www.goole.com Open in urlscan Pro
217.160.0.201 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.goole.com/safeview-redirect/tc_frame.html?dt=PCFET0NUWVBFIGh0bWw%2B&n=639f7146&furl=aHR0cHM6Ly9kZS50eW50Lm...
Submission Tags: falconsandbox
Submission: On July 15 via api (July 15th 2021, 4:19:38 am UTC) from US

Summary HTTP 109 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 45 IPs in 7 countries across 40 domains to perform 109 HTTP transactions. The main IP is 217.160.0.201, located in Germany and belongs to IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE. The main domain is www.goole.com.

This is the only time www.goole.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
11	217.160.0.201 217.160.0.201	8560 (IONOS-AS ...) (IONOS-AS This is the joint network for IONOS)
2	2606:4700:20:... 2606:4700:20::681a:eee	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
10	2606:4700:20:... 2606:4700:20::681a:fee	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
2	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:3::485 2a04:4e42:3::485	54113 (FASTLY) (FASTLY)
1 14	2606:4700:20:... 2606:4700:20::681a:24e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	136.144.59.88 136.144.59.88	54825 (PACKET) (PACKET)
1	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6 7	185.33.221.52 185.33.221.52	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	46.249.52.248 46.249.52.248	50673 (SERVERIUS-AS) (SERVERIUS-AS)
1	185.184.8.65 185.184.8.65	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	2606:4700::68... 2606:4700::6810:a723	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
5	68.67.160.26 68.67.160.26	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2606:4700:303... 2606:4700:3033::ac43:8e10	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	138.201.63.145 138.201.63.145	24940 (HETZNER-AS) (HETZNER-AS)
1 3	185.29.133.52 185.29.133.52	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
1 5	138.201.84.252 138.201.84.252	24940 (HETZNER-AS) (HETZNER-AS)
12	52.48.25.212 52.48.25.212	16509 (AMAZON-02) (AMAZON-02)
2	145.239.2.103 145.239.2.103	16276 (OVH) (OVH)
1	2.18.232.130 2.18.232.130	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	216.52.2.19 216.52.2.19	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
4 4	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
2 2	54.82.140.85 54.82.140.85	14618 (AMAZON-AES) (AMAZON-AES)
1 1	18.158.174.89 18.158.174.89	16509 (AMAZON-02) (AMAZON-02)
2 3	52.59.28.101 52.59.28.101	16509 (AMAZON-02) (AMAZON-02)
2	178.162.133.149 178.162.133.149	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
7	51.89.9.251 51.89.9.251	16276 (OVH) (OVH)
2 7	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1	67.202.110.23 67.202.110.23	32748 (STEADFAST) (STEADFAST)
1	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	185.29.132.68 185.29.132.68	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
3 4	37.157.2.239 37.157.2.239	198622 (ADFORM) (ADFORM)
5 5	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
2 3	13.248.242.197 13.248.242.197	16509 (AMAZON-02) (AMAZON-02)
3 3	35.156.245.144 35.156.245.144	16509 (AMAZON-02) (AMAZON-02)
1	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	209.54.176.128 209.54.176.128	16509 (AMAZON-02) (AMAZON-02)
1	35.241.40.233 35.241.40.233	15169 (GOOGLE) (GOOGLE)
1 1	185.183.112.148 185.183.112.148	60350 (VP) (VP)
109	45

11 217.160.0.201 (Germany)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)
PTR: 217-160-0-201.elastic-ssl.ui-r.com

www.goole.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:eee (United States)

ASN13335 (CLOUDFLARENET, US)

services.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:20::681a:fee (United States)

ASN13335 (CLOUDFLARENET, US)

tag.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stats.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:3::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700:20::681a:24e (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

useast.quantumdex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.quantumdex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ms.quantumdex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 136.144.59.88 (Secaucus, United States)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.33.221.52 (Amsterdam, Netherlands) 6 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs-simple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.249.52.248 (Netherlands) 1 redirects

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net

ads.us.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a723 (United States)

ASN13335 (CLOUDFLARENET, US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 68.67.160.26 (New York, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

nym1-ib.adnxs-simple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::ac43:8e10 (United States)

ASN13335 (CLOUDFLARENET, US)

quantumsyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.201.63.145 (Lingenfeld, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.145.63.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.29.133.52 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

tags.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 138.201.84.252 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.252.84.201.138.clients.your-server.de

hal900024.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 52.48.25.212 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-25-212.eu-west-1.compute.amazonaws.com

s.update.mediamathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 145.239.2.103 (France)

ASN16276 (OVH, FR)
PTR: ns3082036.ip-145-239-2.eu

cdn.contentspread.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.232.130 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com

cdn.adnxs-simple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.19 (United States) 2 redirects

ASN30282 (AS-INAPCDN-OCY, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.126.56.137 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.82.140.85 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)

nep.advangelists.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.158.174.89 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.59.28.101 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-28-101.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.162.133.149 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 51.89.9.251 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2.18.234.21 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.110.23 (Crown Point, United States)

ASN32748 (STEADFAST, US)
PTR: ip23.67-202-110.static.steadfastdns.net

ssc-cms.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.68 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel-eu.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.2.239 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.194 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.248.242.197 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.156.245.144 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-245-144.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.54.176.128 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.40.233 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 233.40.241.35.bc.googleusercontent.com

dmp.brand-display.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.183.112.148 (France) 1 redirects

ASN60350 (VP, FR)

sync.adotmob.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	quantumdex.io 1 redirects useast.quantumdex.io sync.quantumdex.io ms.quantumdex.io	9 KB
12	mediamathtag.com s.update.mediamathtag.com	48 KB
12	vlitag.com services.vlitag.com tag.vlitag.com assets.vlitag.com stats.vlitag.com	455 KB
11	goole.com www.goole.com	194 KB
7	casalemedia.com 2 redirects ssum-sec.casalemedia.com dsum-sec.casalemedia.com	8 KB
7	onetag-sys.com onetag-sys.com	3 KB
7	adnxs-simple.com ib.adnxs-simple.com nym1-ib.adnxs-simple.com cdn.adnxs-simple.com	40 KB
7	doubleclick.net 5 redirects securepubads.g.doubleclick.net cm.g.doubleclick.net	117 KB
6	adnxs.com 6 redirects ib.adnxs.com	5 KB
6	redintelligence.net 1 redirects hal9000.redintelligence.net hal900024.redintelligence.net	7 KB
5	mathtag.com 2 redirects tags.mathtag.com pixel.mathtag.com sync.mathtag.com	2 KB
4	adform.net 3 redirects dmp.adform.net c1.adform.net	2 KB
4	yahoo.com 4 redirects ups.analytics.yahoo.com	3 KB
3	bidswitch.net 3 redirects x.bidswitch.net	1 KB
3	adsrvr.org 2 redirects match.adsrvr.org	1 KB
3	advertising.com 2 redirects pixel.advertising.com	798 B
2	amazon-adsystem.com 1 redirects s.amazon-adsystem.com	1 KB
2	rubiconproject.com pixel-eu.rubiconproject.com pixel.rubiconproject.com	478 B
2	pubmatic.com ads.pubmatic.com image6.pubmatic.com	5 KB
2	sonobi.com sync.go.sonobi.com	1 KB
2	advangelists.com 2 redirects nep.advangelists.com	458 B
2	lijit.com 2 redirects ap.lijit.com	1 KB
2	criteo.net static.criteo.net	52 KB
2	contentspread.net cdn.contentspread.net	25 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	e-planning.net 1 redirects ads.us.e-planning.net	1 KB
2	criteo.com bidder.criteo.com gum.criteo.com	775 B
2	gstatic.com fonts.gstatic.com	46 KB
2	googleapis.com fonts.googleapis.com imasdk.googleapis.com	118 KB
1	adotmob.com 1 redirects sync.adotmob.com	689 B
1	brand-display.com dmp.brand-display.com	253 B
1	33across.com ssc-cms.33across.com	2 KB
1	sharethrough.com 1 redirects match.sharethrough.com	240 B
1	quantumsyndication.com quantumsyndication.com	588 B
1	googletagmanager.com www.googletagmanager.com	39 KB
1	cloudflare.com ajax.cloudflare.com	4 KB
1	creativecdn.com prebid-eu.creativecdn.com	174 B
1	a-mo.net prebid.a-mo.net	363 B
1	jsdelivr.net cdn.jsdelivr.net	1019 B
1	googletagservices.com www.googletagservices.com	24 KB
109	40

