd-510b-0571de52e190&reqId=c47aa08c-9212-4698-65a7-5ec66f6dc2a1&zdid=1361' because its MIME type ('text/plain') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map Message: Refused to execute script from 'https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=79a64fcc-6cfc-4445-7207-8c3d4a87e46c&reqId=d1750281-8e96-4b45-64fd-e93f08f1e1c8&zdid=1361' because its MIME type ('text/plain') is not executable, and strict MIME type checking is enabled.
network	error	URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6ba0c5d9-c240-4ffd-510b-0571de52e190&reqId=c47aa08c-9212-4698-65a7-5ec66f6dc2a1&zdid=1361 Message: Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network	error	URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=79a64fcc-6cfc-4445-7207-8c3d4a87e46c&reqId=d1750281-8e96-4b45-64fd-e93f08f1e1c8&zdid=1361 Message: Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network	error	URL: https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6ba0c5d9-c240-4ffd-510b-0571de52e190&reqId=c47aa08c-9212-4698-65a7-5ec66f6dc2a1&zdid=1361 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=79a64fcc-6cfc-4445-7207-8c3d4a87e46c&reqId=d1750281-8e96-4b45-64fd-e93f08f1e1c8&zdid=1361 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6ba0c5d9-c240-4ffd-510b-0571de52e190&reqId=c47aa08c-9212-4698-65a7-5ec66f6dc2a1&zdid=1361 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=79a64fcc-6cfc-4445-7207-8c3d4a87e46c&reqId=d1750281-8e96-4b45-64fd-e93f08f1e1c8&zdid=1361 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=79a64fcc-6cfc-4445-7207-8c3d4a87e46c&axd_pid=175 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=6ba0c5d9-c240-4ffd-510b-0571de52e190&axd_pid=175 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://u-ams03.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=719ef7d6c453fa93 Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://u-ams03.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=719ef7d6c453fa93 Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://u-ams03.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=719ef7d6c453fa93 Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://sync.adkernel.com/user-sync?zone=181093&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dmdp%26i%3D%5BUID%5D&gdpr=&gdpr_consent=&ccpa= Message: Failed to load resource: the server responded with a status of 400 (Bad Request)
network	error	URL: https://sync.adkernel.com/user-sync?zone=181093&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dmdp%26i%3D%5BUID%5D&gdpr=&gdpr_consent=&ccpa= Message: Failed to load resource: the server responded with a status of 400 (Bad Request)
security	error	URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map Message: Refused to execute script from 'https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=79a64fcc-6cfc-4445-7207-8c3d4a87e46c&reqId=39c147d2-4c37-47cb-7311-d54e4abb00b8&zdid=1361' because its MIME type ('text/plain') is not executable, and strict MIME type checking is enabled.
network	error	URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=F1189970-D5EB-4D10-A457-2B376BA0A465&gdpr=0&gdpr_consent= Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://tags.bluekai.com/site/87734?id=6ba0c5d9-c240-4ffd-510b-0571de52e190&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6ba0c5d9-c240-4ffd-510b-0571de52e190&reqId=c47aa08c-9212-4698-65a7-5ec66f6dc2a1&zdid=1361 Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://tags.bluekai.com/site/87734?id=79a64fcc-6cfc-4445-7207-8c3d4a87e46c&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=79a64fcc-6cfc-4445-7207-8c3d4a87e46c&reqId=d1750281-8e96-4b45-64fd-e93f08f1e1c8&zdid=1361 Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://cs.admanmedia.com/sync/gumgum?puid=e_3669e6a6-26f5-4699-9b14-91acccedbe01&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=&gdpr_consent=&ccpa= Message: Failed to load resource: the server responded with a status of 400 (Bad Request)
