player.tubia.com Open in urlscan Pro
2606:4700:21::681b:c358 Public Scan

URL:
http://player.tubia.com/
Submission: On August 20 via manual (August 20th 2021, 11:32:50 am UTC) from MO

Summary HTTP 65 Redirects Behaviour Indicators

Summary

This website contacted 34 IPs in 9 countries across 31 domains to perform 65 HTTP transactions. The main IP is 2606:4700:21::681b:c358, located in United States and belongs to CLOUDFLARENET, US. The main domain is player.tubia.com.

This is the only time player.tubia.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	2606:4700:21:... 2606:4700:21::681b:c358	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	143.204.98.86 143.204.98.86	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	13.224.96.5 13.224.96.5	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:303... 2606:4700:3034::6815:5192	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 4	54.194.226.253 54.194.226.253	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:20e... 2600:9000:20eb:9a00:4:cd76:8580:93a1	16509 (AMAZON-02) (AMAZON-02)
2 2	37.252.172.249 37.252.172.249	29990 (ASN-APPNEX) (ASN-APPNEX)
1	52.18.12.237 52.18.12.237	16509 (AMAZON-02) (AMAZON-02)
9 11	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	104.111.215.191 104.111.215.191	16625 (AKAMAI-AS) (AKAMAI-AS)
4 5	52.215.67.233 52.215.67.233	16509 (AMAZON-02) (AMAZON-02)
1	107.21.238.20 107.21.238.20	14618 (AMAZON-AES) (AMAZON-AES)
1	18.158.92.16 18.158.92.16	16509 (AMAZON-02) (AMAZON-02)
1 2	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a04:4e42:3::485 2a04:4e42:3::485	54113 (FASTLY) (FASTLY)
2	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
2	52.28.122.36 52.28.122.36	16509 (AMAZON-02) (AMAZON-02)
4 7	37.252.172.250 37.252.172.250	29990 (ASN-APPNEX) (ASN-APPNEX)
2 11	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2.18.232.130 2.18.232.130	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	3.124.143.99 3.124.143.99	16509 (AMAZON-02) (AMAZON-02)
4 4	3.121.111.29 3.121.111.29	16509 (AMAZON-02) (AMAZON-02)
2 2	18.196.123.190 18.196.123.190	16509 (AMAZON-02) (AMAZON-02)
3 3	185.29.134.244 185.29.134.244	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	2620:116:800d... 2620:116:800d:21:f916:5049:f87f:108e	16509 (AMAZON-02) (AMAZON-02)
3 4	37.157.2.237 37.157.2.237	198622 (ADFORM) (ADFORM)
2 3	76.223.111.131 76.223.111.131	16509 (AMAZON-02) (AMAZON-02)
1	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	213.155.156.185 213.155.156.185	1299 (TELIANET ...) (TELIANET Telia Carrier)
7	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	185.64.190.81 185.64.190.81	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	51.79.83.225 51.79.83.225	16276 (OVH) (OVH)
2 2	18.198.69.109 18.198.69.109	16509 (AMAZON-02) (AMAZON-02)
1	159.253.128.183 159.253.128.183	36351 (SOFTLAYER) (SOFTLAYER)
1	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
65	34

4 2606:4700:21::681b:c358 (United States)

ASN13335 (CLOUDFLARENET, US)

player.tubia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.tubia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.98.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-86.fra50.r.cloudfront.net

cdn.tubia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.96.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-5.zrh50.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3034::6815:5192 (United States)

ASN13335 (CLOUDFLARENET, US)

ana.headerlift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pub.headerlift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.194.226.253 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-226-253.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
id.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:20eb:9a00:4:cd76:8580:93a1 (United States)

ASN16509 (AMAZON-02, US)

hb.improvedigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.172.249 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.18.12.237 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-12-237.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.184.226 (United States) 9 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.215.191 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.215.67.233 (Dublin, Ireland) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-67-233.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.21.238.20 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-21-238-20.compute-1.amazonaws.com

thrtle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.158.92.16 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-92-16.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:3::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.28.122.36 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-122-36.eu-central-1.compute.amazonaws.com

ice.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 37.252.172.250 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 35.244.159.8 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

funtomic-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.232.130 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.124.143.99 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-143-99.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.121.111.29 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-111-29.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.196.123.190 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-123-190.eu-central-1.compute.amazonaws.com

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.29.134.244 (United Kingdom) 3 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:f916:5049:f87f:108e (United States) 1 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.2.237 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 76.223.111.131 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.185 (Uppsala, Sweden) 2 redirects

ASN1299 (TELIANET Telia Carrier, SE)
PTR: 213-155-156-185.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.79.83.225 (Beauharnois, Canada) 1 redirects

ASN16276 (OVH, FR)
PTR: pikafka-5.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.198.69.109 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com

loada.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.253.128.183 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: b7.80.fd9f.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:110:c305::8000 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	doubleclick.net 9 redirects cm.g.doubleclick.net securepubads.g.doubleclick.net	118 KB
12	pubmatic.com hbopenbid.pubmatic.com ads.pubmatic.com image6.pubmatic.com image2.pubmatic.com image4.pubmatic.com simage2.pubmatic.com	25 KB
11	openx.net 2 redirects funtomic-d.openx.net eu-u.openx.net us-u.openx.net	3 KB
10	adnxs.com 6 redirects secure.adnxs.com ib.adnxs.com acdn.adnxs.com	25 KB
7	tubia.com player.tubia.com cdn.tubia.com api.tubia.com	765 KB
6	crwdcntrl.net 1 redirects tags.crwdcntrl.net bcp.crwdcntrl.net sync.crwdcntrl.net id.crwdcntrl.net	15 KB
5	criteo.com 1 redirects gum.criteo.com mug.criteo.com dis.criteo.com	2 KB
5	bidr.io 4 redirects match.prod.bidr.io	3 KB
4	adform.net 3 redirects c1.adform.net	2 KB
4	bidswitch.net 4 redirects x.bidswitch.net	2 KB
3	adsrvr.org 2 redirects match.adsrvr.org	1 KB
3	mathtag.com 3 redirects sync.mathtag.com	2 KB
2	exelator.com 2 redirects loada.exelator.com	3 KB
2	onaudience.com 1 redirects pixel.onaudience.com	736 B
2	de17a.com 2 redirects d5p.de17a.com	637 B
2	mfadsrvr.com 2 redirects rtb.mfadsrvr.com	1 KB
2	w55c.net 2 redirects pm.w55c.net	2 KB
2	360yield.com ice.360yield.com	1 KB
2	improvedigital.com hb.improvedigital.com	153 KB
2	headerlift.com ana.headerlift.com pub.headerlift.com	2 KB
1	yahoo.com pr-bh.ybp.yahoo.com	839 B
1	simpli.fi um.simpli.fi	609 B
1	quantserve.com 1 redirects pixel.quantserve.com	499 B
1	googletagservices.com www.googletagservices.com	25 KB
1	jsdelivr.net cdn.jsdelivr.net	1 KB
1	agkn.com aa.agkn.com	412 B
1	thrtle.com thrtle.com
1	bluekai.com tags.bluekai.com	304 B
1	google-analytics.com www.google-analytics.com	19 KB
1	google.com.tr adservice.google.com.tr
1	googleapis.com imasdk.googleapis.com	119 KB
65	31

	Domain	Requested by
11	cm.g.doubleclick.net	9 redirects bcp.crwdcntrl.net eu-u.openx.net
7	eu-u.openx.net	2 redirects hb.improvedigital.com eu-u.openx.net
7	ib.adnxs.com	4 redirects hb.improvedigital.com acdn.adnxs.com
5	match.prod.bidr.io	4 redirects eu-u.openx.net
4	image2.pubmatic.com	ads.pubmatic.com
4	c1.adform.net	3 redirects ads.pubmatic.com
4	x.bidswitch.net	4 redirects
3	simage2.pubmatic.com	ads.pubmatic.com
3	match.adsrvr.org	2 redirects eu-u.openx.net
3	sync.mathtag.com	3 redirects
3	us-u.openx.net	eu-u.openx.net
3	bcp.crwdcntrl.net	1 redirects tags.crwdcntrl.net bcp.crwdcntrl.net
3	cdn.tubia.com	player.tubia.com
3	player.tubia.com	player.tubia.com
2	loada.exelator.com	2 redirects
2	pixel.onaudience.com	1 redirects ads.pubmatic.com
2	d5p.de17a.com	2 redirects
2	rtb.mfadsrvr.com	2 redirects
2	pm.w55c.net	2 redirects
2	ads.pubmatic.com	hb.improvedigital.com ads.pubmatic.com
2	ice.360yield.com	hb.improvedigital.com
2	securepubads.g.doubleclick.net	www.googletagservices.com
2	mug.criteo.com
2	gum.criteo.com	1 redirects
2	secure.adnxs.com	2 redirects
2	hb.improvedigital.com	player.tubia.com hb.improvedigital.com
1	pr-bh.ybp.yahoo.com	ads.pubmatic.com
1	um.simpli.fi	ads.pubmatic.com
1	image4.pubmatic.com	ads.pubmatic.com
1	dis.criteo.com	ads.pubmatic.com
1	image6.pubmatic.com	ads.pubmatic.com
1	pixel.quantserve.com	1 redirects
1	acdn.adnxs.com	hb.improvedigital.com
1	hbopenbid.pubmatic.com	hb.improvedigital.com
1	funtomic-d.openx.net	hb.improvedigital.com
1	id.crwdcntrl.net	hb.improvedigital.com
1	www.googletagservices.com	hb.improvedigital.com
1	cdn.jsdelivr.net	hb.improvedigital.com
1	aa.agkn.com	bcp.crwdcntrl.net
1	thrtle.com	bcp.crwdcntrl.net
1	tags.bluekai.com	bcp.crwdcntrl.net
1	sync.crwdcntrl.net	bcp.crwdcntrl.net
1	pub.headerlift.com	hb.improvedigital.com
1	ana.headerlift.com	player.tubia.com
1	tags.crwdcntrl.net	player.tubia.com
1	www.google-analytics.com	player.tubia.com
1	api.tubia.com	player.tubia.com
1	adservice.google.com.tr	player.tubia.com
1	imasdk.googleapis.com	player.tubia.com
65	49

This site contains no links.