	Domain	Requested by
12	sync.quantumdex.io	assets.vlitag.com sync.quantumdex.io onetag-sys.com ssum-sec.casalemedia.com
12	s.update.mediamathtag.com	ajax.cloudflare.com s.update.mediamathtag.com
11	www.goole.com	www.goole.com
8	assets.vlitag.com	tag.vlitag.com www.goole.com assets.vlitag.com ajax.cloudflare.com
7	onetag-sys.com	sync.quantumdex.io onetag-sys.com
6	ib.adnxs.com	6 redirects
5	cm.g.doubleclick.net	5 redirects
5	hal900024.redintelligence.net	1 redirects ajax.cloudflare.com hal900024.redintelligence.net
5	nym1-ib.adnxs-simple.com	ajax.cloudflare.com cdn.adnxs-simple.com
4	dsum-sec.casalemedia.com	1 redirects ssum-sec.casalemedia.com
4	ups.analytics.yahoo.com	4 redirects
3	x.bidswitch.net	3 redirects
3	match.adsrvr.org	2 redirects ssum-sec.casalemedia.com
3	ssum-sec.casalemedia.com	1 redirects sync.quantumdex.io ssum-sec.casalemedia.com
3	pixel.advertising.com	2 redirects onetag-sys.com
3	tags.mathtag.com	1 redirects
2	s.amazon-adsystem.com	1 redirects ssum-sec.casalemedia.com
2	c1.adform.net	1 redirects ssum-sec.casalemedia.com
2	dmp.adform.net	2 redirects
2	sync.go.sonobi.com	sync.quantumdex.io
2	nep.advangelists.com	2 redirects
2	ap.lijit.com	2 redirects
2	static.criteo.net	assets.vlitag.com static.criteo.net
2	cdn.contentspread.net	hal900024.redintelligence.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	ads.us.e-planning.net	1 redirects
2	securepubads.g.doubleclick.net	www.googletagservices.com
2	fonts.gstatic.com	fonts.googleapis.com
2	services.vlitag.com	www.goole.com services.vlitag.com
1	sync.adotmob.com	1 redirects
1	dmp.brand-display.com	ssum-sec.casalemedia.com
1	image6.pubmatic.com	ads.pubmatic.com
1	pixel.rubiconproject.com	onetag-sys.com
1	pixel-eu.rubiconproject.com	onetag-sys.com
1	sync.mathtag.com	1 redirects
1	ads.pubmatic.com	sync.quantumdex.io
1	ssc-cms.33across.com	sync.quantumdex.io
1	ms.quantumdex.io	1 redirects
1	match.sharethrough.com	1 redirects
1	gum.criteo.com	static.criteo.net
1	cdn.adnxs-simple.com	ajax.cloudflare.com
1	pixel.mathtag.com
1	hal9000.redintelligence.net	ajax.cloudflare.com
1	quantumsyndication.com
1	www.googletagmanager.com	tag.vlitag.com
1	stats.vlitag.com
1	ajax.cloudflare.com	assets.vlitag.com
1	prebid-eu.creativecdn.com	assets.vlitag.com
1	ib.adnxs-simple.com	assets.vlitag.com
1	bidder.criteo.com	assets.vlitag.com
1	prebid.a-mo.net	assets.vlitag.com
1	useast.quantumdex.io	assets.vlitag.com
1	cdn.jsdelivr.net	assets.vlitag.com
1	imasdk.googleapis.com	tag.vlitag.com
1	www.googletagservices.com	tag.vlitag.com
1	tag.vlitag.com	services.vlitag.com
1	fonts.googleapis.com	www.goole.com
109	57

This site contains links to these domains. Also see Links.

Domain
valueimpression.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-13` - `2022-06-12`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-30` - `2022-06-01`	a year	crt.sh
*.a-mo.net R3	`2021-07-10` - `2021-10-08`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-06-27` - `2021-09-24`	3 months	crt.sh
*.adnxs-simple.com GeoTrust ECC CA 2018	`2021-03-17` - `2022-03-15`	a year	crt.sh
ads.us.e-planning.net R3	`2021-05-24` - `2021-08-22`	3 months	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-30` - `2022-04-12`	a year	crt.sh
ajax.cloudflare.com DigiCert ECC Secure Server CA	`2020-08-11` - `2022-08-16`	2 years	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.mathtag.com DigiCert SHA2 Secure Server CA	`2020-04-15` - `2022-04-22`	2 years	crt.sh
pixel.mathtag.com DigiCert SHA2 Secure Server CA	`2021-06-29` - `2022-07-07`	a year	crt.sh
update.mediamathtag.com R3	`2021-06-28` - `2021-09-26`	3 months	crt.sh
contentspread.net R3	`2021-06-04` - `2021-09-02`	3 months	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2021-03-11` - `2022-02-07`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-06-27` - `2021-09-24`	3 months	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2020-12-06` - `2022-01-07`	a year	crt.sh
onetag-sys.com R3	`2021-05-02` - `2021-07-31`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-01` - `2021-09-30`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2020-12-18` - `2022-01-18`	a year	crt.sh
pixel.advertising.com DigiCert SHA2 High Assurance Server CA	`2021-03-01` - `2021-08-24`	6 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
s.amazon-adsystem.com Amazon	`2020-08-28` - `2021-08-20`	a year	crt.sh
*.brand-display.com GeoTrust RSA CA 2018	`2020-06-24` - `2022-06-24`	2 years	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh

This page contains 12 frames:

Primary Page: http://www.goole.com/safeview-redirect/tc_frame.html?dt=PCFET0NUWVBFIGh0bWw%2B&n=639f7146&furl=aHR0cHM6Ly9kZS50eW50LmNvbS9kZWIvP209eGNoJnJ0PWh0bWwmc2lkPTAwMTBiMDAwMDJDcFloRUFBVg%3D%3D&turl=aHR0cDovL3d3dy5nb29sZS5jb20v
Frame ID: 42E2DD8E0FFD8C99CC4D65FED533C79B
Requests: 37 HTTP requests in this frame

Frame: http://assets.vlitag.com/plugins/safeframe/src/html/r.html
Frame ID: 6076F91034E07F31FF654C0567C48801
Requests: 27 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=UA-128776493-30
Frame ID: E9C2D58A1977DB8F26917955AFC1D597
Requests: 3 HTTP requests in this frame

Frame: http://hal900024.redintelligence.net/request_content.php?s=34195200011452500951443011656024&a=9f00d1ce
Frame ID: 00E0BDEE3581AE33A6D9E1358ABE03FA
Requests: 6 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.goole.com&gdpr=1&gdpr_consent=
Frame ID: CABFD19BB9612F5E4EF47FFC85A1D20B
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 9E87EA3B293CB33D27BAAA812CF99823
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/quantumdex
Frame ID: E68C42869EF9161B5631EDF74E545D6D
Requests: 11 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 8147D7BA7E35D73B083F6C2F4BD8EE61
Requests: 11 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Frame ID: ADC142B9AB9D6A04B43BDCFB182C3AB4
Requests: 10 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Frame ID: 0DE7EE11C928BF2C341CC582E50BEEB3
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 86F399FC896E28C8B097626F639F674E
Requests: 2 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: 3B877E869D58B31319ED0229680EBEED
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Page not found - Goole

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Lightbox (JavaScript Libraries) Expand

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

109
Requests

71 %
HTTPS

29 %
IPv6

40
Domains

57
Subdomains

45
IPs

7
Countries

1221 kB
Transfer

3001 kB
Size

2
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://valueimpression.com/?ref=www.goole.com

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30

https://ads.us.e-planning.net/pbjs/1/2c995/1/www.goole.com/ROS?rnd=0.3680828735991095&e=970x90_0%3A970x90%2B728x90_0%3A728x90&ur=http%3A%2F%2Fwww.goole.com%2Fsafeview-redirect%2Ftc_frame.html%3Fdt%3DPCFET0NUWVBFIGh0bWw%252B%26n%3D639f7146%26furl%3DaHR0cHM6Ly9kZS50eW50LmNvbS9kZWIvP209eGNoJnJ0PWh0bWwmc2lkPTAwMTBiMDAwMDJDcFloRUFBVg%253D%253D%26turl%3DaHR0cDovL3d3dy5nb29sZS5jb20v&pbv=5.4.0&ncb=1&vs=FF&crs=UTF-8&fr=http%3A%2F%2Fwww.goole.com%2Fsafeview-redirect%2Ftc_frame.html%3Fdt%3DPCFET0NUWVBFIGh0bWw%252B%26n%3D639f7146%26furl%3DaHR0cHM6Ly9kZS50eW50LmNvbS9kZWIvP209eGNoJnJ0PWh0bWwmc2lkPTAwMTBiMDAwMDJDcFloRUFBVg%253D%253D%26turl%3DaHR0cDovL3d3dy5nb29sZS5jb20v&gdpr=1&gdprcs= HTTP 302
https://ads.us.e-planning.net/hb/1/2c995/1/www.goole.com/ROS?ct=1&r=pbjs&rnd=0.3680828735991095&e=970x90_0%3A970x90%2B728x90_0%3A728x90&ur=http%3A%2F%2Fwww.goole.com%2Fsafeview-redirect%2Ftc_frame.html%3Fdt%3DPCFET0NUWVBFIGh0bWw%252B%26n%3D639f7146%26furl%3DaHR0cHM6Ly9kZS50eW50LmNvbS9kZWIvP209eGNoJnJ0PWh0bWwmc2lkPTAwMTBiMDAwMDJDcFloRUFBVg%253D%253D%26turl%3DaHR0cDovL3d3dy5nb29sZS5jb20v&pbv=5.4.0&ncb=1&vs=FF&crs=UTF-8&fr=http%3A%2F%2Fwww.goole.com%2Fsafeview-redirect%2Ftc_frame.html%3Fdt%3DPCFET0NUWVBFIGh0bWw%252B%26n%3D639f7146%26furl%3DaHR0cHM6Ly9kZS50eW50LmNvbS9kZWIvP209eGNoJnJ0PWh0bWwmc2lkPTAwMTBiMDAwMDJDcFloRUFBVg%253D%253D%26turl%3DaHR0cDovL3d3dy5nb29sZS5jb20v&gdpr=1&gdprcs=