network	error	URL: https://sync.adkernel.com/user-sync?zone=181093&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dmdp%26i%3D%5BUID%5D&gdpr=&gdpr_consent=&ccpa= Message: Failed to load resource: the server responded with a status of 400 (Bad Request)
network	error	URL: https://cs.admanmedia.com/sync/gumgum?puid=e_a01540c4-6b8d-441e-aa49-6451ca6fa1fc&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=&gdpr_consent=&ccpa= Message: Failed to load resource: the server responded with a status of 400 (Bad Request)
security	error	URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map Message: Refused to execute script from 'https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=79a64fcc-6cfc-4445-7207-8c3d4a87e46c&reqId=561114f0-056f-4902-6c2b-d25d22d55e81&zdid=1361' because its MIME type ('text/plain') is not executable, and strict MIME type checking is enabled.
network	error	URL: https://sync.adkernel.com/user-sync?zone=181093&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dmdp%26i%3D%5BUID%5D&gdpr=&gdpr_consent=&ccpa= Message: Failed to load resource: the server responded with a status of 400 (Bad Request)
network	error	URL: https://cs.iqzone.com/e9d4ff858b5e32317e843f5ed11b2659.gif?puid=e_a01540c4-6b8d-441e-aa49-6451ca6fa1fc&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diqz Message: Failed to load resource: the server responded with a status of 400 (Bad Request)
network	error	URL: https://cs.admanmedia.com/sync/gumgum?puid=e_3669e6a6-26f5-4699-9b14-91acccedbe01&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=&gdpr_consent=&ccpa= Message: Failed to load resource: the server responded with a status of 400 (Bad Request)
network	error	URL: https://cs.admanmedia.com/sync/gumgum?puid=e_3669e6a6-26f5-4699-9b14-91acccedbe01&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=&gdpr_consent=&ccpa= Message: Failed to load resource: the server responded with a status of 400 (Bad Request)
network	error	URL: https://cs.iqzone.com/e9d4ff858b5e32317e843f5ed11b2659.gif?puid=e_3669e6a6-26f5-4699-9b14-91acccedbe01&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diqz Message: Failed to load resource: the server responded with a status of 400 (Bad Request)
network	error	URL: https://cs.iqzone.com/e9d4ff858b5e32317e843f5ed11b2659.gif?puid=e_3669e6a6-26f5-4699-9b14-91acccedbe01&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diqz Message: Failed to load resource: the server responded with a status of 400 (Bad Request)
network	error	URL: https://cs.iqzone.com/e9d4ff858b5e32317e843f5ed11b2659.gif?puid=e_3669e6a6-26f5-4699-9b14-91acccedbe01&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diqz Message: Failed to load resource: the server responded with a status of 400 (Bad Request)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
a.tribalfusion.com
a.vidoomy.com
aa.agkn.com
aax-eu.amazon-adsystem.com
ad.360yield.com
ad.mrtnsvr.com
ad.turn.com
ad.yieldlab.net
ade.googlesyndication.com
ads.avads.net
ads.avct.cloud
ads.betweendigital.com
ads.creative-serving.com
ads.playground.xyz
ads.pubmatic.com
ads.servenobid.com
ads.stickyadstv.com
ads.us.e-planning.net
adservice.google.com
adx.adform.net
adxbid.info
ajax.googleapis.com
ap.lijit.com
apex.go.sonobi.com
api.purpleads.io
api.rlcdn.com
as.ck-ie.com
b1h-euc1.zemanta.com
b1sync.zemanta.com
b24aa2873adffce44e55e180d9ae3331.safeframe.googlesyndication.com
bcp.crwdcntrl.net
beacon-ams3.rubiconproject.com
beacon.krxd.net
bh.contextweb.com
bidder.criteo.com
bn01.er.bemail.it
bs.yandex.ru
btlr.sharethrough.com
buttons-config.sharethis.com
c1.adform.net
casale-match.dotomi.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.pixfuture.com
cdn.prod.uidapi.com
cdn.prplads.com