Subject Issuer	Validity	Valid
*.tubia.com Amazon	`2021-03-26` - `2022-04-24`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.google.com.tr GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-16` - `2022-06-15`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2021-04-29` - `2022-05-31`	a year	crt.sh
improvedigital.com Amazon	`2021-05-05` - `2022-06-03`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-26`	a year	crt.sh
*.thrtle.com Go Daddy Secure Certificate Authority - G2	`2021-03-22` - `2022-04-23`	a year	crt.sh
*.agkn.com RapidSSL RSA CA 2018	`2020-07-25` - `2022-09-18`	2 years	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-30` - `2022-06-01`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-06-27` - `2021-09-24`	3 months	crt.sh
*.360yield.com Amazon	`2021-07-29` - `2022-08-27`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2020-12-07` - `2021-12-14`	a year	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2021-03-11` - `2022-02-07`	a year	crt.sh
*.match.prod.bidr.io Amazon	`2021-02-26` - `2022-03-27`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
*.onaudience.com Certyfikat SSL	`2021-05-28` - `2022-05-28`	a year	crt.sh
*.simpli.fi DigiCert SHA2 Secure Server CA	`2019-09-18` - `2021-12-12`	2 years	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-03-29` - `2021-09-22`	6 months	crt.sh

This page contains 8 frames:

Primary Page: http://player.tubia.com/
Frame ID: 4A99DE42D131CD41DD467AD69BE730BD
Requests: 26 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/5/ct=y/c=13997/rand=200860655/pv=y/med=video/genp=domain%20%3A%20http%3A%2F%2Fplayer.tubia.com/rt=ifr
Frame ID: CAA863B2F6FA996F64CCE761F35FBC5C
Requests: 7 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156946
Frame ID: 7E41F942B8D1D3502F9D59E044F13B4B
Requests: 13 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=99b069cd-78e4-45e6-85da-d821a10d799d&gdpr=1
Frame ID: E9C83AA500B5083102EF207FC421E292
Requests: 11 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: C061AAB33895E9D1BF32EF570462BDFB
Requests: 3 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=8A73008D-7EE6-44FD-92D7-C3A5070FF82D
Frame ID: 35BEFBD5571A8C3A3B6D2BAC9B5494C4
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3725453312507858924
Frame ID: 76F357209738E61E7D472F84579C39D8
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 61FDFA95063B9D1D789CE7BEB9316FFE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Tubia

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

65
Requests

92 %
HTTPS

24 %
IPv6

31
Domains

49
Subdomains

34
IPs

9
Countries

1269 kB
Transfer

3339 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

https://bcp.crwdcntrl.net/5/c=13997/rand=200860655/pv=y/med=video/genp=domain%20%3A%20http%3A%2F%2Fplayer.tubia.com/rt=ifr HTTP 302
https://bcp.crwdcntrl.net/5/ct=y/c=13997/rand=200860655/pv=y/med=video/genp=domain%20%3A%20http%3A%2F%2Fplayer.tubia.com/rt=ifr

Request Chain 14

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc=281%2Frand=716618270%2Ftpid%3D%24UID%2Ftp%3DANXS HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.crwdcntrl.net%252Fmap%252Fc%3D281%252Frand%3D716618270%252Ftpid%253D%2524UID%252Ftp%253DANXS HTTP 302
https://sync.crwdcntrl.net/map/c=281/rand=716618270/tpid=5940118447309495634/tp=ANXS

Request Chain 15

https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=NjMzM2FmMjcyMTEzOGFkMDhiMTI1ODRlMzFjZWMzOGE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=NjMzM2FmMjcyMTEzOGFkMDhiMTI1ODRlMzFjZWMzOGE&google_tc=

Request Chain 17

https://match.prod.bidr.io/cookie-sync/lotame HTTP 303
https://match.prod.bidr.io/cookie-sync/lotame?_bee_ppp=1 HTTP 303
https://bcp.crwdcntrl.net/map/c=9130/tp=BEES/tpid=AADrcU7CPyYAACD4QP8nsQ

Request Chain 23

https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fplayer.tubia.com%2F&domain=player.tubia.com&cw=1 HTTP 302
https://mug.criteo.com/sid?cpp=pgHsY3xJNUJVM0xSRldIb2wxSkIyMlVRSjI5SVhIL1pweU5HWHpyMkwvQ3BhTHZSaWFWdGhocGl2VDhqcUp1SUdEbmRKeCt4YlljZUpZL1hwbEh6Mkp0YzgvTkFtZ0FTVEx0dmFmODFIOGhkaXEzaWlScTN6WnRWa2J5bS9jZzJaWThtbk1odjZLc1RQL0RwY21ZQnVwMVo4ZFd0M1IzSHY5bWRzUHZmeWNtSldCaW9hRmp1T0FkR0dSTlV2clhFNTVYS1RxSnRnWXh4bTJPdE9mR3R2TStxRU9WejFTK1plVDk5bHY4THVWdDRncWdvPXw&cppv=2

Request Chain 35

https://eu-u.openx.net/w/1.0/pd?plm=10&ph=99b069cd-78e4-45e6-85da-d821a10d799d&gdpr=1 HTTP 302
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=99b069cd-78e4-45e6-85da-d821a10d799d&gdpr=1

Request Chain 37

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=GxnSgSUF1Mh2Li5

Request Chain 38

https://x.bidswitch.net/sync?ssp=openx HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=openx HTTP 302
https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_user_id=ba301b43-ec27-4592-a71b-f8cd5a379638 HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_user_id=ba301b43-ec27-4592-a71b-f8cd5a379638 HTTP 302
https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=5e9f85bf-f2a1-4cb5-8d00-42f127ffdcbb&ssp=openx HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=250&expires=14&user_id=5e9f85bf-f2a1-4cb5-8d00-42f127ffdcbb&ssp=openx HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072968&val=1bfd916a-0d0d-4fb2-a6fc-da57da1dcfb5

Request Chain 39

https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072399%26val%3D%24UID HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=1031495479282648805 HTTP 302
https://eu-u.openx.net/w/1.0/sd?cc=1&id=537072399&val=1031495479282648805

Request Chain 40

https://match.prod.bidr.io/cookie-sync/ox HTTP 303
https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFBQjZFN0NQeVlBQUJ5VzNuWU9TQQ&bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFBQjZFN0NQeVlBQUJ5VzNuWU9TQQ&bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1&google_tc= HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1

Request Chain 41

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=8538611f-92d4-4300-8e66-1944a870f15d

Request Chain 42

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=dFxSZntfBzNvC1IyI15OOCRcWjFvWAJhcFs8rKSv

Request Chain 43

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7727489179939750127

Request Chain 45

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NmQ5MjVjNGUtMTJlYi02YTI2LTRmN2QtMjVmZTA3ODYzYTcw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NmQ5MjVjNGUtMTJlYi02YTI2LTRmN2QtMjVmZTA3ODYzYTcw&google_tc=

Request Chain 46

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMnDlPsLby30WP8V597EEec&google_cver=1

Request Chain 47

https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Request Chain 51

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3725453312507858924

Request Chain 53

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=inMAjX7mRP2S18OlBw_4LQ%3D%3D HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 54

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=8f82611f-92d5-4400-b5dc-7fb5e68d9129

Request Chain 55

https://pixel.onaudience.com/?partner=214&mapped=8A73008D-7EE6-44FD-92D7-C3A5070FF82D HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25 HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1 HTTP 302
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=8d8ed73b0824b1ff786eed36a089d051

Request Chain 56

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OEE3MzAwOEQtN0VFNi00NEZELTkyRDctQzNBNTA3MEZGODJE&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 57

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECNUh85FoH789nmLRUBKrp4&google_cver=1

Request Chain 59

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7727489179939750127

Request Chain 60

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:0426611f-92d5-4b00-b5cb-927e059cd688&gdpr=0&gdpr_consent=

Request Chain 61

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=5f9df31d-42c3-4971-80b7-92fdb7183703

Request Chain 62

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1031495479282648805&gdpr=0&gdpr_consent=

65 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
player.tubia.com/ 573 B
2 KB 55ms
40ms Document
text/html 2606:4700:21::681b:c358
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://player.tubia.com/
Protocol: HTTP/1.1
Server: 2606:4700:21::681b:c358 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 685470567f9b293199172c294578f0979385d6fbcd6cc9d68206a5276ac4dd02

Request headers

Host: player.tubia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 20 Aug 2021 11:32:28 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-GUploader-UploadID: ADPycdvI68KfcODbkQJ9WzWZ71i9c7dUR0srqFkn-LJ_Qce4buwwHlhMu_KKSPSZB4c9VlqlgmJp28T884jtHbDgLmfg295c6g
Expires: Fri, 20 Aug 2021 12:26:38 GMT
Last-Modified: Tue, 06 Jul 2021 10:56:44 GMT
x-goog-generation: 1625569004834656
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 573
x-goog-meta-goog-reserved-file-mtime: 1625568946
x-goog-hash: crc32c=W0UI2w== md5=6SdPO6K2/LrnLPivySfr5w==
x-goog-storage-class: STANDARD
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type
Age: 350
Cache-Control: public, max-age=3600
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2U5GIujrLl2qhIvAMcuVjc4%2F%2FMCrGixBrqbYbreBv9ZWRLxFruZvGH0i1uMu6%2BbvUufJppU5z6riMzS1mP1%2FRFrDuoAXvpvT1RSNBuFFHSSQg4LPuNgzzxgVWlibSW5nbrHqqqo%2BFbKng29Ca2I%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 681b4d1f9afbc2e0-FRA
Content-Encoding: gzip