Request Chain 43

https://tags.mathtag.com/notify/img?exch=apn&s_exch=apn&id=5aW95q2jLzIzLyAvTnpjd1lqRm1aRGN0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzM4NjkyOTE2OTg0MzA0MzIzMDMvNjYyMjQwNS80NTYyMzEyLzEzL2dDQ3E1RTBPMG52S1lkcm12QTR6RjA1T1pnUDM1T04wd00taFBoTHdYTU0vMS8xMy8wLzAvOTU2ODAzLzAvMjE2NTM2LzY1MTg3MS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzM4NjkyOTE2OTg0MzA0MzIzMDMvb3JkLzAvNTAxLzI2Lzk5OS8zMjIvMmEwMTo0Zjg6MTkyOjU0MDA6Oi8wLjAwMC8xNjI2MzIyNzY0LzE2MjYzMzUzNjQvMTMvMTEzOTUv/JCY9rcIZATbKmhwF8mATzDMCfuM&nodeid=2690&group=us-east&auctionid=3869291698430432303&shardkey=3869291698430432303&sid=4562312&cid=6622405&bp=a_bdhgdj&nfy_act=LD5wew&bfip=216.200.232.143&type=imp&client=c2s HTTP 302
https://tags.mathtag.com/ck-confirm?bid_id=3869291698430432303&node_id=2690&exch_id=13

Request Chain 47

http://hal900024.redintelligence.net/request.php?zone=knsinarql37c&nw=20&renderingType=javascript&namespace=0212ff1028&subid=&uid=33dd96a4174d57c9&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D3869291698430432303%26mt_id%3D6622405%26mt_adid%3D216536%26redirect%3D&documentReferer=http%3A%2F%2Fwww.goole.com%2F&ancestorOrigins=http%3A%2F%2Fwww.goole.com&random=2473166452045&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0 HTTP 302
http://hal900024.redintelligence.net/request.php?zone=knsinarql37c&nw=20&renderingType=javascript&namespace=0212ff1028&subid=&uid=33dd96a4174d57c9&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D3869291698430432303%26mt_id%3D6622405%26mt_adid%3D216536%26redirect%3D&documentReferer=http%3A%2F%2Fwww.goole.com%2F&ancestorOrigins=http%3A%2F%2Fwww.goole.com&random=2473166452045&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1

Request Chain 73

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danswermedia%2526uid%253D%2524UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=8885428170809495762

Request Chain 74

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=3d01cf081962f27dddd1e9a4

Request Chain 75

https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-RXzR0M5E2uGuru2TQ9rD2xpNOBC3GXe81qHDsS8-~A

Request Chain 76

https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D HTTP 302
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-912287a1-82d1-44b9-9bdf-7a9ad914e81b

Request Chain 77

https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=5b8e9332-f538-423b-88a3-defc32a3d095

Request Chain 78

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8885428170809495762

Request Chain 79

https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPd854470a-e523-11eb-ab40-02c8ceb1391e HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPd854470a-e523-11eb-ab40-02c8ceb1391e

Request Chain 80

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danx152media%2526uid%253D%2524UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=8885428170809495762

Request Chain 81

https://ms.quantumdex.io/user/sync/quantumdex HTTP 302
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=77ec37b6-2723-4c64-9615-22158e0cc70e

Request Chain 84

https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

Request Chain 88

https://sync.mathtag.com/sync/img?mt_exid=75&redir=%2F%2Fonetag-sys.com%2Fsync%2Fi%2C1%2F%5BMM_UUID%5D HTTP 302
https://onetag-sys.com/sync/i,1/78a760ef-b74f-4500-9a67-bd2a8272471e

Request Chain 90

https://dmp.adform.net/serving/cookie/match?party=1167&cid=2yoyGhs9zPEC4FES-ml1bJyIRJORFkU9aKvTKlb0aZ4 HTTP 302
https://dmp.adform.net/serving/cookie/match?CC=1&party=1167&cid=2yoyGhs9zPEC4FES-ml1bJyIRJORFkU9aKvTKlb0aZ4 HTTP 302
https://onetag-sys.com/sync/i,34/7560294894533642582

Request Chain 91

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_cm&no_r=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_cm=&no_r=1&google_tc= HTTP 302
https://onetag-sys.com/sync/i,19/?no_r=1&google_gid=CAESEM81xlW8tAnBAqkqCTV9qCE&google_cver=1

Request Chain 94

https://ups.analytics.yahoo.com/ups/58488/occ HTTP 302
https://onetag-sys.com/match/?int_id=92&uid=y-RXzR0M5E2uGuru2TQ9rD2xpNOBC3GXe81qHDsS8-~A

Request Chain 95

https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= HTTP 302
https://onetag-sys.com/sync/i,29/?tdid=248ceec6-e6c4-4879-9aea-c85b2bf0ed31&ttl=1628914768

Request Chain 96

https://x.bidswitch.net/sync?ssp=onetag HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=onetag HTTP 302
https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=onetag HTTP 302
https://x.bidswitch.net/sync?dsp_id=70&user_id=7560294894533642582&ssp=onetag HTTP 302
https://onetag-sys.com/match/?int_id=30&uid=472310f4-e831-408f-a52d-0d66ae2b3d1f&gdpr=&gdpr_consent=&us_privacy=

Request Chain 100

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YO.3UNWDf2o0uLEw3R28rwAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEsp6abp20b30bqu-j6Ndqk&google_cver=1&gdpr=1&google_hm=2

Request Chain 101

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YO-3UNWDf2o0uLEw3R28rwAAAOIAAAIB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YO-3UNWDf2o0uLEw3R28rwAAAOIAAAIB&gdpr_consent=&us_privacy=&gdpr=1&google_tc= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEEdRmKsUZQXz3x8R9ZFFX4k&google_cver=1

Request Chain 102

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YO-3UNWDf2o0uLEw3R28rwAAAOIAAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YO-3UNWDf2o0uLEw3R28rwAAAOIAAAIB&dcc=t

Request Chain 103

https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-9084bb74-9a0d-4466-8cae-ba288787ffb2

Request Chain 105

https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=0678220400cea9b4b11ac9cb&expiration=[EXPIRATION]&gdpr=1

109 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 404
Not Found Primary Request tc_frame.html Show response
www.goole.com/safeview-redirect/ 9 KB
4 KB 290ms
263ms Document
text/html 217.160.0.201
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.goole.com/safeview-redirect/tc_frame.html?dt=PCFET0NUWVBFIGh0bWw%2B&n=639f7146&furl=aHR0cHM6Ly9kZS50eW50LmNvbS9kZWIvP209eGNoJnJ0PWh0bWwmc2lkPTAwMTBiMDAwMDJDcFloRUFBVg%3D%3D&turl=aHR0cDovL3d3dy5nb29sZS5jb20v
Protocol: HTTP/1.1
Server: 217.160.0.201 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS: 217-160-0-201.elastic-ssl.ui-r.com
Software: Apache /
Resource Hash: 11458d444f8ea97a460c4a35a676aa0a05e02bb6285af24cdf0b0b0f74157e59

Request headers

Host: www.goole.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Date: Thu, 15 Jul 2021 04:19:20 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <http://www.goole.com/wp-json/>; rel="https://api.w.org/"
Content-Encoding: gzip