cdn.pubfuture-ad.com
cdn1.picuki.com
cm-supply-web.gammaplatform.com
cm.adform.net
cm.adgrx.com
cm.ctnsnet.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
cms.quantserve.com
connect-metrics-collector.s-onetag.com
contextual.media.net
cookies.nextmillmedia.com
core.iprom.net
cr.frontend.weborama.fr
creativecdn.com
cs.admanmedia.com
cs.iqzone.com
csync.loopme.me
d5p.de17a.com
dis.criteo.com
dmp.adform.net
dmp.theadex.com
dmp.v.fwmrm.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
esp.rtbhouse.com
eus.rubiconproject.com
ex.ingage.tech
explorads-prebid.smart-hub.io
fastlane.rubiconproject.com
fid.agkn.com
fonts.googleapis.com
fonts.gstatic.com
get.s-onetag.com
ghb.adtelligent.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
green.erne.co
gum.criteo.com
hbopenbid.pubmatic.com
i.e-planning.net
ib.3lift.com
ib.adnxs.com
ic.tynt.com
id5-sync.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
images.outbrainimg.com
imasdk.googleapis.com
img.3lift.com
invstatic101.creativecdn.com
ip2geo.pubfuture-ad.com
ipac.ctnsnet.com
l.sharethis.com
loadeu.exelator.com
log.outbrainimg.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
matching.truffle.bid
mp.4dex.io
mug.criteo.com
mwzeom.zeotap.com
node.setupad.com
oa.openxcdn.net
oajs.openx.net
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
odr.mookie1.com
onetag-geo.s-onetag.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
pixel-eu.onaudience.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel.mathtag.com
pixel.onaudience.com
pixel.rubiconproject.com
pixel.sitescout.com
pixel.tapad.com
pixfuture2-d.openx.net
platform-api.sharethis.com
platform-cdn.sharethis.com
pool.admedo.com
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid-server.rubiconproject.com
prebid-stag.setupad.net
prebid.a-mo.net
prebid.admanmedia.com
prebid.media.net
prebidserver.pixfuture.com
prg.smartadserver.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
r.scoota.co
region1.google-analytics.com
rtb-csync.smartadserver.com
rtb.adxpremium.services
rtb.gumgum.com
rtb.openx.net
s.adtelligent.com
s.amazon-adsystem.com
s.console.adtarget.com.tr
s.e-planning.net
s.tribalfusion.com
s0.2mdn.net
s3.pubfuture.com
script.4dex.io
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
served-by.pixfuture.com
signal-beacon.s-onetag.com
signal-metrics-collector-beta.s-onetag.com
signal-segments.s-onetag.com
simage2.pubmatic.com
simage4.pubmatic.com
spl.zeotap.com
ssbsync.smartadserver.com
ssp.disqus.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.cloudflareinsights.com
static.criteo.net
stpd.cloud
sync-tm.everesttech.net
sync.1rx.io
sync.adkernel.com
sync.admanmedia.com
sync.adtelligent.com
sync.console.adtarget.com.tr
sync.crwdcntrl.net
sync.e-planning.net
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.richaudience.com
sync.spotim.market
sync.srv.stackadapt.com
sync.taboola.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
sync.tidaltv.com
tag.1rx.io
tagan.adlightning.com
tags.bluekai.com
tags.crwdcntrl.net
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
u-ams03.e-planning.net
u.openx.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
user-sync.adxpremium.services
usermatch.krxd.net
usersync.gumgum.com
vid.vidoomy.com
vpaid.vidoomy.com
web.hb.ad.cpe.dotomi.com
www.bing.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.picuki.com
x.bidswitch.net
api.rlcdn.com
fid.agkn.com
tag.1rx.io
108.138.36.2
108.138.36.81
134.122.57.34
135.125.163.79
137.184.242.150
141.226.228.48
141.94.171.214
141.94.171.216
141.95.172.216
142.250.181.226
142.250.185.66
142.250.186.130
147.75.84.158
151.1.205.165
151.101.2.49
159.89.25.223
161.35.253.218
162.19.138.119
162.55.120.196
168.119.146.39
172.67.68.160
172.67.68.162
178.250.1.11
178.250.7.11
18.156.109.169
18.194.199.66
18.198.126.47
18.66.112.32
18.66.147.119
18.66.192.107
18.66.97.112