GET
H/1.1 200
OK main.min.css
player.tubia.com/libs/gd/ 86 KB
15 KB 16ms
15ms Stylesheet
text/css 2606:4700:21::681b:c358
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://player.tubia.com/libs/gd/main.min.css
Requested by: Host: player.tubia.com
URL: http://player.tubia.com/
Protocol: HTTP/1.1
Server: 2606:4700:21::681b:c358 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5cb5ff03a1aa441743fcc88a365efb32e0b40a2c805d7f9bd283c60b97f7dbb8

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: player.tubia.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://player.tubia.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://player.tubia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=UkqbQg== md5=908ne7ERzcQS2hNTFXMGVQ==
Date: Fri, 20 Aug 2021 11:32:28 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1625568998
Age: 2414
X-GUploader-UploadID: ADPycdsL0Xb4_pTx1l7PUdlD4Qb8_qQhPWurA6Q2bg4z-PN4mAl048q9UeFmrpn16PgwcPU3mXQR9MSt0wdWDBnN4K8
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Connection: keep-alive
Content-Type: text/css
Last-Modified: Tue, 06 Jul 2021 10:56:45 GMT
Server: cloudflare
ETag: W/"f74f277bb111cdc412da135315730655"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vEMqhjZdbxJPuyDx2%2BuCg6d%2FcxBt5bb4AYS71%2FLENCPkd9o8ZeSuLHwv%2F8vjVYcOVeBd80pLFZNP4H3jeWxlDT4HtD2aN5Nt%2FfDIr24lKSgFLS8sOa6krdS7R5DrrTSJwK%2Bol4JYRaUhalBAAOA%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1625569005188614
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type
Cache-Control: public, max-age=14400
Transfer-Encoding: chunked
x-goog-stored-content-length: 87585
CF-RAY: 681b4d1feb6ac2e0-FRA
Expires: Fri, 20 Aug 2021 11:52:14 GMT

GET
H2 200 lottie.min.js Show response
cdn.tubia.com/media/ 243 KB
62 KB 157ms
55ms Script
text/javascript 143.204.98.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tubia.com/media/lottie.min.js
Requested by: Host: player.tubia.com
URL: http://player.tubia.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-86.fra50.r.cloudfront.net
Software: UploadServer /
Resource Hash: 1bccdb9d5ae278996857f388e8a088a552af3f9b961b1a89e7dfd9ef0fcc8400

Request headers

Referer: http://player.tubia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 02:41:20 GMT
content-encoding: gzip
age: 61421
x-guploader-uploadid: ADPycdsRs6Il12VM4ErGOe0g4RIFS-wv86Jmga6C0TfAUjcflSoxe4uQ-er0lhtmraC5Hn5vIgJJyR_Fk18tFPlj5b4bOZop3A
x-cache: Hit from cloudfront
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
access-control-allow-origin: *
last-modified: Wed, 17 Jul 2019 10:22:35 GMT
server: UploadServer
etag: W/"6e3a16333a39f26480fed0820899e659"
vary: Accept-Encoding
x-goog-hash: crc32c=qClaDQ==, md5=bjoWMzo58mSA/tCCCJnmWQ==
x-goog-generation: 1563358955626965
via: 1.1 32e4d419823b7f8df8417a8b18c9602d.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
x-goog-stored-content-length: 249081
x-amz-cf-pop: FRA50-C1
content-type: text/javascript
x-amz-cf-id: ZtmsiduQMX6Ehg2Kr3gqKuv0g13ub_hKCvup-uHcu84dyHhhoAfUFw==
expires: Thu, 19 Aug 2021 19:28:47 GMT

GET
H/1.1 200
OK main.js Show response
player.tubia.com/libs/gd/ 1 MB
265 KB 23ms
16ms Script
application/javascript 2606:4700:21::681b:c358
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://player.tubia.com/libs/gd/main.js
Requested by: Host: player.tubia.com
URL: http://player.tubia.com/
Protocol: HTTP/1.1
Server: 2606:4700:21::681b:c358 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6a5a6f6bc7480ed7c5ac028934d3606af75c5b78848f98059eb0b049ce00b69

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: player.tubia.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://player.tubia.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://player.tubia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=cQp1uQ== md5=EpIpOtaziSHOzlh3NTMiDA==
Date: Fri, 20 Aug 2021 11:32:28 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1625568992
Age: 1772
X-GUploader-UploadID: ADPycdu2_rv36701g578sjq9pkGN9d9S-9z9_Vsom_D10zl-NxiwTsYrChNRUHIKMQyT1KxkIAeQvLnRlo3akTCVf8w
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Connection: keep-alive
Content-Type: application/javascript
Last-Modified: Tue, 06 Jul 2021 10:56:45 GMT
Server: cloudflare
ETag: W/"1292293ad6b38921cece58773533220c"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g3b0smxk%2BgYXVcbxeOLfxoIhC5gOKljgFIpnlJWntT7M%2FDw68JdhorJURnaICUGauF9iqTYx3AWeF5Tf%2F36djvIOkZQo4p1QTum80sc5UBLEgZVYm%2F3bhOS%2BjgYs%2FpUd%2B7A6JCfJyVEKebdSF3I%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1625569005227159
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type
Cache-Control: public, max-age=14400
Transfer-Encoding: chunked
x-goog-stored-content-length: 1203194
CF-RAY: 681b4d1fff7e4e37-FRA
Expires: Fri, 20 Aug 2021 12:02:56 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 344 KB
119 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.tubia.com
URL: http://player.tubia.com/libs/gd/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10bda34b2a767f9313bab5797a0a7733d0366cbece27caf11860de930fdc180c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://player.tubia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 11:32:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 121547
x-xss-protection: 0
expires: Fri, 20 Aug 2021 11:32:28 GMT

HEAD
H2 200 integrator.js
adservice.google.com.tr/adsid/ 0
0 50ms
16ms Fetch
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com.tr/adsid/integrator.js?domain=player.tubia.com

Requested by

Host: player.tubia.com
URL: http://player.tubia.com/libs/gd/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://player.tubia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 Aug 2021 11:32:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0

GET
H2 200 / Show response
api.tubia.com/api/player/publishv2/ 4 KB
2 KB 759ms
735ms Fetch
application/json 2606:4700:21::681b:c358
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.tubia.com/api/player/publishv2/?gameid=0&publisherid=dc63a91fa184423482808bed4d782320&domain=player.tubia.com&pageId=4323e2b9f43bcc7ee242bd047efb1fd4&href=http%3A%2F%2Fplayer.tubia.com%2F
Requested by: Host: player.tubia.com
URL: http://player.tubia.com/libs/gd/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::681b:c358 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1821c7da834b68f195debddb1e51cc5927f66e3a0e3db9a161f40a79e4cdaccc

Request headers

Referer: http://player.tubia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 11:32:29 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: *
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bHKbS6mvK8F4wHxswUissD%2Ft2FAXEg%2BitFYP1j9%2BmZ%2BiIUKuK%2FnDWS4YHrwQ2HRSee5xjkSnBjDRn5ryDo6qQ9MccdSCbU5S5GtNc61Xz6coB6mg4NfnleIPdoLyuilTPjtS3DfE6QpHs5c%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=1800
cf-ray: 681b4d20dcfcc27c-FRA
access-control-allow-headers: *
x-hw: 1629459148.dop032.fr8.t,1629459148.cds224.fr8.p

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: player.tubia.com
URL: http://player.tubia.com/libs/gd/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://player.tubia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Jul 2021 18:24:06 GMT
server: Golfe2
age: 1127
date: Fri, 20 Aug 2021 11:13:41 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19672
expires: Fri, 20 Aug 2021 13:13:41 GMT

GET
H2 200 cc.js Show response
tags.crwdcntrl.net/c/13997/ 37 KB
11 KB 139ms
64ms Script
application/json 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/c/13997/cc.js?ns=_cc13997
Requested by: Host: player.tubia.com
URL: http://player.tubia.com/libs/gd/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-5.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 75f254d6def25a64b0becb65504f66a387175022accc79877e285a12daf408cb

Request headers

Referer: http://player.tubia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 13:05:12 GMT
content-encoding: gzip
etag: W/"2c75c6f0f77e7c6160f46b48ae4acab6"
last-modified: Wed, 11 Mar 2020 05:51:41 GMT
server: AmazonS3
age: 80838
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
via: 1.1 a2037d86ccb1a548f20827ebd95a65f3.cloudfront.net (CloudFront)
cache-control: max-age: 86400
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: 0km2087556Sd2vevnCw5DoFGC12y0aqVSP8FzH6cCxMKpuNO6rKjNw==

GET
H2 200 event
ana.headerlift.com/ 0
639 B 52ms
24ms Image
text/plain 2606:4700:3034::6815:5192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ana.headerlift.com/event?tub_id=0&eventtype=0&page_url=http%3A%2F%2Fplayer.tubia.com%2Flibs%2Fgd%2F%3Fgameid%3D0
Requested by: Host: player.tubia.com
URL: http://player.tubia.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:5192 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://player.tubia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Aug 2021 11:32:28 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-headers: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: *
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RX345HSWI%2Fl9SmKWmQh14VKVx0%2BjSMMz9rzasYvHHNJbBtpijuhs%2FEE5wTatNhDnXtUH%2FJMQ2kKON%2B3c6SOjIV2ZsKf3D9wND5FsdXLv6l3xI0J3fnoJVPntVnnRL6aHa9IKDFfyyDdPUzvos4R3r9c%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, must-revalidate
cf-ray: 681b4d20e9584ed9-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 0