GET
H/1.1 200
OK style.css
www.goole.com/wp-content/themes/goole/ 4 KB
4 KB 60ms
58ms Stylesheet
text/css 217.160.0.201
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.goole.com/wp-content/themes/goole/style.css
Requested by: Host: www.goole.com
URL: http://www.goole.com/safeview-redirect/tc_frame.html?dt=PCFET0NUWVBFIGh0bWw%2B&n=639f7146&furl=aHR0cHM6Ly9kZS50eW50LmNvbS9kZWIvP209eGNoJnJ0PWh0bWwmc2lkPTAwMTBiMDAwMDJDcFloRUFBVg%3D%3D&turl=aHR0cDovL3d3dy5nb29sZS5jb20v
Protocol: HTTP/1.1
Server: 217.160.0.201 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS: 217-160-0-201.elastic-ssl.ui-r.com
Software: Apache /
Resource Hash: e8dd6f380841eaa3ba6b546a9c7e9b2f480256b39cfbd10f198831cf4dcdb0ae

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.goole.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://www.goole.com/safeview-redirect/tc_frame.html?dt=PCFET0NUWVBFIGh0bWw%2B&n=639f7146&furl=aHR0cHM6Ly9kZS50eW50LmNvbS9kZWIvP209eGNoJnJ0PWh0bWwmc2lkPTAwMTBiMDAwMDJDcFloRUFBVg%3D%3D&turl=aHR0cDovL3d3dy5nb29sZS5jb20v
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.goole.com/safeview-redirect/tc_frame.html?dt=PCFET0NUWVBFIGh0bWw%2B&n=639f7146&furl=aHR0cHM6Ly9kZS50eW50LmNvbS9kZWIvP209eGNoJnJ0PWh0bWwmc2lkPTAwMTBiMDAwMDJDcFloRUFBVg%3D%3D&turl=aHR0cDovL3d3dy5nb29sZS5jb20v
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Jul 2021 04:19:20 GMT
Last-Modified: Tue, 01 Dec 2020 10:33:45 GMT
Server: Apache
ETag: "1060-5b564a94f2c9e"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 4192

GET
H/1.1 200
OK style.min.css
www.goole.com/wp-includes/css/dist/block-library/ 53 KB
53 KB 114ms
87ms Stylesheet
text/css 217.160.0.201
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.goole.com/wp-includes/css/dist/block-library/style.min.css?ver=5.5.5
Requested by: Host: www.goole.com
URL: http://www.goole.com/safeview-redirect/tc_frame.html?dt=PCFET0NUWVBFIGh0bWw%2B&n=639f7146&furl=aHR0cHM6Ly9kZS50eW50LmNvbS9kZWIvP209eGNoJnJ0PWh0bWwmc2lkPTAwMTBiMDAwMDJDcFloRUFBVg%3D%3D&turl=aHR0cDovL3d3dy5nb29sZS5jb20v
Protocol: HTTP/1.1
Server: 217.160.0.201 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS: 217-160-0-201.elastic-ssl.ui-r.com
Software: Apache /
Resource Hash: 8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.goole.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://www.goole.com/safeview-redirect/tc_frame.html?dt=PCFET0NUWVBFIGh0bWw%2B&n=639f7146&furl=aHR0cHM6Ly9kZS50eW50LmNvbS9kZWIvP209eGNoJnJ0PWh0bWwmc2lkPTAwMTBiMDAwMDJDcFloRUFBVg%3D%3D&turl=aHR0cDovL3d3dy5nb29sZS5jb20v
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.goole.com/safeview-redirect/tc_frame.html?dt=PCFET0NUWVBFIGh0bWw%2B&n=639f7146&furl=aHR0cHM6Ly9kZS50eW50LmNvbS9kZWIvP209eGNoJnJ0PWh0bWwmc2lkPTAwMTBiMDAwMDJDcFloRUFBVg%3D%3D&turl=aHR0cDovL3d3dy5nb29sZS5jb20v
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Jul 2021 04:19:20 GMT
Last-Modified: Wed, 09 Sep 2020 08:19:32 GMT
Server: Apache
ETag: "d293-5aedd1c7e101f"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 53907

GET
H/1.1 200
OK nivo-lightbox.css
www.goole.com/wp-content/plugins/responsive-lightbox-lite/assets/nivo-lightbox/ 6 KB
6 KB 115ms
88ms Stylesheet
text/css 217.160.0.201
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.goole.com/wp-content/plugins/responsive-lightbox-lite/assets/nivo-lightbox/nivo-lightbox.css?ver=5.5.5
Requested by: Host: www.goole.com
URL: http://www.goole.com/safeview-redirect/tc_frame.html?dt=PCFET0NUWVBFIGh0bWw%2B&n=639f7146&furl=aHR0cHM6Ly9kZS50eW50LmNvbS9kZWIvP209eGNoJnJ0PWh0bWwmc2lkPTAwMTBiMDAwMDJDcFloRUFBVg%3D%3D&turl=aHR0cDovL3d3dy5nb29sZS5jb20v
Protocol: HTTP/1.1
Server: 217.160.0.201 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS: 217-160-0-201.elastic-ssl.ui-r.com
Software: Apache /
Resource Hash: cca4f37b4a4385ecdf4190c9f2be8e2ded15b5ed018bc04d4f63dd42c2eaf2fc

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.goole.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://www.goole.com/safeview-redirect/tc_frame.html?dt=PCFET0NUWVBFIGh0bWw%2B&n=639f7146&furl=aHR0cHM6Ly9kZS50eW50LmNvbS9kZWIvP209eGNoJnJ0PWh0bWwmc2lkPTAwMTBiMDAwMDJDcFloRUFBVg%3D%3D&turl=aHR0cDovL3d3dy5nb29sZS5jb20v
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.goole.com/safeview-redirect/tc_frame.html?dt=PCFET0NUWVBFIGh0bWw%2B&n=639f7146&furl=aHR0cHM6Ly9kZS50eW50LmNvbS9kZWIvP209eGNoJnJ0PWh0bWwmc2lkPTAwMTBiMDAwMDJDcFloRUFBVg%3D%3D&turl=aHR0cDovL3d3dy5nb29sZS5jb20v
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Jul 2021 04:19:20 GMT
Last-Modified: Wed, 09 Sep 2020 08:21:07 GMT
Server: Apache
ETag: "1649-5aedd2223ed84"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 5705

GET
H/1.1 200
OK default.css
www.goole.com/wp-content/plugins/responsive-lightbox-lite/assets/nivo-lightbox/themes/default/ 3 KB
3 KB 113ms
86ms Stylesheet
text/css 217.160.0.201
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.goole.com/wp-content/plugins/responsive-lightbox-lite/assets/nivo-lightbox/themes/default/default.css?ver=5.5.5
Requested by: Host: www.goole.com
URL: http://www.goole.com/safeview-redirect/tc_frame.html?dt=PCFET0NUWVBFIGh0bWw%2B&n=639f7146&furl=aHR0cHM6Ly9kZS50eW50LmNvbS9kZWIvP209eGNoJnJ0PWh0bWwmc2lkPTAwMTBiMDAwMDJDcFloRUFBVg%3D%3D&turl=aHR0cDovL3d3dy5nb29sZS5jb20v
Protocol: HTTP/1.1
Server: 217.160.0.201 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS: 217-160-0-201.elastic-ssl.ui-r.com
Software: Apache /
Resource Hash: d9ecacf0e4adcba3a7b7dfa57becbc921434053158e57401578818ab40bab332

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.goole.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://www.goole.com/safeview-redirect/tc_frame.html?dt=PCFET0NUWVBFIGh0bWw%2B&n=639f7146&furl=aHR0cHM6Ly9kZS50eW50LmNvbS9kZWIvP209eGNoJnJ0PWh0bWwmc2lkPTAwMTBiMDAwMDJDcFloRUFBVg%3D%3D&turl=aHR0cDovL3d3dy5nb29sZS5jb20v
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.goole.com/safeview-redirect/tc_frame.html?dt=PCFET0NUWVBFIGh0bWw%2B&n=639f7146&furl=aHR0cHM6Ly9kZS50eW50LmNvbS9kZWIvP209eGNoJnJ0PWh0bWwmc2lkPTAwMTBiMDAwMDJDcFloRUFBVg%3D%3D&turl=aHR0cDovL3d3dy5nb29sZS5jb20v
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Jul 2021 04:19:20 GMT
Last-Modified: Wed, 09 Sep 2020 08:21:07 GMT
Server: Apache
ETag: "b1c-5aedd2223ed84"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 2844