18.66.97.37
184.24.77.72
185.106.140.18
185.15.245.83
185.184.8.90
185.64.189.112
185.64.190.78
185.64.190.80
185.64.190.81
185.64.191.210
185.80.39.216
185.86.138.151
185.86.139.102
188.42.34.65
193.0.160.130
193.3.178.2
193.3.178.3
195.5.165.20
2.17.187.27
2001:4860:4802:32::36
202.241.208.54
205.234.175.175
208.93.169.131
212.82.100.182
213.155.156.168
213.19.147.44
213.227.153.223
216.52.2.91
23.212.89.151
23.227.139.243
23.32.184.192
23.37.42.132
23.52.120.27
23.52.122.195
23.56.202.187
2600:1f16:e61:3f02:8513:7dd7:332b:6625
2600:9000:206f:a000:c:abe:f440:93a1
2600:9000:223d:ce00:a:e047:753:be1
2600:9000:225b:e800:1d:85c3:6640:93a1
2602:803:c003:200::21
2602:803:c003:200::57
2603:c020:400d:3000:b5b3:7157:5b47:80e4
2606:4700:10::ac43:266a
2606:4700:10::ac43:2954
2606:4700:10::ac43:db6
2606:4700:20::681a:333
2606:4700:20::681a:61
2606:4700:20::681a:744
2606:4700:20::681a:9a9
2606:4700:20::681a:e7e
2606:4700:20::ac43:4615
2606:4700:3035::6815:23e9
2606:4700::6810:3965
2606:4700::6812:19ad
2606:4700::6812:1f31
2606:4700::6812:372
2620:116:800d:21:ef75:8280:f209:5ba1
2620:1ec:21::14
2a00:1450:4001:806::2003
2a00:1450:4001:808::200a
2a00:1450:4001:80b::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:811::200e
2a00:1450:4001:813::2002
2a00:1450:4001:813::200a
2a00:1450:4001:828::2008
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2006
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:831::2001
2a00:1450:4001:831::2004
2a00:1450:4001:831::200a
2a02:2638:3::3
2a02:2638:3::c
2a02:2638:d::a
2a02:26f0:3500:1b::1724:a398
2a02:6b8::90
2a02:6ea0:c700::10
2a02:fa8:8806:12::1460
2a02:fa8:8806:16::1370
2a04:4e42:200::300
2a04:4e42:600::485
2a05:d018:24:b001:3bf0:9c53:4cdb:1436
2a05:d018:d29:3602:51a:42ee:38f7:77d0
2a06:8640:799:0:ec4:7aff:fe6e:a48e
2a0c:5c81:5126:0:ae1f:6bff:fec1:ad72
2a0c:5c81:5145::2
3.124.103.237
3.217.213.80
3.33.220.150
3.64.110.9
3.71.149.231
3.73.198.78
3.93.228.142
34.102.146.192
34.102.163.6
34.102.253.54
34.111.113.62
34.111.129.221
34.111.131.239
34.120.135.53
34.120.63.153
34.160.236.64
34.205.5.140
34.248.236.176
34.96.70.87
34.98.64.218
35.157.14.121
35.171.239.119
35.186.193.173
35.186.253.211
35.190.39.111
35.204.74.118
35.205.207.25
35.210.53.219
35.214.181.34
37.157.4.29
37.157.6.254
37.252.172.123
37.252.173.215
46.228.164.11
5.196.111.65
50.16.251.137
50.31.142.63
51.89.9.253
52.210.15.1
52.211.158.177
52.214.36.213
52.220.229.2
52.31.201.132
52.31.88.82
52.46.143.56
52.48.144.60
52.51.107.69
52.57.54.7
52.58.4.68
54.211.72.252
54.217.89.185
54.228.185.250
54.228.73.172
54.77.159.209
54.84.97.211
64.202.112.31
65.9.66.122
67.202.105.33
67.220.226.238
69.166.1.10
69.166.1.14
69.173.144.138
69.173.144.139
69.173.144.165
72.246.169.24
72.251.245.181
74.121.143.240
76.223.111.18
77.243.51.121
77.245.57.72
8.18.47.7
8.2.109.53
8.2.110.113
8.2.110.24
8.2.111.13
80.77.87.128
80.77.87.161
85.114.159.118
98.98.134.241
98.98.134.242
99.83.181.31
99.84.88.82
016ab0bd0de4839680e4a717a57db9b182a8c2c5fdeec4c24db7a8df761fca4d
02cd2895a20078424998934cb2aa6268c4090e1faaac7016c41239385db5500d
03e42b95e9049816d901eabbe2a2247deda61a85972e3a50e3c8274e6c5fe39b
042cbbbb8a7f99d55043ecb57f1af4750d16ac5363f76a5e2b4c70e1470230b5
04da339baae1948d51e6ffcd4f1f118fe304f7aef2884cd164714df856f0e7f0
060c711223dd19b13b57e28968bcd6de991e69edf48b2463f991709089e2bdad
06a2ce7c795b000d1b600bb19c547e16e80f58fc76e8c8b6311d00a8479202a1
08285afd2f0c11a2a9d89f00dce769479e4d164e62caa39eceea9f1eb551afa9
08335652ca9474daca89a71e6cf534c7608a77a16af86bf56d1e63e764085b88
08375cdc46e0a577ddc945eea319f931af6ac662015738956b7e3f6463a08161
0922db680b6951385301ea921f64357700c286ed20d1a16beaf95ee8486d1b43
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651
0b2cec4a7f5373abdc638ac2803d3edc6d119f64e1aacb62800bfd45eff17b73
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b9ffac16148c8938c6d9f2df28a17207f62a7f92d3401a48a58c0b22f17b0b4