GET
H2

200

rt=ifr Show response
bcp.crwdcntrl.net/5/ct=y/c=13997/rand=200860655/pv=y/med=video/genp=domain%20%3A%20http%3A%2F%2Fplayer.tubia.com/ Frame CAA8
Redirect Chain

https://bcp.crwdcntrl.net/5/c=13997/rand=200860655/pv=y/med=video/genp=domain%20%3A%20http%3A%2F%2Fplayer.tubia.com/rt=ifr
https://bcp.crwdcntrl.net/5/ct=y/c=13997/rand=200860655/pv=y/med=video/genp=domain%20%3A%20http%3A%2F%2Fplayer.tubia.com/rt=ifr

1 KB
2 KB

107ms
107ms

Document
text/html

54.194.226.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/5/ct=y/c=13997/rand=200860655/pv=y/med=video/genp=domain%20%3A%20http%3A%2F%2Fplayer.tubia.com/rt=ifr
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/c/13997/cc.js?ns=_cc13997
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.226.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-226-253.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2845f58724fb6e53ec753f7e5b3f2159f513516d1b991d01d3e0ab1426f2c2e2

Request headers

:method: GET
:authority: bcp.crwdcntrl.net
:scheme: https
:path: /5/ct=y/c=13997/rand=200860655/pv=y/med=video/genp=domain%20%3A%20http%3A%2F%2Fplayer.tubia.com/rt=ifr
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://player.tubia.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: _cc_cc=ctst
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://player.tubia.com/

Response headers

date: Fri, 20 Aug 2021 11:32:29 GMT
content-type: text/html;charset=utf-8
content-length: 1381
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.8.148
set-cookie: _cc_dc=1;Path=/;Domain=crwdcntrl.net;Expires=Tue, 17-May-2022 11:05:00 GMT;SameSite=None;Secure _cc_id=6333af2721138ad08b12584e31cec38a;Path=/;Domain=crwdcntrl.net;Expires=Tue, 17-May-2022 11:05:00 GMT;SameSite=None;Secure _cc_cc="ACZ4XmNQMDM2Nk5MMzI3MjQ0tkhMMbBIMjQytTBJNTZMTk0GijAAQaL8pLMgGgK4nz%2F7K8u4NpfhPyMjw7slc1hg7HNHDzHD2Lv3XRaAsXdteMoNYx9ejFB%2F6IslTPjjiVMaMPbfjVPgRp45qQ4TfoakEwBZSTqC";Version=1;Path=/;Domain=crwdcntrl.net;Expires=Tue, 17-May-2022 11:05:00 GMT;Max-Age=23328000;SameSite=None;Secure _cc_aud="ABR4XmNgYGBIlJ90FkhBABMD%2B3UuEJP9uhyQBABAqgPG";Version=1;Path=/;Domain=crwdcntrl.net;Expires=Tue, 17-May-2022 11:05:00 GMT;Max-Age=23328000;SameSite=None;Secure
access-control-allow-origin: *
server: Jetty(9.4.38.v20210224)

Redirect headers

date: Fri, 20 Aug 2021 11:32:29 GMT
content-length: 0
location: https://bcp.crwdcntrl.net/5/ct=y/c=13997/rand=200860655/pv=y/med=video/genp=domain%20%3A%20http%3A%2F%2Fplayer.tubia.com/rt=ifr
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.15.78
set-cookie: _cc_cc=ctst;Path=/;Domain=crwdcntrl.net;SameSite=None;Secure
server: Jetty(9.4.38.v20210224)

GET
H2 200 headerlift.min.js Show response
hb.improvedigital.com/pbw/ 104 KB
33 KB 54ms
13ms Script
application/javascript 2600:9000:20eb:9a00:4:cd76:8580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.improvedigital.com/pbw/headerlift.min.js?t=tubia&page_width=1600
Requested by: Host: player.tubia.com
URL: http://player.tubia.com/libs/gd/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:9a00:4:cd76:8580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 416ce8c3fe96167a1c0a0872972c6ed0b60e1162bd09025327116bc396512629

Request headers

Referer: http://player.tubia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 11:07:55 GMT
content-encoding: gzip
age: 1476
x-guploader-uploadid: ADPycdtOdFqzA31iRUlpJzdH_fK8qV1arPAQBuEC-YNE547ykFvk67fLkRsjew0EUHRK8xeyXdcBzvQAIKOh-wvd9Q
x-cache: Hit from cloudfront
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 32647
last-modified: Thu, 12 Aug 2021 15:23:28 GMT
server: UploadServer
etag: W/"98b56e78f9605d4ccd278b3cc1ca2a5a"
vary: Accept-Encoding
x-goog-hash: crc32c=1bnqOg==, md5=mLVuePlgXUzNJ4s8wcoqWg==
x-goog-generation: 1628781808615814
via: 1.1 d8eef512ab23f23f549b4cd25ac5328d.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
x-goog-stored-content-length: 32647
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-amz-cf-id: plQy4gfI5xaLNnRGFl2DzrhTLLeV8shfc5SGKF9gyxG6Mf_opLcHvg==
expires: Fri, 20 Aug 2021 11:11:58 GMT

GET
H2 200 4a32fe9bf5634737939aebf1a52dc2c7_1920_1080.jpg
cdn.tubia.com/media/pictures/032021/ 209 KB
210 KB 52ms
52ms Image
image/jpeg 143.204.98.86
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.tubia.com/media/pictures/032021/4a32fe9bf5634737939aebf1a52dc2c7_1920_1080.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-86.fra50.r.cloudfront.net
Software: UploadServer /
Resource Hash: 1bf2ee096f83719338faafd67d79cc75b76739f0198f6b38fea47b2b5f7916a0

Request headers

Referer: http://player.tubia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 04:52:40 GMT
via: 1.1 32e4d419823b7f8df8417a8b18c9602d.cloudfront.net (CloudFront)
age: 23989
x-guploader-uploadid: ADPycdueh597_lqRMUKsRXL_tMqbjr3-TkIs11-Jzh5EvLTxH5AvGIL8ZTHiutxgPL7SruVJXTcR9692g_M9LTiVAg
x-cache: Hit from cloudfront
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 214087
last-modified: Tue, 09 Mar 2021 13:40:35 GMT
server: UploadServer
etag: "b6398ca12faeb85514af1d1d309a16ce"
x-goog-hash: crc32c=KrfaPw==, md5=tjmMoS+uuFUUrx0dMJoWzg==
x-goog-generation: 1615297235295383
access-control-allow-origin: *
cache-control: public, max-age=3600
x-goog-stored-content-length: 214087
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: image/jpeg
x-amz-cf-id: s77qPrdDFeYaOxvILRRUQ0Jr_Whqsd6taGKlN4ZhDA6E5C5Aq5wwFw==
expires: Fri, 20 Aug 2021 05:52:40 GMT

GET
H/1.1 200
OK prebid-idhb-v4.43.min.js Show response
hb.improvedigital.com/pbw/prebid/ 382 KB
121 KB 24ms
12ms Script
application/javascript 2600:9000:20eb:9a00:4:cd76:8580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://hb.improvedigital.com/pbw/prebid/prebid-idhb-v4.43.min.js
Requested by: Host: hb.improvedigital.com
URL: https://hb.improvedigital.com/pbw/headerlift.min.js?t=tubia&page_width=1600
Protocol: HTTP/1.1
Server: 2600:9000:20eb:9a00:4:cd76:8580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: UploadServer /
Resource Hash: c47ab7648259974976369369dcbb3c18a4a652409d1b8b949993e55086fab401

Request headers

Referer: http://player.tubia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 17 Aug 2021 15:23:23 GMT
Content-Encoding: gzip
Age: 245346
X-GUploader-UploadID: ADPycdtq6Sq223xZTFM00rh67S3EQAa5hAYQ-qaLMdA_JbNZ-YZ6jM0myl_GKvs4SY2es6zb1kSYFBoBkgnMgMNbtR32p7JWRw
X-Cache: Hit from cloudfront
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
Connection: keep-alive
Content-Length: 122740
Last-Modified: Tue, 10 Aug 2021 15:20:04 GMT
Server: UploadServer
ETag: "921d646fc55a243d7b9ce9e8f8633bcf"
x-goog-hash: crc32c=RjR6bg==, md5=kh1kb8VaJD17nOno+GM7zw==
Content-Language: en
Via: 1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
x-goog-generation: 1628608804075631
Cache-Control: public, max-age=604800,no-transform
x-goog-stored-content-length: 122740
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Content-Type: application/javascript
X-Amz-Cf-Id: ihZS9uWJQAUcjRrpxZqeY_GYoed86JLc5erMDUz353gKn1L8WrB5XA==
Expires: Tue, 24 Aug 2021 15:23:23 GMT

GET
H2 200 opphb Show response
pub.headerlift.com/ 3 KB
2 KB 54ms
25ms Fetch
application/json 2606:4700:3034::6815:5192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub.headerlift.com/opphb?page_url=http%3A%2F%2Fplayer.tubia.com%2F&page_type=tubia&page_width=1600
Requested by: Host: hb.improvedigital.com
URL: https://hb.improvedigital.com/pbw/headerlift.min.js?t=tubia&page_width=1600
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:5192 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5db7c9cd732b9f7815ea48a5d0119faa19f771655fa892aa55ce1bd5ab746b4

Request headers

Referer: http://player.tubia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 11:32:29 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-methods: *
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KyPwGd2OGfun%2FukDSZQT%2BR1GOsaB0h%2FFmvqB5Kt4igmjBkFJnYobyFhtX940xc2UB5jOuiqPY%2FwKhHiep82OsCM9sbu4D3GYOJMpo8Eqfr94T4z42JsLEeNquozpXmCoSXcT0ojqXI%2B2S9JBbxaARhw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: http://player.tubia.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 681b4d260cf64a68-FRA
access-control-allow-headers: *