GET
H/1.1 200
OK jquery.js Show response
www.goole.com/wp-includes/js/jquery/ 95 KB
95 KB 113ms
86ms Script
application/javascript 217.160.0.201
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.goole.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by: Host: www.goole.com
URL: http://www.goole.com/safeview-redirect/tc_frame.html?dt=PCFET0NUWVBFIGh0bWw%2B&n=639f7146&furl=aHR0cHM6Ly9kZS50eW50LmNvbS9kZWIvP209eGNoJnJ0PWh0bWwmc2lkPTAwMTBiMDAwMDJDcFloRUFBVg%3D%3D&turl=aHR0cDovL3d3dy5nb29sZS5jb20v
Protocol: HTTP/1.1
Server: 217.160.0.201 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS: 217-160-0-201.elastic-ssl.ui-r.com
Software: Apache /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.goole.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://www.goole.com/safeview-redirect/tc_frame.html?dt=PCFET0NUWVBFIGh0bWw%2B&n=639f7146&furl=aHR0cHM6Ly9kZS50eW50LmNvbS9kZWIvP209eGNoJnJ0PWh0bWwmc2lkPTAwMTBiMDAwMDJDcFloRUFBVg%3D%3D&turl=aHR0cDovL3d3dy5nb29sZS5jb20v
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.goole.com/safeview-redirect/tc_frame.html?dt=PCFET0NUWVBFIGh0bWw%2B&n=639f7146&furl=aHR0cHM6Ly9kZS50eW50LmNvbS9kZWIvP209eGNoJnJ0PWh0bWwmc2lkPTAwMTBiMDAwMDJDcFloRUFBVg%3D%3D&turl=aHR0cDovL3d3dy5nb29sZS5jb20v
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Jul 2021 04:19:20 GMT
Last-Modified: Wed, 09 Sep 2020 08:19:32 GMT
Server: Apache
ETag: "17a69-5aedd1c811d60"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 96873

GET
H/1.1 200
OK nivo-lightbox.min.js Show response
www.goole.com/wp-content/plugins/responsive-lightbox-lite/assets/nivo-lightbox/ 7 KB
8 KB 114ms
87ms Script
application/javascript 217.160.0.201
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.goole.com/wp-content/plugins/responsive-lightbox-lite/assets/nivo-lightbox/nivo-lightbox.min.js?ver=5.5.5
Requested by: Host: www.goole.com
URL: http://www.goole.com/safeview-redirect/tc_frame.html?dt=PCFET0NUWVBFIGh0bWw%2B&n=639f7146&furl=aHR0cHM6Ly9kZS50eW50LmNvbS9kZWIvP209eGNoJnJ0PWh0bWwmc2lkPTAwMTBiMDAwMDJDcFloRUFBVg%3D%3D&turl=aHR0cDovL3d3dy5nb29sZS5jb20v
Protocol: HTTP/1.1
Server: 217.160.0.201 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS: 217-160-0-201.elastic-ssl.ui-r.com
Software: Apache /
Resource Hash: 1d3091b35fdfe0a78f4c501cd46aa1044daca73d20a4d740d97694b070d0ff41

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.goole.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://www.goole.com/safeview-redirect/tc_frame.html?dt=PCFET0NUWVBFIGh0bWw%2B&n=639f7146&furl=aHR0cHM6Ly9kZS50eW50LmNvbS9kZWIvP209eGNoJnJ0PWh0bWwmc2lkPTAwMTBiMDAwMDJDcFloRUFBVg%3D%3D&turl=aHR0cDovL3d3dy5nb29sZS5jb20v
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.goole.com/safeview-redirect/tc_frame.html?dt=PCFET0NUWVBFIGh0bWw%2B&n=639f7146&furl=aHR0cHM6Ly9kZS50eW50LmNvbS9kZWIvP209eGNoJnJ0PWh0bWwmc2lkPTAwMTBiMDAwMDJDcFloRUFBVg%3D%3D&turl=aHR0cDovL3d3dy5nb29sZS5jb20v
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Jul 2021 04:19:20 GMT
Last-Modified: Wed, 09 Sep 2020 08:21:07 GMT
Server: Apache
ETag: "1db6-5aedd2223ed84"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 7606

GET
H/1.1 200
OK script.js Show response
www.goole.com/wp-content/plugins/responsive-lightbox-lite/assets/inc/ 819 B
1 KB 117ms
58ms Script
application/javascript 217.160.0.201
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.goole.com/wp-content/plugins/responsive-lightbox-lite/assets/inc/script.js?ver=5.5.5
Requested by: Host: www.goole.com
URL: http://www.goole.com/safeview-redirect/tc_frame.html?dt=PCFET0NUWVBFIGh0bWw%2B&n=639f7146&furl=aHR0cHM6Ly9kZS50eW50LmNvbS9kZWIvP209eGNoJnJ0PWh0bWwmc2lkPTAwMTBiMDAwMDJDcFloRUFBVg%3D%3D&turl=aHR0cDovL3d3dy5nb29sZS5jb20v
Protocol: HTTP/1.1
Server: 217.160.0.201 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS: 217-160-0-201.elastic-ssl.ui-r.com
Software: Apache /
Resource Hash: 3afef3430b5238f8f850e44b964f4f8145d17a435fc489493d38337eb7d1ca7d

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.goole.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://www.goole.com/safeview-redirect/tc_frame.html?dt=PCFET0NUWVBFIGh0bWw%2B&n=639f7146&furl=aHR0cHM6Ly9kZS50eW50LmNvbS9kZWIvP209eGNoJnJ0PWh0bWwmc2lkPTAwMTBiMDAwMDJDcFloRUFBVg%3D%3D&turl=aHR0cDovL3d3dy5nb29sZS5jb20v
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.goole.com/safeview-redirect/tc_frame.html?dt=PCFET0NUWVBFIGh0bWw%2B&n=639f7146&furl=aHR0cHM6Ly9kZS50eW50LmNvbS9kZWIvP209eGNoJnJ0PWh0bWwmc2lkPTAwMTBiMDAwMDJDcFloRUFBVg%3D%3D&turl=aHR0cDovL3d3dy5nb29sZS5jb20v
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Jul 2021 04:19:20 GMT
Last-Modified: Wed, 09 Sep 2020 08:21:07 GMT
Server: Apache
ETag: "333-5aedd2223ce44"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 819

GET
H/1.1 200
OK / Show response
services.vlitag.com/adv1/ 933 B
1 KB 138ms
132ms Script
application/javascript 2606:4700:20::681a:eee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://services.vlitag.com/adv1/?q=60c3873e17b9adefa23c9485ef8a2190

Requested by

Host: www.goole.com
URL: http://www.goole.com/safeview-redirect/tc_frame.html?dt=PCFET0NUWVBFIGh0bWw%2B&n=639f7146&furl=aHR0cHM6Ly9kZS50eW50LmNvbS9kZWIvP209eGNoJnJ0PWh0bWwmc2lkPTAwMTBiMDAwMDJDcFloRUFBVg%3D%3D&turl=aHR0cDovL3d3dy5nb29sZS5jb20v

Protocol

HTTP/1.1

Server

2606:4700:20::681a:eee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87dc5f178d4f356e453783b1e1e0809c8f7d9c95dc78467ecb1ef8e08ce7bcff

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.goole.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Jul 2021 04:19:20 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
NEL: {"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Last-Modified: Thu, 15 Jul 2021 04:19:20 GMT
Server: cloudflare
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=0yS8dyb244sVjySXogMm2xcM5o5SyaPq%2Fq4Q5GbcHBGjUGWB8kB%2FrXp4F4zmrpnu%2BX6ugLqHHUC%2F965E2%2FekSnnouyDMsMpb7MZ2UvPpNTB49OS3P1ER4XoP1o2s5qI3K2Zamk0GcaLkEZR%2F"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
CF-RAY: 66f031265c774e61-FRA
Expires: on, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK goole.png
www.goole.com/wp-content/themes/goole/img/ 4 KB
4 KB 58ms
57ms Image
image/png 217.160.0.201
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.goole.com/wp-content/themes/goole/img/goole.png
Requested by: Host: www.goole.com
URL: http://www.goole.com/safeview-redirect/tc_frame.html?dt=PCFET0NUWVBFIGh0bWw%2B&n=639f7146&furl=aHR0cHM6Ly9kZS50eW50LmNvbS9kZWIvP209eGNoJnJ0PWh0bWwmc2lkPTAwMTBiMDAwMDJDcFloRUFBVg%3D%3D&turl=aHR0cDovL3d3dy5nb29sZS5jb20v
Protocol: HTTP/1.1
Server: 217.160.0.201 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS: 217-160-0-201.elastic-ssl.ui-r.com
Software: Apache /
Resource Hash: e8753bff0f25027b918bb6c8276b9b2989e843bd23d4b5cceefaea623b2f5c8b