0bd42c5a4eb3f83ecaa7be69ee5b8a01dc012cbd76730d534ef3fd68964366f2
10b43c2c0ec666e5e81b56e2ac9e26a39b81717530a813f7b25e2a23e6617d10
1214b9d9e53bee3269cb3021103388c665436f0f9ac93a4a301483971229879d
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b
141f535a9b0a37099a9b96e55922d90ee995382988944b82c33db7fd9bee291a
1571f74757712a610aa10ccabb6ef6cace5c9bcea340073fc946b469b05a8970
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
181b2157b0d510139ce5a2a65a5cfc21eb0c894ac4f526aca0e1691c995b841e
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
191c02f79afccaef66e4309f04edab1b0c10c636f07a79bd1147122144bcbf44
1bae747c7fd090f56608956a97c870391e1c43f89d24d5766129b75628985c1e
1c88e9455f9cdeafe92705e42599b0e9acb1470f8a442b0947c784d99cacf9d9
1d019867c120344469403527c7d958861b81d0fc873813c97ee135f707d74122
1d6693b7186c190fb6f7b0f65ae79fd4fe3cc66281a3c322e1317b6860175e95
1daa7d28de3f07e56e24af825644bef76478ce3c720de872e4e1dd5b386107c6
1e7dac83c7972ac2575a56427710edcd1406a0e2a3f219f99c16ac08b9f8d1d3
20146d1e7c5fa2da9f32974691d13a0ae71741e0cabaad0b3b566c3a8f54b0a8
216f533805929fff10f7f5a77658ffc3d27e400be31f4aced7c6f40b427ccdaa
22de3cfef032de2d4fdb9617e21c37a4e1b94d3c388eacf661428139aac3e19c
23401528f492f6bfa62f707c9ae35d94e3f3b34a2865d7761422f9ae1d5cd2af
2426b4723bc4904e04c6b253da5bd3096f6d2e294b4999ad22c7bbbef0e85591
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
283f4f0f1e57dd6bdab5321af3abf0bfc486de6ec2e3d565971313fd5af986c9
286a5fc75a6ebfd285c7585b3a4b97da3f61dad373b72595a622cca68718e03f
28eac36479c83ab5c1d7881ae078eff90ba02be1ac4f082b75505830e323b0be
2986551fd9e82929eabb8cba7c44f74a28d8496c744893432f067b320dff55da
29b1a1d10f87a90e92aacc387bc24c24c6ccea4d702676b37b9b8cd87fff189c
2a8ea770f8f8aaeeef42de4c5382cfa282da181bf50da0724ee08dde94a26f1a
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2b505b9bb344970bfb6458f5519cd2a408cfb72c1a345700164c837e17f2a79e
2c2cd2a4097f44833817993ded2514b688066ac86d87a1e59a6b6f5369c15cfb
2cbe49b6a8bbe04b360ed7b011e74516a36d118a3a03d2f9595747e316f113e8
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e094b10a38f4a8bd2e1b7b98e0e4e3e9c8a7202c0ccd111f3d0e4ad20b7fa53
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f88ee37a411945bda0eab92ae5c6de1030a95568a3e4015cfa8ab4a57cdfdc8
2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6
3122df7910843fb514ae21081c9d2385a7b7eeb1013b03e817cc4aeea6f51765
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
34c3405d6ce5339506d346af0efdd6fc24c7b220fd969ae0ad2b2a852448654e
351c9f0cdb13e4a17c1fae2c05a4b21111f1f78785b2da29b2dc03b10ef7c613
364103bc6bf5b67d5297c758dd3f07ebdcb05f33d36291cb6d0549fb51e78659
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
3722a2dca1b5a2689ef3e58cd8cba9a884533d83772a3695780215e761241bb6
375d70bfc36dfb08360c5b1efc7c09ed21884ff9da1c16416f6c9956abcd21bd
3b89401fea631023de67ae75bf8f246b1af109a9a4247c3862016949eacc462b
3d656daaa0fa5c4427e17ffc70db286ce4a4538a380ed36e8bd7ea0a05ebac89
3e0eee7b1d72692e66abf92dd915509aa6132737cf324f50ed32db0f76042bfe
3e1bb5f844aed425ea2db4d5186accd6eff6898152edfe13eca5bc4ada23dfcd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f13a8a652585934679b92ef7b5bceaeda7672269c9e8d6155e00d803dc359d2
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4125d5df4cb6c3ed55f1992484aa69bf99b74d947ade67de8fc7fc05139e1254
42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709
464082a18d12427498d9c87bd6e6af4887ee89b345253038f5ef3ebea7c6145c
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46f24fd8734ee6889d1350251cb339eb30ec571740d156410f36b8134d0f9c8d
47d522563a9f514094ee94ebcee33b1ab88ba91d5639393beecd18be1fd27c15
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a880ca860b0dfd58886aeb5566f01ed3e6824f4223c98c6bf839d1196047c42
4a9fe251312509a9e218ffb5bd8e813145b3363a7ee9212d6875a1efc9c15aa2