GET
H2

200

tp=ANXS
sync.crwdcntrl.net/map/c=281/rand=716618270/tpid=5940118447309495634/ Frame CAA8
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc=281%2Frand=716618270%2Ftpid%3D%24UID%2Ftp%3DANXS
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.crwdcntrl.net%252Fmap%252Fc%3D281%252Frand%3D716618270%252Ftpid%253D%2524UID%252Ftp%253DANXS
https://sync.crwdcntrl.net/map/c=281/rand=716618270/tpid=5940118447309495634/tp=ANXS

49 B
265 B

577ms
48ms

Image
image/gif

52.18.12.237
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=281/rand=716618270/tpid=5940118447309495634/tp=ANXS
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=13997/rand=200860655/pv=y/med=video/genp=domain%20%3A%20http%3A%2F%2Fplayer.tubia.com/rt=ifr
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.12.237 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-12-237.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Aug 2021 11:32:32 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.10.10
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

Pragma: no-cache
Date: Fri, 20 Aug 2021 11:32:31 GMT
X-Proxy-Origin: 82.102.19.136; 82.102.19.136; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 0800ccac-d1f1-4cc3-9642-203bc5f41fbe
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.crwdcntrl.net/map/c=281/rand=716618270/tpid=5940118447309495634/tp=ANXS
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame CAA8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=NjMzM2FmMjcyMTEzOGFkMDhiMTI1ODRlMzFjZWMzOGE
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=NjMzM2FmMjcyMTEzOGFkMDhiMTI1ODRlMzFjZWMzOGE&google_tc=

170 B
188 B

126ms
125ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=NjMzM2FmMjcyMTEzOGFkMDhiMTI1ODRlMzFjZWMzOGE&google_tc=

Requested by

Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=13997/rand=200860655/pv=y/med=video/genp=domain%20%3A%20http%3A%2F%2Fplayer.tubia.com/rt=ifr

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Aug 2021 11:32:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 20 Aug 2021 11:32:29 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=NjMzM2FmMjcyMTEzOGFkMDhiMTI1ODRlMzFjZWMzOGE&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 5907
tags.bluekai.com/site/ Frame CAA8 62 B
304 B 270ms
170ms Image
image/gif 104.111.215.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/5907?limit=0&id=f3ba625d7d677b6c45703b31de9ac978
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=13997/rand=200860655/pv=y/med=video/genp=domain%20%3A%20http%3A%2F%2Fplayer.tubia.com/rt=ifr
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-191.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 20 Aug 2021 11:32:30 GMT
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
Content-Type: image/gif

GET
H2

200

tpid=AADrcU7CPyYAACD4QP8nsQ
bcp.crwdcntrl.net/map/c=9130/tp=BEES/ Frame CAA8
Redirect Chain

https://match.prod.bidr.io/cookie-sync/lotame
https://match.prod.bidr.io/cookie-sync/lotame?_bee_ppp=1
https://bcp.crwdcntrl.net/map/c=9130/tp=BEES/tpid=AADrcU7CPyYAACD4QP8nsQ

49 B
265 B

40ms
40ms

Image
image/gif

54.194.226.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/c=9130/tp=BEES/tpid=AADrcU7CPyYAACD4QP8nsQ
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=13997/rand=200860655/pv=y/med=video/genp=domain%20%3A%20http%3A%2F%2Fplayer.tubia.com/rt=ifr
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.226.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-226-253.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Aug 2021 11:32:30 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.10.133
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

location: https://bcp.crwdcntrl.net/map/c=9130/tp=BEES/tpid=AADrcU7CPyYAACD4QP8nsQ
Date: Fri, 20 Aug 2021 11:32:30 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

GET
H2 403 insync
thrtle.com/ Frame CAA8 0
0 1572ms
111ms Image
text/html 107.21.238.20
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thrtle.com/insync?vxii_pid=10014&vxii_pdid=6333af2721138ad08b12584e31cec38a
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=13997/rand=200860655/pv=y/med=video/genp=domain%20%3A%20http%3A%2F%2Fplayer.tubia.com/rt=ifr
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.21.238.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-21-238-20.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 g.json Show response
aa.agkn.com/adscores/ Frame CAA8 103 B
412 B 335ms
274ms Script
application/json 18.158.92.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aa.agkn.com/adscores/g.json?sid=9202507693
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=13997/rand=200860655/pv=y/med=video/genp=domain%20%3A%20http%3A%2F%2Fplayer.tubia.com/rt=ifr
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.92.16 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-92-16.eu-central-1.compute.amazonaws.com
Software: AAWebServer /
Resource Hash: e1ce17fd79478fbb0830c687ff4046c86993acb5fd14fc35b4fd29bed00ce94a

Request headers

Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Aug 2021 11:32:29 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
cache-control: no-cache, no-store, must-revalidate
content-type: application/json
content-length: 103
expires: 0

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 73ms
24ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fplayer.tubia.com%2F&domain=player.tubia.com&cw=1

Protocol

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: http://player.tubia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: http://player.tubia.com
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1396
date: Fri, 20 Aug 2021 11:32:29 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 19ms
6ms XHR
application/json 2a04:4e42:3::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20210820

Requested by

Host: hb.improvedigital.com
URL: http://hb.improvedigital.com/pbw/prebid/prebid-idhb-v4.43.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:3::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8c044d70ab6ffb1b29c0c798a827d4220981eae1e8cb7339494bafc2aa48cc7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://player.tubia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 29974
x-jsd-version: 1.0.1074
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 938
etag: W/"69a-nBpt6K70E48JXlB1qGi8uHZJdnc"
x-served-by: cache-fra19151-FRA
x-jsd-version-type: version
date: Fri, 20 Aug 2021 11:32:29 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK gpt.js Show response
www.googletagservices.com/tag/js/ 72 KB
25 KB 20ms
14ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: hb.improvedigital.com
URL: https://hb.improvedigital.com/pbw/headerlift.min.js?t=tubia&page_width=1600

Protocol

HTTP/1.1

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f87952e4305b87ff3b95d3db09b4e7e25f39633265d5189fe48504f731b352d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://player.tubia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 20 Aug 2021 11:32:29 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "964 / 800 of 1000 / last-modified: 1629411072"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Timing-Allow-Origin: *
Content-Length: 25473
X-XSS-Protection: 0
Expires: Fri, 20 Aug 2021 11:32:29 GMT

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fplayer.tubia.com%2F&domain=player.tubia.com&cw=1
https://mug.criteo.com/sid?cpp=pgHsY3xJNUJVM0xSRldIb2wxSkIyMlVRSjI5SVhIL1pweU5HWHpyMkwvQ3BhTHZSaWFWdGhocGl2VDhqcUp1SUdEbmRKeCt4YlljZUpZL1hwbEh6Mkp0YzgvTkFtZ0FTVEx0dmFmODFIOGhkaXEzaWlScTN6WnRWa2J5bS...

356 B
610 B

143ms
45ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=pgHsY3xJNUJVM0xSRldIb2wxSkIyMlVRSjI5SVhIL1pweU5HWHpyMkwvQ3BhTHZSaWFWdGhocGl2VDhqcUp1SUdEbmRKeCt4YlljZUpZL1hwbEh6Mkp0YzgvTkFtZ0FTVEx0dmFmODFIOGhkaXEzaWlScTN6WnRWa2J5bS9jZzJaWThtbk1odjZLc1RQL0RwY21ZQnVwMVo4ZFd0M1IzSHY5bWRzUHZmeWNtSldCaW9hRmp1T0FkR0dSTlV2clhFNTVYS1RxSnRnWXh4bTJPdE9mR3R2TStxRU9WejFTK1plVDk5bHY4THVWdDRncWdvPXw&cppv=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

86a3cdc317c50edc90aef0da3162e0f7f2b32d60fe0744457ec17216109ddee1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://player.tubia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Fri, 20 Aug 2021 11:32:29 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2237
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Fri, 20 Aug 2021 11:32:29 GMT
location: https://mug.criteo.com/sid?cpp=pgHsY3xJNUJVM0xSRldIb2wxSkIyMlVRSjI5SVhIL1pweU5HWHpyMkwvQ3BhTHZSaWFWdGhocGl2VDhqcUp1SUdEbmRKeCt4YlljZUpZL1hwbEh6Mkp0YzgvTkFtZ0FTVEx0dmFmODFIOGhkaXEzaWlScTN6WnRWa2J5bS9jZzJaWThtbk1odjZLc1RQL0RwY21ZQnVwMVo4ZFd0M1IzSHY5bWRzUHZmeWNtSldCaW9hRmp1T0FkR0dSTlV2clhFNTVYS1RxSnRnWXh4bTJPdE9mR3R2TStxRU9WejFTK1plVDk5bHY4THVWdDRncWdvPXw&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: http://player.tubia.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1776
content-length: 482
expires: 0

GET
H2 200 id Show response
id.crwdcntrl.net/ 77 B
827 B 59ms
44ms XHR
application/json 54.194.226.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id
Requested by: Host: hb.improvedigital.com
URL: http://hb.improvedigital.com/pbw/prebid/prebid-idhb-v4.43.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.226.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-226-253.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 8721534fa38f33c27768536894b9553424bd8842dcfe387346ebbcf4e52fa997

Request headers

Referer: http://player.tubia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Aug 2021 11:32:29 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: http://player.tubia.com
cache-control: no-cache
x-server: 10.45.17.231
access-control-allow-credentials: true
content-type: application/json;charset=utf-8
content-length: 77
expires: 0

GET
H2 200 pubads_impl_2021081801.js Show response
securepubads.g.doubleclick.net/gpt/ 332 KB
116 KB 88ms
34ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081801.js?31062333