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.goole.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.goole.com/safeview-redirect/tc_frame.html?dt=PCFET0NUWVBFIGh0bWw%2B&n=639f7146&furl=aHR0cHM6Ly9kZS50eW50LmNvbS9kZWIvP209eGNoJnJ0PWh0bWwmc2lkPTAwMTBiMDAwMDJDcFloRUFBVg%3D%3D&turl=aHR0cDovL3d3dy5nb29sZS5jb20v
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.goole.com/safeview-redirect/tc_frame.html?dt=PCFET0NUWVBFIGh0bWw%2B&n=639f7146&furl=aHR0cHM6Ly9kZS50eW50LmNvbS9kZWIvP209eGNoJnJ0PWh0bWwmc2lkPTAwMTBiMDAwMDJDcFloRUFBVg%3D%3D&turl=aHR0cDovL3d3dy5nb29sZS5jb20v
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Jul 2021 04:19:20 GMT
Last-Modified: Wed, 18 Feb 2015 08:39:01 GMT
Server: Apache
ETag: "10a8-50f58c0477340"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 4264

GET
H/1.1 200
OK wp-embed.min.js Show response
www.goole.com/wp-includes/js/ 1 KB
2 KB 57ms
57ms Script
application/javascript 217.160.0.201
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.goole.com/wp-includes/js/wp-embed.min.js?ver=5.5.5
Requested by: Host: www.goole.com
URL: http://www.goole.com/safeview-redirect/tc_frame.html?dt=PCFET0NUWVBFIGh0bWw%2B&n=639f7146&furl=aHR0cHM6Ly9kZS50eW50LmNvbS9kZWIvP209eGNoJnJ0PWh0bWwmc2lkPTAwMTBiMDAwMDJDcFloRUFBVg%3D%3D&turl=aHR0cDovL3d3dy5nb29sZS5jb20v
Protocol: HTTP/1.1
Server: 217.160.0.201 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS: 217-160-0-201.elastic-ssl.ui-r.com
Software: Apache /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.goole.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://www.goole.com/safeview-redirect/tc_frame.html?dt=PCFET0NUWVBFIGh0bWw%2B&n=639f7146&furl=aHR0cHM6Ly9kZS50eW50LmNvbS9kZWIvP209eGNoJnJ0PWh0bWwmc2lkPTAwMTBiMDAwMDJDcFloRUFBVg%3D%3D&turl=aHR0cDovL3d3dy5nb29sZS5jb20v
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.goole.com/safeview-redirect/tc_frame.html?dt=PCFET0NUWVBFIGh0bWw%2B&n=639f7146&furl=aHR0cHM6Ly9kZS50eW50LmNvbS9kZWIvP209eGNoJnJ0PWh0bWwmc2lkPTAwMTBiMDAwMDJDcFloRUFBVg%3D%3D&turl=aHR0cDovL3d3dy5nb29sZS5jb20v
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Jul 2021 04:19:20 GMT
Last-Modified: Thu, 15 Apr 2021 14:14:22 GMT
Server: Apache
ETag: "592-5c0037ae223a1"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 1426

GET
H/1.1 200
OK css
fonts.googleapis.com/ 1 KB
946 B 20ms
14ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Lato:400,700

Requested by

Host: www.goole.com
URL: http://www.goole.com/wp-content/themes/goole/style.css

Protocol

HTTP/1.1

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1a35de37bfd7fd9fccce8f7aaf52966e0d377190ed3a3a75e4e76a9f68dccb1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://www.goole.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Jul 2021 04:19:20 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 15 Jul 2021 03:42:21 GMT
Server: ESF
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection: 0
Expires: Thu, 15 Jul 2021 04:19:20 GMT

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
www.goole.com/wp-includes/js/ 14 KB
14 KB 58ms
58ms Script
application/javascript 217.160.0.201
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.goole.com/wp-includes/js/wp-emoji-release.min.js?ver=5.5.5
Requested by: Host: www.goole.com
URL: http://www.goole.com/safeview-redirect/tc_frame.html?dt=PCFET0NUWVBFIGh0bWw%2B&n=639f7146&furl=aHR0cHM6Ly9kZS50eW50LmNvbS9kZWIvP209eGNoJnJ0PWh0bWwmc2lkPTAwMTBiMDAwMDJDcFloRUFBVg%3D%3D&turl=aHR0cDovL3d3dy5nb29sZS5jb20v
Protocol: HTTP/1.1
Server: 217.160.0.201 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS: 217-160-0-201.elastic-ssl.ui-r.com
Software: Apache /
Resource Hash: 07e4203b9f313b587b1d53f896e63771ec85f9b0d4c2ac5fa64089457784d847

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.goole.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://www.goole.com/safeview-redirect/tc_frame.html?dt=PCFET0NUWVBFIGh0bWw%2B&n=639f7146&furl=aHR0cHM6Ly9kZS50eW50LmNvbS9kZWIvP209eGNoJnJ0PWh0bWwmc2lkPTAwMTBiMDAwMDJDcFloRUFBVg%3D%3D&turl=aHR0cDovL3d3dy5nb29sZS5jb20v
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.goole.com/safeview-redirect/tc_frame.html?dt=PCFET0NUWVBFIGh0bWw%2B&n=639f7146&furl=aHR0cHM6Ly9kZS50eW50LmNvbS9kZWIvP209eGNoJnJ0PWh0bWwmc2lkPTAwMTBiMDAwMDJDcFloRUFBVg%3D%3D&turl=aHR0cDovL3d3dy5nb29sZS5jb20v
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Jul 2021 04:19:20 GMT
Last-Modified: Thu, 15 Apr 2021 14:14:22 GMT
Server: Apache
ETag: "3795-5c0037ae223a1"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 14229

GET
H/1.1 200
OK S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v17/ 22 KB
23 KB 12ms
6ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Lato:400,700

Protocol

HTTP/1.1

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://www.goole.com
Referer: http://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Jul 2021 02:10:22 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 15 Sep 2020 18:12:12 GMT
Server: sffe
Age: 180538
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 22992
X-XSS-Protection: 0
Expires: Wed, 13 Jul 2022 02:10:22 GMT

GET
H/1.1 200
OK S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v17/ 23 KB
23 KB 13ms
7ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Lato:400,700

Protocol

HTTP/1.1

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://www.goole.com
Referer: http://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Jul 2021 08:22:35 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 15 Sep 2020 18:10:46 GMT
Server: sffe
Age: 158205
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 23484
X-XSS-Protection: 0
Expires: Wed, 13 Jul 2022 08:22:35 GMT

GET
H2 200 / Show response
services.vlitag.com/uv/ 13 B
715 B 611ms
143ms XHR
application/json 2606:4700:20::681a:eee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://services.vlitag.com/uv/?page_url=http%3A%2F%2Fwww.goole.com%2Fsafeview-redirect%2Ftc_frame.html%3Fdt%3DPCFET0NUWVBFIGh0bWw%252B%26n%3D639f7146%26furl%3DaHR0cHM6Ly9kZS50eW50LmNvbS9kZWIvP209eGNoJnJ0PWh0bWwmc2lkPTAwMTBiMDAwMDJDcFloRUFBVg%253D%253D%26turl%3DaHR0cDovL3d3dy5nb29sZS5jb20v&mtk=11602

Requested by

Host: services.vlitag.com
URL: http://services.vlitag.com/adv1/?q=60c3873e17b9adefa23c9485ef8a2190

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:eee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.goole.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 04:19:21 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 13
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Thu, 15 Jul 2021 04:19:21 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BHQ8N4igRVUB8Pkn1aFmIKKqTjt8Z06%2BFqp5gbyXClnAczKlRRxssgL8RZ1YKmLVVgBLzauIHH6fCKonFZjkFizsK5HLsLEDZGNSmgGQIQO3CRt93W%2BLuTiEeb5dAYOt2gQJ%2FUaVoHYLWN0bi47Jk4o%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: http://www.goole.com
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
cf-ray: 66f0312a1df396ce-FRA
expires: on, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK 60c3873e17b9adefa23c9485ef8a2190.js Show response
tag.vlitag.com/v1/1626280627/ 509 KB
131 KB 31ms
17ms Script
application/javascript 2606:4700:20::681a:fee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://tag.vlitag.com/v1/1626280627/60c3873e17b9adefa23c9485ef8a2190.js

Requested by

Host: services.vlitag.com
URL: http://services.vlitag.com/adv1/?q=60c3873e17b9adefa23c9485ef8a2190

Protocol

HTTP/1.1

Server

2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e0afd44814a75a95764d65cd9911b0430ac0c866ff3c552ffe1c6021719e94d

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.goole.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Jul 2021 04:19:20 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 42074
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
X-XSS-Protection: 1; mode=block
Cf-Bgj: minify
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=oas24W05fuQ3Z5YSU2JLkJJTVYjS6JUplPnh58X1KnPrGppgQeZjfoSS3roXwZ376R66VRRX4OwxjvnrWdg2mdAAkSRd%2BwwJpP%2FOJUwbG0tXmGJj%2BVzhnhELwcyWLdFTKzfOZ4aJ3A%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=31536000, immutable
CF-RAY: 66f031273f532b1e-FRA