4b4aa1d5474097fdf9630085daa177eca372e5cbb48086b20937b6eee37c698d
4ca18c247df52dd22650bd7f72f71d7c98102243b0ec474f683c6a279ad3a668
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
52075c311641f54fee9e155b218f6cc30fc5aeb88d875f3238a6bce71d081584
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
549a5835347371afdcaeb8e3e8a05a6c28a8fff76586fc74041ac11b144c0426
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56c93ac373b05dd1a575559cf73865d72fd66f34ecb25d05d223833932e03977
57ce2b08ef8da65d0f5627d6e41c7725efd32d3e377dea3c91025a375ae93fdf
5a9863314577494b778cade4d77d719a27fca818d6091efe35b972cac31026f8
5b1b9309069093cfcbad3cf91aa853039ddf8a530a95b6013df288e539c1502d
5be8e095e2fd0837f7ceefffaf25b2aa3579180714c27f2d9cacfb0cc9f87872
5c833b1818762f1e134fbb158447fb0b92f2b018b15aa36f2e2405213f830d38
5de0285ce05af31f7a51be00b51f24a71fa46a7bee8925b051ff8e747b719560
5e46986cfdb3f1078447233580b81e9b94691affb6da87bd3c9bc45dfb98e5f0
5f5012132c752db2433e17712d91ef8689f1bc95167b2720e23224c2ae62e009
5fd8e81509e59424298dd90d6dfc891b594b87a0b7681ceed3ba349b9def753c
600aeed14460b511cf9bcf9be6aad5badd5df2929d6a9239f8080371974d3afb
60660fac989086e0e444b0059abf5ac5e04a4237771bc4ef49b6664c4b1835be
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62907b530c3d79e6025bc59bd87e2cdafa37a77b08eda15b5c0a7ec4a4c3646c
631e4c0cb82e03a77dbf7111e8303534d183747050352701d0483b4bdbd3ec81
650645ea331d5a0fc0f225cb9a170447bb624948c6aa5ffe1bdb2c0d82f93579
657dcdddbdb31f6168f63dd60ccab9ce87e5c687342e5431fc8d9a0e819c0519
65abde757ae4c3d5a81be9711da96807096dafff92268e5998b808786bef85ac
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
68ee8b4c9ee17335351b84ac06cb72a2b26da89f33aa86f62dbd6780b017ee30
69132eb2f05e13a4c63a410722925db45aee5c05b3cb792fcb602e890ee69860
69d07556b8856f7587d3b325d827ed05b095933c25fc388f35964e7f0dbda610
69f2ffffca046bf2fa8c90854002460047a8832e12d9b54075587004ac7a3886
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6adcb5a4228db56fe8b22d0ef9dd538b16da2b7223965eae4f9c4a2a855b0ec4
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d454836811751ba1e4aab9a00ef8a5655eb2d7989ab14ca4ba199704ae11e25
6e1f39c711346d9be1bddfe27ee605314b1d366577e565cd11d19c11e9aa753e
6f6e284d4b297045ba38e8edcf387aa6ac7a8cf022006457858e0942b329097b
7032bb2a43b0bcba971bb00932c4917c360f369ddc26534cddf41172ac39a896
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
72b15bb793edabe71c15064ea60c9bba066eb74935487b784f29d69ad6638be4
738c44f3dcedae37e973047211f1c9992695a71e710e433bec10f2d0278d8b4d
73de5d701f66c7e36612a1c33253d297ff03d59ac9b132531720ad59593f2fc6
73fcbeac0f15bb0d757c476b3f620154ac6ba5152ea55cc4c89e43cd9db55c46
74075ecdd502ca9121a9d6a11e8824771cea3c7e158726e01a2964c750766e1d
768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307
786f73b07a61952916f4cc4feefbb108ab7e32e42476f6a408b2c5c6358e4817
78cf7f92ec9841d3afea2c9db9cc22e4ff8acc52bee7060b50a28a71cb262093
78f0009642758b885fc75fb07d7ac63db0a32c14a61992c8d1964c235fbc1316
7a2af4d72a651950413c444e8ecc6da7c6558bbadebf7535b079505bdbbe8c73
7a89d902b3fc8e6e58487efd529cd7dfde6f6bffe7263015e5aa7ff639ca7694
7aabad4f39f20b7b1133a4b537dcdec45083712642462d8a6c4ab761de91946e
7af7adebf7aa976a359422998a621b90b8a46a16f5373c05064c6184887a2872
7c93346d4f681a0be90d1dfc19346382a4700f1810f41caa54415688dee1777f
7c9ea4050ed8821dfd43139cef538b38d29e15e237dd0fdc7293b1e15cf2505d
7dda27a21d2cab5ef52a86f04ce507219dda8ab16bf52f19de0000673f9e5055
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
7e677e4ae5d4bf2dfa8304d03888bf6c7304dc3dfec6cb1d5c29fa2273328857
7e76c98088b3e894f10637cf75b895990311ef9243ddd9804f067b54f72369b9
7e8032445e68301bb2e3ff634f39a0c42f9f19b8b16a79831067054e6f7720a4
8063e5a51719c58189c7d5209a5f37b34d14764198145a3f84bfd11c062f11d2
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
81a4bd27e957576653d3059ac699bf25e16698b98a98e26a6a84cf1d6d9660b5