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

956130a5128980106fbf0a389ac67dc012d91840bbdd52383b953ade75d52c65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://player.tubia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 11:32:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 18 Aug 2021 08:38:34 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118094
x-xss-protection: 0
expires: Fri, 20 Aug 2021 11:32:29 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 90 B
744 B 97ms
45ms XHR
application/json 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=player.tubia.com

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

c75c662fb3760c569d159f60838a704e2a35b6a24e20212be85c2a4421aeee07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://player.tubia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 Aug 2021 11:32:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87
x-xss-protection: 0
expires: Fri, 20 Aug 2021 11:32:29 GMT

GET
H2 200 hb Show response
ice.360yield.com/ 98 B
513 B 2989ms
1934ms XHR
application/json 52.28.122.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%22135592c89411be9%22%2C%22version%22%3A%227.4.0-JS-6.4.0%22%2C%22referrer%22%3A%22http%3A%2F%2Fplayer.tubia.com%2F%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22headerlift.com%22%2C%22hp%22%3A1%2C%22sid%22%3A%22866%22%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%222f0bf0bd6dbc6c%22%2C%22currency%22%3A%22EUR%22%2C%22bidfloor%22%3A0.0117%2C%22bidfloorcur%22%3A%22USD%22%2C%22pid%22%3A12056270%2C%22tid%22%3A%2285fa9777-e4ab-4092-9a0d-d0f614929ed9%22%2C%22kvw%22%3A%7B%22hb%22%3A%5B%22true%22%5D%2C%22pbct%22%3A%5B2%5D%7D%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A90%7D%5D%7D%7D%5D%7D%7D
Requested by: Host: hb.improvedigital.com
URL: http://hb.improvedigital.com/pbw/prebid/prebid-idhb-v4.43.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.122.36 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-122-36.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 030d7c9ea178a89b20a1cd70f1d7d631bb164b2f1040771195446b7519389ee4

Request headers

Referer: http://player.tubia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://player.tubia.com
date: Fri, 20 Aug 2021 11:32:32 GMT
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 98
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 hb Show response
ice.360yield.com/ 98 B
515 B 2988ms
1934ms XHR
application/json 52.28.122.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2214ac6ce778e6516%22%2C%22version%22%3A%227.4.0-JS-6.4.0%22%2C%22referrer%22%3A%22http%3A%2F%2Fplayer.tubia.com%2F%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22headerlift.com%22%2C%22hp%22%3A1%2C%22sid%22%3A%22866%22%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%223dc5bfaa9ba38f%22%2C%22currency%22%3A%22EUR%22%2C%22bidfloor%22%3A0.0117%2C%22bidfloorcur%22%3A%22USD%22%2C%22pid%22%3A12056270%2C%22tid%22%3A%225f67f667-b7be-4263-9272-5a5f0a6c43f9%22%2C%22kvw%22%3A%7B%22hb%22%3A%5B%22true%22%5D%2C%22pbct%22%3A%5B2%5D%7D%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A90%7D%5D%7D%7D%5D%7D%7D
Requested by: Host: hb.improvedigital.com
URL: http://hb.improvedigital.com/pbw/prebid/prebid-idhb-v4.43.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.122.36 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-122-36.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: ba6c8fdcbea281d86a8ab963439aef0cb21536661d48fd0cba16c34bb13f4540

Request headers

Referer: http://player.tubia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://player.tubia.com
date: Fri, 20 Aug 2021 11:32:32 GMT
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 98
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
697 B 117ms
66ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.improvedigital.com
URL: http://hb.improvedigital.com/pbw/prebid/prebid-idhb-v4.43.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://player.tubia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 20 Aug 2021 11:32:29 GMT
X-Proxy-Origin: 82.102.19.136; 82.102.19.136; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: bde799b5-6614-43bf-a461-5c1340b8103a
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://player.tubia.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 arj Show response
funtomic-d.openx.net/w/1.0/ 174 B
560 B 1064ms
278ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://funtomic-d.openx.net/w/1.0/arj?ju=http%3A%2F%2Fplayer.tubia.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=85fa9777-e4ab-4092-9a0d-d0f614929ed9%2C5f67f667-b7be-4263-9272-5a5f0a6c43f9&nocache=1629459149899&schain=1.0%2C1!headerlift.com%2C866%2C1%2C%2C%2C&aus=970x90%7C970x90&divids=tubia__banner-ad2%2Ctubia__banner-ad&aucs=%2C&auid=540529511%2C540529511&aumfs=12%2C12
Requested by: Host: hb.improvedigital.com
URL: http://hb.improvedigital.com/pbw/prebid/prebid-idhb-v4.43.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.214.0 /
Resource Hash: 2f811440479cea6881c887f4b338a0456a1a20f88a0d51d5d919856a4152ee7d

Request headers

Referer: http://player.tubia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Aug 2021 11:32:30 GMT
content-encoding: gzip
server: OXGW/16.214.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: http://player.tubia.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 164
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
116 B 87ms
46ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: hb.improvedigital.com
URL: http://hb.improvedigital.com/pbw/prebid/prebid-idhb-v4.43.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://player.tubia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://player.tubia.com
date: Fri, 20 Aug 2021 11:32:29 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 84ms
46ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 987
date: Fri, 20 Aug 2021 11:32:29 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 4a32fe9bf5634737939aebf1a52dc2c7_1920_1080.jpg
cdn.tubia.com/media/pictures/032021/ 209 KB
210 KB 39ms
39ms Image
image/jpeg 143.204.98.86
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.tubia.com/media/pictures/032021/4a32fe9bf5634737939aebf1a52dc2c7_1920_1080.jpg
Requested by: Host: player.tubia.com
URL: http://player.tubia.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-86.fra50.r.cloudfront.net
Software: UploadServer /
Resource Hash: 1bf2ee096f83719338faafd67d79cc75b76739f0198f6b38fea47b2b5f7916a0

Request headers

Referer: http://player.tubia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 04:52:40 GMT
via: 1.1 32e4d419823b7f8df8417a8b18c9602d.cloudfront.net (CloudFront)
age: 23990
x-guploader-uploadid: ADPycdueh597_lqRMUKsRXL_tMqbjr3-TkIs11-Jzh5EvLTxH5AvGIL8ZTHiutxgPL7SruVJXTcR9692g_M9LTiVAg
x-cache: Hit from cloudfront
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 214087
last-modified: Tue, 09 Mar 2021 13:40:35 GMT
server: UploadServer
etag: "b6398ca12faeb85514af1d1d309a16ce"
x-goog-hash: crc32c=KrfaPw==, md5=tjmMoS+uuFUUrx0dMJoWzg==
x-goog-generation: 1615297235295383
access-control-allow-origin: *
cache-control: public, max-age=3600
x-goog-stored-content-length: 214087
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: image/jpeg
x-amz-cf-id: 6cy2nZNnOtNJZPoXq667g6AowD428SJBzwsqCweXkG0bNezPBTc3ZA==
expires: Fri, 20 Aug 2021 05:52:40 GMT

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 7E41 14 KB
5 KB 872ms
287ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156946
Requested by: Host: hb.improvedigital.com
URL: http://hb.improvedigital.com/pbw/prebid/prebid-idhb-v4.43.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/user_sync.html?kdntuid=1&p=156946
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://player.tubia.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://player.tubia.com/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=142280
expires: Sun, 22 Aug 2021 03:03:56 GMT
date: Fri, 20 Aug 2021 11:32:36 GMT
vary: Accept-Encoding

GET
H2

200

pd Show response
eu-u.openx.net/w/1.0/ Frame E9C8
Redirect Chain

https://eu-u.openx.net/w/1.0/pd?plm=10&ph=99b069cd-78e4-45e6-85da-d821a10d799d&gdpr=1
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=99b069cd-78e4-45e6-85da-d821a10d799d&gdpr=1

1006 B
860 B

25ms
25ms

Document
text/html

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=99b069cd-78e4-45e6-85da-d821a10d799d&gdpr=1
Requested by: Host: hb.improvedigital.com
URL: http://hb.improvedigital.com/pbw/prebid/prebid-idhb-v4.43.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.214.0 /
Resource Hash: 0d20420a94f95843b74e0d14a1c727d7ebef0cacabc2c139fab8b5eafa262328

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?cc=1&plm=10&ph=99b069cd-78e4-45e6-85da-d821a10d799d&gdpr=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://player.tubia.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=9251b0dd-721b-0b75-004b-b7afa943c7ed|1629459155
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://player.tubia.com/

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=9251b0dd-721b-0b75-004b-b7afa943c7ed|1629459155; Version=1; Expires=Sat, 20-Aug-2022 11:32:35 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1629459155|mOgeginskin0vNomiygu; Version=1; Expires=Sat, 04-Sep-2021 11:32:35 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.214.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Fri, 20 Aug 2021 11:32:35 GMT
content-type: text/html
content-length: 543
content-encoding: gzip
via: 1.1 google
alt-svc: clear

Redirect headers

set-cookie: i=9251b0dd-721b-0b75-004b-b7afa943c7ed|1629459155; Version=1; Expires=Sat, 20-Aug-2022 11:32:35 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.214.0
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=99b069cd-78e4-45e6-85da-d821a10d799d&gdpr=1
date: Fri, 20 Aug 2021 11:32:35 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame C061 52 KB
17 KB 140ms
81ms Document
text/html 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.improvedigital.com
URL: http://hb.improvedigital.com/pbw/prebid/prebid-idhb-v4.43.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://player.tubia.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://player.tubia.com/

Response headers

Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: "5fc7ff8f-cf34"
Server: nginx/1.13.10
Access-Control-Allow-Origin: *
Content-Type: text/html
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Sat, 21 Aug 2021 11:32:37 GMT
Date: Fri, 20 Aug 2021 11:32:35 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame E9C8
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=GxnSgSUF1Mh2Li5