GET
H2 200 cmp-v2.0.1.js Show response
assets.vlitag.com/plugins/cmptcf2/ 267 KB
68 KB 44ms
23ms Script
application/javascript 2606:4700:20::681a:fee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.vlitag.com/plugins/cmptcf2/cmp-v2.0.1.js

Requested by

Host: tag.vlitag.com
URL: http://tag.vlitag.com/v1/1626280627/60c3873e17b9adefa23c9485ef8a2190.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

645c745c972fa286538b481ff3da9a58bf2a8b2fba6b8a195853f6d221a4775e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.goole.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 04:19:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1839193
cf-polished: origSize=489839
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-robots-tag: noindex, nofollow
last-modified: Tue, 29 Dec 2020 02:18:12 GMT
server: cloudflare
etag: W/"5fea91e4-7796f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2FP5bwGtsnySnS%2FihKEjj6m6cN1Ip1gU78JQgLdhIPO1Ok%2BH3Lce4bwOSA%2FQFw5FTsWvMdH0AwYWfSed3ooXJzpQoKV894f007%2B7SCMnG0TBCSR5ZPpGaYorsYa%2Ft9R9QQAT2ZQJ6yXEiag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=16070400
cf-ray: 66f0312a8cb04ed4-FRA
expires: Wed, 23 Jun 2021 21:56:07 GMT

GET
H/1.1 200
OK prebid-v5.4.1.js Show response
assets.vlitag.com/prebid/default/ 444 KB
137 KB 29ms
18ms Script
application/javascript 2606:4700:20::681a:fee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://assets.vlitag.com/prebid/default/prebid-v5.4.1.js

Requested by

Host: tag.vlitag.com
URL: http://tag.vlitag.com/v1/1626280627/60c3873e17b9adefa23c9485ef8a2190.js

Protocol

HTTP/1.1

Server

2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13f9232b6f933b62da8d95d967cb91859f154fd767332eb22bc0047dfa753f35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.goole.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Jul 2021 04:19:21 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 338268
Cf-Polished: origSize=454509
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
X-XSS-Protection: 1; mode=block
Last-Modified: Sun, 11 Jul 2021 06:21:25 GMT
Server: cloudflare
ETag: W/"60ea8de5-6ef6d"
X-Robots-Tag: noindex, nofollow
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=0BL8Wi2CJHph3zEgNajp3v51%2B50ARTj0Jk7efC6rtlAmSk2hKbj2L47Z619gvMl%2B02FDv6aJuTTUUSk80CPIE8IOuoOB3sLGhj8yXldSE7XEG%2BbkIF%2FF%2F5alDsAXzgGSUjvh0a5maUunHw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Expires: Sun, 11 Jul 2021 06:51:33 GMT
Cache-Control: max-age=16070400
CF-RAY: 66f0312a8c541f41-FRA
Cf-Bgj: minify

GET
H/1.1 200
OK gpt.js Show response
www.googletagservices.com/tag/js/ 68 KB
24 KB 19ms
13ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: tag.vlitag.com
URL: http://tag.vlitag.com/v1/1626280627/60c3873e17b9adefa23c9485ef8a2190.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62a62e2e05cc6ef890020f2ecc567885895c176880af9dedd3b50ec1c22d6805

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.goole.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Jul 2021 04:19:21 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "930 / 523 of 1000 / last-modified: 1626300463"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Timing-Allow-Origin: *
Content-Length: 24058
X-XSS-Protection: 0
Expires: Thu, 15 Jul 2021 04:19:21 GMT

GET
H/1.1 200
OK viPlayer_v45.min.js Show response
assets.vlitag.com/plugins/vlPlayer/ 13 KB
6 KB 30ms
19ms Script
application/javascript 2606:4700:20::681a:fee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://assets.vlitag.com/plugins/vlPlayer/viPlayer_v45.min.js

Requested by

Host: tag.vlitag.com
URL: http://tag.vlitag.com/v1/1626280627/60c3873e17b9adefa23c9485ef8a2190.js

Protocol

HTTP/1.1

Server

2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5cce2306a2b7a641280a0e61d53b3cd645edb91d9389edaa2ba961a29337cfc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.goole.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Jul 2021 04:19:21 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 2630973
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
X-XSS-Protection: 1; mode=block
Last-Modified: Mon, 14 Jun 2021 17:20:56 GMT
Server: cloudflare
ETag: W/"60c78ff8-34ff"
X-Robots-Tag: noindex, nofollow
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=DTCLSmaLal1jaaQTl2UNbtIdg5bSZXjTrmQmbY5yVlS1q5%2B8DjDOBxxf2vphvUNGlRRKxSsq%2FZ6AknBpJfwOeNvw80YUL0y%2F2ZgcZk%2FuaM1qQyHQok0dO5cZZguLQpt8WWLC67%2Fs4VxO8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=16070400
CF-RAY: 66f0312a8a884e37-FRA
Expires: Mon, 14 Jun 2021 17:59:48 GMT

GET
H/1.1 200
OK ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 340 KB
117 KB 20ms
14ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: tag.vlitag.com
URL: http://tag.vlitag.com/v1/1626280627/60c3873e17b9adefa23c9485ef8a2190.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

17c95dda6af1a7e1e5cf6d3f17df342ab4a3136715e9d470b9285889009c475f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.goole.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Jul 2021 04:19:21 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Accept-Ranges: bytes
Content-Length: 119593
X-XSS-Protection: 0
Expires: Thu, 15 Jul 2021 04:19:21 GMT

GET
H/1.1 200
OK sf_host.min.js Show response
assets.vlitag.com/plugins/safeframe/src/js/ 38 KB
19 KB 27ms
16ms Script
application/javascript 2606:4700:20::681a:fee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://assets.vlitag.com/plugins/safeframe/src/js/sf_host.min.js

Requested by

Host: tag.vlitag.com
URL: http://tag.vlitag.com/v1/1626280627/60c3873e17b9adefa23c9485ef8a2190.js

Protocol

HTTP/1.1

Server

2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.goole.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Jul 2021 04:19:21 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 2633865
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
X-XSS-Protection: 1; mode=block
Last-Modified: Fri, 01 Nov 2019 05:04:50 GMT
Server: cloudflare
ETag: W/"5dbbbcf2-9806"
X-Robots-Tag: noindex, nofollow
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=V8nipzIg%2FJNmauovCVXYVj334fv25KA1P%2BN5f9cVZ2BeiC9SSEtBvPixapS6kTW5isGS1e30s93fDnogXq4Xk7WkCg%2Bi1s6lTHf7MD71qIEW7F1oPMCPShDFsT7rxfOza7RTZePS9RruSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=16070400
CF-RAY: 66f0312a89ba4a61-FRA
Expires: Mon, 14 Jun 2021 17:11:36 GMT

GET
H2 200 pubads_impl_2021071201.js Show response
securepubads.g.doubleclick.net/gpt/ 330 KB
115 KB 182ms
64ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071201.js

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

98d3a7a1592bf3df2536c588b71074ecd38c1ae4271e8ab279e0c0ea940e8316

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.goole.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 04:19:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 12 Jul 2021 08:39:13 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117522
x-xss-protection: 0
expires: Thu, 15 Jul 2021 04:19:21 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 32 B
705 B 190ms
67ms XHR
application/json 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.goole.com

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

40911888c1e37a6276ede7a9c27b13320d823630c5e1dc0e981518de3a77f4fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.goole.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 15 Jul 2021 04:19:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48
x-xss-protection: 0
expires: Thu, 15 Jul 2021 04:19:21 GMT

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1019 B 6ms
5ms XHR
application/json 2a04:4e42:3::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20210715

Requested by

Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v5.4.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:3::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f71624dd073fb29e6776d6b582a818077986356c668992161578205214936119

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.goole.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 4314
x-jsd-version: 1.0.1038
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 949
etag: W/"69f-H7cZO3YLeQyFVUe2/MG8gnyc5bU"
x-served-by: cache-fra19160-FRA
x-jsd-version-type: version
date: Thu, 15 Jul 2021 04:19:21 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK 1592801729.jpg
assets.vlitag.com/widget/2020/06/22/ 74 KB
75 KB 13ms
13ms Image
image/webp 2606:4700:20::681a:fee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://assets.vlitag.com/widget/2020/06/22/1592801729.jpg