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8353d483c0ce87da93fb48b63641219255974263cd8c35bf97dc555d222212a1
839c424b188a9bdafd46e5b643a2c5afb4b7df5e51f0321ffafd5f23b118e259
847eb36b4dc4b05f94052dcd98077319e74d882334a106bb9ca451ba211c9c2c
853a8c7e34be5549a44fc541e13876f5c2838123142f527dab2265950feaeefb
8672124d47e1720f56e9506adb80f75e880024eef8eeff01af426aa0d44f6b56
8b810f1d6c9c09f151e83b74626ee412411683ef6c247520f049d2bacadf5db9
8b9b81833890ca4d17a848f43d9e0a2f9901c114841bfda055c7b0855c8ba861
8d22341f68e20d3487a0f5ddb61f01a9303fd39b6025b0a9a4eb2ed7350bf442
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e4196faa28def3b310eed8c11827e29b55f9f3d2bfdd31d3d72669fea7f8c92
8e5488b0b92b5f015dfd5cf5a95c6b6881015da1d26d1caf76a6bf2dd41347de
8e7c0b0b1c36228ba736e564a00405f72bf3b6bcfe6ac826cde2b6b9c14e55ea
8e8d1b84d90889ff0de395c4837ca2affef95d29e82b9b0f2253d75bfb20c240
8ee395b358a3541aab810e49c3848842b46f62de07981079da3b98ef3e21d84b
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
92813fc83e52b2ebc494465b144483d07e7552fc936261292c1ffa977d0118f3
92d8d6834b3b0c9f8cfaeed2b4f304254ab61a46240612a18bd5eb120c25b8a9
941c63db5ac79fd4fb0c12b1df304c1ef103763b3a246a22a6c985c2a51a2df8
94f9dc3fe1126d55053b1638ed35e036916f5e407a2651e0222adf5f6ee8b75d
94ff72f0e7d4d5fb406082c4572aeb6514c4e32266aec78e93edbb03e9cf9628
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
96abf166b3cbb5f7df525d86fdeeeccea4af3c120b19bc26b0613530a94e8b44
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
98a8b7a18e13ec8637b1d3b4b251ab8aa463bb729516edc2dc3fb5f6f5ede91c
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a66c87f217ace1676cc9bddaf809ffdc65f4accb691270d4a8c85c942fd9c98
9b4e67b5af3df566b6dffbb0fe53615be9ad13f80af74a3b1824620b56f71051
9b73972f3c2015e1efa58ab9d4641d6261f4d59a5f32ac1375a9f63f1bdd9044
a0391aa9568c39968f3449757e35ca11be6a0b0f528f7cb5d9afa179d59f51e0
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a2313a8caff0f28e51483dcc3ebbedb852aba3a8fc315e3e23715376302c4530
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a602a3ef446af77c84c0a2703ed232ae87b191a438b6f754691f05ea53640543
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032
a772cd8843fbb552bbefb5407195efebc73307d159d1914e9aea45eb76510174
a8f15d7e3248b85bd89d7ed891e065f97cb7daa7a5d064593dfabb7117359f82
a931e5af561b1f0efaf6cdb96aeac4c035c30756dd6edd1091da1a68747d35bc
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ae8017866a6744d35f26aa9da389e9771d40bcae3ee65df4c1b5e16e57b09fda
af34801805c5272046b85ca11e3903115878ce888aa1d9aae390e4fa60506c86
af46bfc9d699a83ae8aeb7257b3f01302776ac050a83339474a5cb78c44f7eda
b01b9768a1c70eb6bb53b43e4e2b4d95637914be5308297aeb05d6fdec9e85c2
b0a585ffc56c640df80dbc13b94613a571ae899a21c14de7489322a7a4696cb5
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1bbcbe855eb69dbca752b0ccfdbf8d9015f37906a46763ac3aa8e54279de3c2
b394d33b2a7ec654a6b037ebfda6618341b3f897a362be624c923c2711b54a43
b4f3e6ecda07bad63ba069fab25e9668723129857ac17b722fd9ed4d430f2f0b
b4ffb2d8aea23208a28fcbf536efad1f0553619e3dadab7f3d68213a52aa57db
b52a8fbe42adbf76a7913564e0ed4591fd6352c4fb356c0040c80125b0dfb5c5
b5592fb740954d5a92e2c24d18ddc4af2e53d42da3ad30e2a44c793d49a45f69
ba92f31903d0ed43a15811c0506b1c357fa04ff643140a3c0e162dfc66cd37eb
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd22e5f82e8b3af4ce795195e8bd906dcf46345292aa2e9e2e8a9e175d2d048f
be3b1ca3a392481d33d0571a701e9c49349a63cbf94b5b5455f8378740fd8ac1
c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7
c1e253200f916f76ff84eed9148f10f19670158475f152653d064f4c6127558d
c1e99246f2311da26759ec1a15fd7b4ce66810d9cc15812c56356fb8e0ad3125
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2d093a8b29c0692ee394e2460f3cbec9609939483301e6c1b78a2c9e0336cc0
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c37a134e735f9a3dc9916bbed8f5e576f89b9f26537a59544d74004962b1a8ef