43 B
106 B

26ms
25ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537072979&val=GxnSgSUF1Mh2Li5
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=99b069cd-78e4-45e6-85da-d821a10d799d&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.214.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Aug 2021 11:32:36 GMT
via: 1.1 google
server: OXGW/16.214.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 20 Aug 2021 11:32:35 GMT
Server: PingMatch/v2.0.30-661-ga8ef792#rel-ec2-master i-08f8fc1eb6758b8c0@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=604800; includeSubDomains
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://eu-u.openx.net/w/1.0/sd?id=537072979&val=GxnSgSUF1Mh2Li5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame E9C8
Redirect Chain

https://x.bidswitch.net/sync?ssp=openx
https://x.bidswitch.net/ul_cb/sync?ssp=openx
https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_user_id=ba301b43-ec27-4592-a71b-f8cd5a379638
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_user_id=ba301b43-ec27-4592-a71b-f8cd5a379638
https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=5e9f85bf-f2a1-4cb5-8d00-42f127ffdcbb&ssp=openx
https://x.bidswitch.net/ul_cb/sync?dsp_id=250&expires=14&user_id=5e9f85bf-f2a1-4cb5-8d00-42f127ffdcbb&ssp=openx
https://us-u.openx.net/w/1.0/sd?id=537072968&val=1bfd916a-0d0d-4fb2-a6fc-da57da1dcfb5

43 B
106 B

24ms
24ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072968&val=1bfd916a-0d0d-4fb2-a6fc-da57da1dcfb5
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=99b069cd-78e4-45e6-85da-d821a10d799d&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.214.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Aug 2021 11:32:36 GMT
via: 1.1 google
server: OXGW/16.214.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: //us-u.openx.net/w/1.0/sd?id=537072968&val=1bfd916a-0d0d-4fb2-a6fc-da57da1dcfb5
date: Fri, 20 Aug 2021 11:32:36 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame E9C8
Redirect Chain

https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072399%26val%3D%24UID
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=1031495479282648805
https://eu-u.openx.net/w/1.0/sd?cc=1&id=537072399&val=1031495479282648805

43 B
106 B

24ms
24ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?cc=1&id=537072399&val=1031495479282648805
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=99b069cd-78e4-45e6-85da-d821a10d799d&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.214.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Aug 2021 11:32:36 GMT
via: 1.1 google
server: OXGW/16.214.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://eu-u.openx.net/w/1.0/sd?cc=1&id=537072399&val=1031495479282648805
date: Fri, 20 Aug 2021 11:32:36 GMT
via: 1.1 google
server: OXGW/16.214.0
alt-svc: clear
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H/1.1

200
OK

adx
match.prod.bidr.io/cookie-sync/ Frame E9C8
Redirect Chain

https://match.prod.bidr.io/cookie-sync/ox
https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFBQjZFN0NQeVlBQUJ5VzNuWU9TQQ&bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&b...
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFBQjZFN0NQeVlBQUJ5VzNuWU9TQQ&bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&b...
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1

43 B
430 B

255ms
255ms

Image
image/gif

52.215.67.233
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=99b069cd-78e4-45e6-85da-d821a10d799d&gdpr=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.215.67.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-215-67-233.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
Date: Fri, 20 Aug 2021 11:32:36 GMT
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
content-type: image/gif
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 20 Aug 2021 11:32:36 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 360
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame E9C8
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=8538611f-92d4-4300-8e66-1944a870f15d

43 B
106 B

38ms
38ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=8538611f-92d4-4300-8e66-1944a870f15d
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=99b069cd-78e4-45e6-85da-d821a10d799d&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.214.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Aug 2021 11:32:36 GMT
via: 1.1 google
server: OXGW/16.214.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Fri, 20 Aug 2021 11:35:52 GMT
Server: MT3 3853 9552a83 master cdg-pixel-x31
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=8538611f-92d4-4300-8e66-1944a870f15d
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 20 Aug 2021 11:35:51 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame E9C8
Redirect Chain

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=dFxSZntfBzNvC1IyI15OOCRcWjFvWAJhcFs8rKSv

43 B
122 B

25ms
24ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=dFxSZntfBzNvC1IyI15OOCRcWjFvWAJhcFs8rKSv
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=99b069cd-78e4-45e6-85da-d821a10d799d&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.214.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Aug 2021 11:32:36 GMT
via: 1.1 google
server: OXGW/16.214.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 20 Aug 2021 11:32:35 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=dFxSZntfBzNvC1IyI15OOCRcWjFvWAJhcFs8rKSv
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame E9C8
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7727489179939750127

43 B
106 B

70ms
69ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7727489179939750127
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=99b069cd-78e4-45e6-85da-d821a10d799d&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.214.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Aug 2021 11:32:37 GMT
via: 1.1 google
server: OXGW/16.214.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 20 Aug 2021 11:32:37 GMT
server: nginx
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7727489179939750127
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame E9C8 70 B
265 B 146ms
37ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=41fd8f84-db9c-3482-5a9d-7f47cd64f410&gdpr=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=99b069cd-78e4-45e6-85da-d821a10d799d&gdpr=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Aug 2021 11:32:36 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame E9C8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NmQ5MjVjNGUtMTJlYi02YTI2LTRmN2QtMjVmZTA3ODYzYTcw
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NmQ5MjVjNGUtMTJlYi02YTI2LTRmN2QtMjVmZTA3ODYzYTcw&google_tc=

170 B
188 B

33ms
32ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NmQ5MjVjNGUtMTJlYi02YTI2LTRmN2QtMjVmZTA3ODYzYTcw&google_tc=

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=99b069cd-78e4-45e6-85da-d821a10d799d&gdpr=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Aug 2021 11:32:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 20 Aug 2021 11:32:35 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NmQ5MjVjNGUtMTJlYi02YTI2LTRmN2QtMjVmZTA3ODYzYTcw&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame E9C8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMnDlPsLby30WP8V597EEec&google_cver=1

43 B
106 B

25ms
25ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMnDlPsLby30WP8V597EEec&google_cver=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=99b069cd-78e4-45e6-85da-d821a10d799d&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.214.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Aug 2021 11:32:36 GMT
via: 1.1 google
server: OXGW/16.214.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 20 Aug 2021 11:32:36 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMnDlPsLby30WP8V597EEec&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce Show response
ib.adnxs.com/ Frame C061
Redirect Chain

https://ib.adnxs.com/async_usersync?cbfn=queuePixels
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

0
803 B

25ms
24ms

Script
text/html

37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 20 Aug 2021 11:32:36 GMT
X-Proxy-Origin: 82.102.19.136; 82.102.19.136; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 467a7973-78c3-46a3-9baa-695508052ea0
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 20 Aug 2021 11:32:36 GMT
X-Proxy-Origin: 82.102.19.136; 82.102.19.136; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 54c827d2-6f07-4ea4-a1f5-cad532c16187
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 7E41 2 KB
3 KB 347ms
19ms Script
text/html 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=94294424&p=156946&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156946
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 44277eb8d237aa9b29a0ae383a7029a2e2445b5ed55d862cdd498b696fe4e0a2

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 11:32:36 GMT
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame C061 0
731 B 30ms
29ms Script
text/html 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 20 Aug 2021 11:32:37 GMT
X-Proxy-Origin: 82.102.19.136; 82.102.19.136; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: f5b25af3-bcae-4213-8f9f-bb35a4fb6b10
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 match Show response
c1.adform.net/serving/cookie/ Frame 35BE 35 B
477 B 30ms
30ms Document
image/gif 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?party=14&cid=8A73008D-7EE6-44FD-92D7-C3A5070FF82D

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156946

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: c1.adform.net
:scheme: https
:path: /serving/cookie/match?party=14&cid=8A73008D-7EE6-44FD-92D7-C3A5070FF82D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: C=1; uid=7727489179939750127
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Fri, 20 Aug 2021 11:32:37 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
set-cookie: uid=7727489179939750127; expires=Tue, 19 Oct 2021 11:32:37 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 76F3
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3725453312507858924

42 B
210 B

922ms
922ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3725453312507858924
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156946
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method: GET
:authority: image2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3725453312507858924
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: KADUSERCOOKIE=8A73008D-7EE6-44FD-92D7-C3A5070FF82D; chkChromeAb67Sec=1; DPSync3=1630627200%3A201_197_219%7C1629504000%3A174; SyncRTB3=1630627200%3A7_3_220_21_13_161_56_54_71%7C1630713600%3A35; KRTBCOOKIE_391=22924-7727489179939750127&KRTB&23263-7727489179939750127; PugT=1629459157; PUBMDCID=3
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Fri, 20 Aug 2021 11:32:37 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_336=5844-3725453312507858924; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 19-Sep-2021 11:32:37 GMT; path=/ PugT=1629459157; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 19-Sep-2021 11:32:37 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 18-Nov-2021 11:32:37 GMT; path=/
x-lat: lhrpug014:0:413
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3725453312507858924
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame 61FD 43 B
360 B 61ms
18ms Document
image/gif 178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156946
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method: GET
:authority: dis.criteo.com
:scheme: https
:path: /dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

cache-control: no-cache
pragma: no-cache
content-type: image/gif
expires: Fri, 20 Aug 2021 00:00:00 GMT
server: Microsoft-IIS/10.0
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1036
x-powered-by: ASP.NET
date: Fri, 20 Aug 2021 11:32:36 GMT
content-length: 43

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7E41
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=inMAjX7mRP2S18OlBw_4LQ%3D%3D
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

14 KB
14 KB

61ms
61ms

Image
text/html

2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156946
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 11:32:37 GMT
content-encoding: gzip
last-modified: Tue, 15 Jun 2021 06:08:03 GMT
server: Apache/2.2.15 (CentOS)
etag: "1300708-3945-5c4c7cc02bd56"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=142279
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 5054
expires: Sun, 22 Aug 2021 03:03:56 GMT

Redirect headers

pragma: no-cache
date: Fri, 20 Aug 2021 11:32:37 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 7E41
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=8f82611f-92d5-4400-b5dc-7fb5e68d9129

0
260 B

343ms
257ms

Image
text/plain

185.64.190.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=8f82611f-92d5-4400-b5dc-7fb5e68d9129
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156946
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 11:32:36 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Fri, 20 Aug 2021 11:35:53 GMT
Server: MT3 3853 9552a83 master cdg-pixel-x29
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=8f82611f-92d5-4400-b5dc-7fb5e68d9129
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 20 Aug 2021 11:35:52 GMT

GET
H/1.1

200
OK

/
pixel.onaudience.com/ Frame 7E41
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=8A73008D-7EE6-44FD-92D7-C3A5070FF82D
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=8d8ed73b0824b1ff786eed36a089d051

35 B
248 B

441ms
436ms

Image
image/gif

51.79.83.225
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.onaudience.com/?partner=161&icm&cver&mapped=8d8ed73b0824b1ff786eed36a089d051
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156946
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.79.83.225 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: pikafka-5.cloudy.ovh
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-length: 35
content-type: image/gif

Redirect headers

date: Fri, 20 Aug 2021 11:32:37 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://pixel.onaudience.com/?partner=161&icm&cver&mapped=8d8ed73b0824b1ff786eed36a089d051
cache-control: no-cache
access-control-allow-credentials: true
content-type: text/html
content-length: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 7E41
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OEE3MzAwOEQtN0VFNi00NEZELTkyRDctQzNBNTA3MEZGODJE&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
110 B

117ms
62ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156946
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 11:32:37 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug016:0:400
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 20 Aug 2021 11:32:37 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 7E41
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECNUh85FoH789nmLRUBKrp4&google_cver=1

42 B
282 B

40ms
39ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECNUh85FoH789nmLRUBKrp4&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156946
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 11:32:37 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug008:0:440
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 20 Aug 2021 11:32:37 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECNUh85FoH789nmLRUBKrp4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 7E41 43 B
609 B 4129ms
66ms Image
image/gif 159.253.128.183
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156946

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

b7.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 11:32:41 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Thu, 19 Aug 2021 11:32:41 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 7E41
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7727489179939750127

42 B
544 B

75ms
25ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7727489179939750127
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156946
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 11:32:37 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug018:0:470
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 20 Aug 2021 11:32:37 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7727489179939750127
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 7E41
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:0426611f-92d5-4b00-b5cb-927e059cd688&gdpr=0&gdpr_consent=

42 B
341 B

25ms
24ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:0426611f-92d5-4b00-b5cb-927e059cd688&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156946
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 11:32:37 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug004:0:448
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Fri, 20 Aug 2021 11:35:53 GMT
Server: MT3 3853 9552a83 master cdg-pixel-x12
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:0426611f-92d5-4b00-b5cb-927e059cd688&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 20 Aug 2021 11:35:52 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 7E41
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=5f9df31d-42c3-4971-80b7-92fdb7183703

42 B
295 B

25ms
24ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=5f9df31d-42c3-4971-80b7-92fdb7183703
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156946
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 11:32:37 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug010:0:410
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 20 Aug 2021 11:32:37 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=5f9df31d-42c3-4971-80b7-92fdb7183703
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 7E41
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1031495479282648805&gdpr=0&gdpr_consent=

42 B
520 B

119ms
61ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1031495479282648805&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156946
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 11:32:37 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug012:0:401
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Fri, 20 Aug 2021 11:32:37 GMT
X-Proxy-Origin: 82.102.19.136; 82.102.19.136; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: f90464d7-5a4d-403f-9217-fc91e64e38e3
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1031495479282648805&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 8A73008D-7EE6-44FD-92D7-C3A5070FF82D
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 7E41 43 B
839 B 104ms
34ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/8A73008D-7EE6-44FD-92D7-C3A5070FF82D?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156946

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 11:32:37 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

84 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: http://player.tubia.com/libs/gd/main.js(Line 19159) Message: %c %c %c Tubia Video Walkthrough \| Version:2.2.11 %c %c %c background: #01567d background: #00405c color: #fff; background: #002333; background: #00405c background: #01567d background: #006897
console-api	warning	URL: http://hb.improvedigital.com/pbw/prebid/prebid-idhb-v4.43.min.js(Line 3) Message: fun-hooks: referenced 'registerAdserver' but it was never created

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.agkn.com
acdn.adnxs.com
ads.pubmatic.com
adservice.google.com.tr
ana.headerlift.com
api.tubia.com
bcp.crwdcntrl.net
c1.adform.net
cdn.jsdelivr.net
cdn.tubia.com
cm.g.doubleclick.net
d5p.de17a.com
dis.criteo.com
eu-u.openx.net
funtomic-d.openx.net
gum.criteo.com
hb.improvedigital.com
hbopenbid.pubmatic.com
ib.adnxs.com
ice.360yield.com
id.crwdcntrl.net
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
loada.exelator.com
match.adsrvr.org
match.prod.bidr.io
mug.criteo.com
pixel.onaudience.com
pixel.quantserve.com
player.tubia.com
pm.w55c.net
pr-bh.ybp.yahoo.com
pub.headerlift.com
rtb.mfadsrvr.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
sync.crwdcntrl.net
sync.mathtag.com
tags.bluekai.com
tags.crwdcntrl.net
thrtle.com
um.simpli.fi
us-u.openx.net
www.google-analytics.com
www.googletagservices.com
x.bidswitch.net
104.111.215.191
107.21.238.20
13.224.96.5
142.250.184.226
142.250.185.130
143.204.98.86
159.253.128.183
178.250.2.146
178.250.2.151
18.158.92.16
18.196.123.190
18.198.69.109
185.29.134.244
185.64.189.112
185.64.189.115
185.64.190.80
185.64.190.81
2.18.232.130
2.18.233.180
213.155.156.185
2600:9000:20eb:9a00:4:cd76:8580:93a1
2606:4700:21::681b:c358
2606:4700:3034::6815:5192
2620:116:800d:21:f916:5049:f87f:108e
2a00:1288:110:c305::8000
2a00:1450:4001:810::200a
2a00:1450:4001:827::200e
2a00:1450:4001:829::2002
2a02:2638::1c
2a04:4e42:3::485
3.121.111.29
3.124.143.99
35.244.159.8
37.157.2.237
37.252.172.249
37.252.172.250
51.79.83.225
52.18.12.237
52.215.67.233
52.28.122.36
54.194.226.253
76.223.111.131
030d7c9ea178a89b20a1cd70f1d7d631bb164b2f1040771195446b7519389ee4
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0d20420a94f95843b74e0d14a1c727d7ebef0cacabc2c139fab8b5eafa262328
10bda34b2a767f9313bab5797a0a7733d0366cbece27caf11860de930fdc180c
1821c7da834b68f195debddb1e51cc5927f66e3a0e3db9a161f40a79e4cdaccc
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1bccdb9d5ae278996857f388e8a088a552af3f9b961b1a89e7dfd9ef0fcc8400
1bf2ee096f83719338faafd67d79cc75b76739f0198f6b38fea47b2b5f7916a0
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
2845f58724fb6e53ec753f7e5b3f2159f513516d1b991d01d3e0ab1426f2c2e2
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f811440479cea6881c887f4b338a0456a1a20f88a0d51d5d919856a4152ee7d
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
416ce8c3fe96167a1c0a0872972c6ed0b60e1162bd09025327116bc396512629
44277eb8d237aa9b29a0ae383a7029a2e2445b5ed55d862cdd498b696fe4e0a2
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5cb5ff03a1aa441743fcc88a365efb32e0b40a2c805d7f9bd283c60b97f7dbb8
685470567f9b293199172c294578f0979385d6fbcd6cc9d68206a5276ac4dd02
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
75f254d6def25a64b0becb65504f66a387175022accc79877e285a12daf408cb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86a3cdc317c50edc90aef0da3162e0f7f2b32d60fe0744457ec17216109ddee1
8721534fa38f33c27768536894b9553424bd8842dcfe387346ebbcf4e52fa997
8c044d70ab6ffb1b29c0c798a827d4220981eae1e8cb7339494bafc2aa48cc7f
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
956130a5128980106fbf0a389ac67dc012d91840bbdd52383b953ade75d52c65
9f87952e4305b87ff3b95d3db09b4e7e25f39633265d5189fe48504f731b352d
a5db7c9cd732b9f7815ea48a5d0119faa19f771655fa892aa55ce1bd5ab746b4
a6a5a6f6bc7480ed7c5ac028934d3606af75c5b78848f98059eb0b049ce00b69
ba6c8fdcbea281d86a8ab963439aef0cb21536661d48fd0cba16c34bb13f4540
c47ab7648259974976369369dcbb3c18a4a652409d1b8b949993e55086fab401
c75c662fb3760c569d159f60838a704e2a35b6a24e20212be85c2a4421aeee07
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e1ce17fd79478fbb0830c687ff4046c86993acb5fd14fc35b4fd29bed00ce94a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

player.tubia.com Open in urlscan Pro 2606:4700:21::681b:c358 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

65 Requests

92 %HTTPS

24 %IPv6

31 Domains

49 Subdomains

34 IPs

9 Countries

1269 kBTransfer

3339 kBSize

0 Cookies

0 Outgoing links

Redirected requests

65 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

player.tubia.com Open in urlscan Pro
2606:4700:21::681b:c358 Public Scan

Screenshot
Live screenshot

Full Image

65
Requests

92 %
HTTPS

24 %
IPv6

31
Domains

49
Subdomains

34
IPs

9
Countries

1269 kB
Transfer

3339 kB
Size

0
Cookies

65 HTTP transactions
0 data transactions