c389e9de7f204cae211974287123083e2f552b283238fa5f0c77ed6a92d07127
c59a487b27a2c9249442a1baf5e4a49dd83e66223ca7fe7fb38afd56f44afecf
c6df03d6bd1a8ca1ce49d6b92d5fd80d5c1358191040696703718ce2054b1b2b
cb2e82355927b12155d9455aa6b5cca86252379428cd8cde028a282bee334e38
cb617b10a79ec4d66602780648c21213134061f0706dbc683c09c56e1fce21b6
cccba065a0e962f62ca114793d18ada30e87cf7a48900c1e7486e8e4c57a05b9
cd12ca05d709dd0b3c2311b4769f62a34acce283c3c41d90683f31d10f901508
ce33815b4c0f7c15686c773ff8b0e5092b36696a6c758ef499dc32e5a8f01e9a
cea22d911e92222dbfede091756ddef209ca86a941285df534ee94e93fd31e3e
cf2c52786322f91f1cb6f72fd654b9836e3e221887ba95f174d66fc030a7a977
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cff8001763a4cb0cb81352e07fb9927790673baaeda29140c072f30c5933cf10
d262b04633fbcfb934184c79a2d1786fa24576ad6f7ccc40c5ba0aa540de9d54
d299789f710047a8621557f56d8023c4baf9093387e18c83165ae1fdc48f6d1d
d34e0dd2981fe75a6d2367d361cc6c809ea53def8a505aa297562258c3e8114f
d36efd703746975255c0c39798c9a1f6af8fe05bb251f10f272a0a5899895f41
d878317c914e200c9207ada2120a4ba768e1ff623ffbb1f3285e40e8bc427af8
d94741d73e4500db83b9e05383f2ac96c80e5c6741314a7adb72312c3f405cf9
d9710137633935670cbc61edffeb037b58991b5ce4004bb6e8376d9ee104bbac
dc094e0d8fee5b941e182b83fea4c5663bbeaae3e8cec5838dcdd85fa73dd52e
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de6f62c798f4ded375ac0963d17d281254a91029a44209f3b9c68d4d4ec514ed
e26295dc80fbef5694a3fb508233ea40e6f84cde70e6aad7351312cbf3befd10
e290af9c92da520199583b6f272baac3b7d612d951cce95a71b59a421e67d194
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4e7dc2f4147576fc4ab42c7adcc24f49130ef3af15728075dc1eb6f5f3fe57f
e547039b0ccff6e54f10b2f47d587febe1425133aade331f0b397a8d5e2f0bd6
e591140282de216623d2f7873b527f837606305ae597fb3ea3040ead240f384d
e649b7248c6654b2f9b8fbd1de068ac6ea88568a2a9f4e27c61de53db44ad0ac
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e99637cc812b1a2d3322547fc6a30f96614121d497b28cba1fedd92eeaeded67
ea43af75a38f729cdf36f0ea31e0903f00d24bc2f84f7274d13a2094f4fef5c1
ebe50d0db7b31a6fd68843827f50f1e6e4f960e5506ffbcf11867362d2e5b183
ebf690a3dbb1cc85abbe0da33b0d4d3431873e69c97ead84ee79f1cef173fcba
eda395333e0d95ada41d7d39728123ac83269346b564641790417bdd0ff9404a
eed718871adc30ae0f77245540b4d10df97057e100f18a88e46cd6bc3ece060b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efc737b4f58cfe73a9bd0e57d7570365701381da31e628b269e7217a0ce3359d
f086e62a5ad212baa7d002ca0ec5611e2b1cf8ad5689d213aab9e14dfc844012
f221adec10d37c10bb6e652f396f6918221183972ee951efe36da2ab9fd37387
f225637a1bf45e162a500b29cfe8971759957b7881bff5b16c074f6f291f570d
f386b57b9e1bb57870aa29a9dbe60e3e2d05999e470166453ee906b16a6903ba
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c
f6183f3532ebf27b9ad22503d9365fb4789d9522563316eab7e20723062ac4ad
f7fc64440f3353cb63c713aa3271fd0850688ef47bb855d8533d103754811c15
f90e86e415fef9aea8d31405a00fde59f92c5968762d3f9fa78a2c386a32ff09
fb7862c8ef0a05693595930dd537fb67eb33ec85bfa75ff4cc3c8f5e55ecbbc2
fbb0bbadd603de28104770b585ed6066942f1fc7b0f934865cd4bf28d7a51d4d
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb
fe02c6f5a37c72317bbd729b31e3b19ad08e8ccf0f22c2553f3417353d9d63b1
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

www.picuki.com Open in urlscan Pro 172.67.68.160 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

752 Requests

80 %HTTPS

27 %IPv6

133 Domains

228 Subdomains

158 IPs

16 Countries

8066 kBTransfer

13182 kBSize

174 Cookies

13 Outgoing links

Redirected requests

752 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.picuki.com Open in urlscan Pro
172.67.68.160 Public Scan

Screenshot
Live screenshot

Full Image

752
Requests

80 %
HTTPS

27 %
IPv6

133
Domains

228
Subdomains

158
IPs

16
Countries

8066 kB
Transfer

13182 kB
Size

174
Cookies

752 HTTP transactions
1 data transactions