Requested by

Protocol

HTTP/1.1

Server

2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8341f341848ee9eec71870d976b0895ef1084190c2e0b0349d2ba1c9b9ef64e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.goole.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Jul 2021 04:19:21 GMT
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 726262
Cf-Polished: qual=85, origFmt=jpeg, origSize=103053
Content-Disposition: inline; filename="1592801729.webp"
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 75514
X-XSS-Protection: 1; mode=block
Last-Modified: Mon, 22 Jun 2020 04:55:29 GMT
Server: cloudflare
ETag: "5ef039c1-1928d"
X-Robots-Tag: noindex, nofollow
Vary: Accept
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=0qkL%2BuE2bfFxnTz6Ddd%2BwMNuY6KbLLunRggwDJj9Hafywv1Db%2FxjrXPAutX%2BMJsN6%2FRG9LgDAhGj05WOLqvBZAR1UC3q1vXbPRsx%2FbcZudbpePcxU%2F17ifPlQRgxFNLuJ92Ms48Eww3f8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/webp
Expires: Tue, 06 Jul 2021 19:04:59 GMT
Cache-Control: max-age=16070400
Accept-Ranges: bytes
CF-RAY: 66f0312afce31f41-FRA
Cf-Bgj: imgq:85,h2pri

POST
H2 200 quantumdex Show response
useast.quantumdex.io/auction/ 5 KB
4 KB 303ms
287ms XHR
application/json 2606:4700:20::681a:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://useast.quantumdex.io/auction/quantumdex
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v5.4.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b51fb8f6cdad9b531fa133bd26014375561d38fb715e7a21f3bab00d8e226d5

Request headers

Referer: http://www.goole.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 15 Jul 2021 04:19:24 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST, GET
content-type: application/json
access-control-allow-origin: http://www.goole.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=XAa9HmX1A2ldEPoEDKOV4Av2U%2BDk6L3JdNyAqvZ3GEoTUCj%2FFNFB8rgccP6JTj8rS%2BXH%2BFjLnS%2B3MYktPtDbAKS9BKGvRgCx7ePwPwmMA%2FjNsTiUBrgMAum%2BeqqMEa1hIg%2FwaxeZHjQKDYWUMw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 66f0313dd9f74a97-FRA

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
363 B 349ms
118ms XHR
text/plain 136.144.59.88
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v5.4.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.goole.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://www.goole.com
date: Thu, 15 Jul 2021 04:19:24 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 3
vary: origin

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
185 B 176ms
59ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.4.0&cb=96700697598
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v5.4.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.goole.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://www.goole.com
date: Thu, 15 Jul 2021 04:19:24 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H/1.1 200
OK prebid Show response
ib.adnxs-simple.com/ut/v3/ 261 B
944 B 196ms
98ms XHR
application/json 185.33.221.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs-simple.com/ut/v3/prebid

Requested by

Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v5.4.1.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.52 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

79b7ce3497106929e70c298eb60d2392b75ef40f61070786ad43ca1844b9a649

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://www.goole.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 15 Jul 2021 04:19:24 GMT
X-Proxy-Origin: 185.236.42.19; 185.236.42.19; 725.bm-nginx-loadbalancer.mgmt.ams1; adnxs-simple.com
AN-X-Request-Uuid: fe3d8d56-8e7f-4651-b255-dff0cc1ae3a9
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://www.goole.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 261
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

ROS Show response
ads.us.e-planning.net/hb/1/2c995/1/www.goole.com/
Redirect Chain

https://ads.us.e-planning.net/pbjs/1/2c995/1/www.goole.com/ROS?rnd=0.3680828735991095&e=970x90_0%3A970x90%2B728x90_0%3A728x90&ur=http%3A%2F%2Fwww.goole.com%2Fsafeview-redirect%2Ftc_frame.html%3Fdt%...
https://ads.us.e-planning.net/hb/1/2c995/1/www.goole.com/ROS?ct=1&r=pbjs&rnd=0.3680828735991095&e=970x90_0%3A970x90%2B728x90_0%3A728x90&ur=http%3A%2F%2Fwww.goole.com%2Fsafeview-redirect%2Ftc_frame....

79 B
398 B

52ms
52ms

XHR
application/json

46.249.52.248
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.us.e-planning.net/hb/1/2c995/1/www.goole.com/ROS?ct=1&r=pbjs&rnd=0.3680828735991095&e=970x90_0%3A970x90%2B728x90_0%3A728x90&ur=http%3A%2F%2Fwww.goole.com%2Fsafeview-redirect%2Ftc_frame.html%3Fdt%3DPCFET0NUWVBFIGh0bWw%252B%26n%3D639f7146%26furl%3DaHR0cHM6Ly9kZS50eW50LmNvbS9kZWIvP209eGNoJnJ0PWh0bWwmc2lkPTAwMTBiMDAwMDJDcFloRUFBVg%253D%253D%26turl%3DaHR0cDovL3d3dy5nb29sZS5jb20v&pbv=5.4.0&ncb=1&vs=FF&crs=UTF-8&fr=http%3A%2F%2Fwww.goole.com%2Fsafeview-redirect%2Ftc_frame.html%3Fdt%3DPCFET0NUWVBFIGh0bWw%252B%26n%3D639f7146%26furl%3DaHR0cHM6Ly9kZS50eW50LmNvbS9kZWIvP209eGNoJnJ0PWh0bWwmc2lkPTAwMTBiMDAwMDJDcFloRUFBVg%253D%253D%26turl%3DaHR0cDovL3d3dy5nb29sZS5jb20v&gdpr=1&gdprcs=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: f1993355f48ad17d8ab9c952def49e1ee2ed56e9a2e38a57634ec00c605e0c33

Request headers

Referer: http://www.goole.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 04:19:24 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: http://www.goole.com
expires: Thu, 15 Jul 2021 04:19:24 GMT
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 79
x-sid: AMS-747

Redirect headers

date: Thu, 15 Jul 2021 04:19:24 GMT
server: openresty
access-control-allow-origin: http://www.goole.com
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location: /hb/1/2c995/1/www.goole.com/ROS?ct=1&r=pbjs&rnd=0.3680828735991095&e=970x90_0%3A970x90%2B728x90_0%3A728x90&ur=http%3A%2F%2Fwww.goole.com%2Fsafeview-redirect%2Ftc_frame.html%3Fdt%3DPCFET0NUWVBFIGh0bWw%252B%26n%3D639f7146%26furl%3DaHR0cHM6Ly9kZS50eW50LmNvbS9kZWIvP209eGNoJnJ0PWh0bWwmc2lkPTAwMTBiMDAwMDJDcFloRUFBVg%253D%253D%26turl%3DaHR0cDovL3d3dy5nb29sZS5jb20v&pbv=5.4.0&ncb=1&vs=FF&crs=UTF-8&fr=http%3A%2F%2Fwww.goole.com%2Fsafeview-redirect%2Ftc_frame.html%3Fdt%3DPCFET0NUWVBFIGh0bWw%252B%26n%3D639f7146%26furl%3DaHR0cHM6Ly9kZS50eW50LmNvbS9kZWIvP209eGNoJnJ0PWh0bWwmc2lkPTAwMTBiMDAwMDJDcFloRUFBVg%253D%253D%26turl%3DaHR0cDovL3d3dy5nb29sZS5jb20v&gdpr=1&gdprcs=
access-control-allow-credentials: true
content-type: text/html; charset=iso-8859-1
x-sid: AMS-747

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
174 B 161ms
54ms XHR
text/plain 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v5.4.1.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.goole.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://www.goole.com
date: Thu, 15 Jul 2021 04:19:24 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

GET
H/1.1 200
OK r.html Show response
assets.vlitag.com/plugins/safeframe/src/html/ Frame 6076 1 KB
1 KB 160ms
159ms Document
text/html 2606:4700:20::681a:fee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://assets.vlitag.com/plugins/safeframe/src/html/r.html

Requested by

Host: assets.vlitag.com
URL: http://assets.vlitag.com/plugins/safeframe/src/js/sf_host.min.js

Protocol

HTTP/1.1

Server

2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e324ec50dd0bdc10ab4b31e01360bc2bfa154f1479cef066510d5a673e345ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: assets.vlitag.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://www.goole.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.goole.com/

Response headers

Date: Thu, 15 Jul 2021 04:19:24 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 01 Nov 2019 05:04:50 GMT
Expires: Thu, 15 Jul 2021 04:49:24 GMT
Cache-Control: max-age=1800
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Robots-Tag: noindex, nofollow
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=fIolNet2jpE6x9b5eu2lBZ47MNm%2FZzJzqAVrTDYIH2x%2FaYdm75TXFXmX5x4UL7v4yNcsntjY%2BSbIiJdxaSjtiZ4FbXCRdWxtV8nH3MOFveuXuFhMhP3MIXFf5TTQ0tRiiaqgNDaeryNNBg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 66f031401bcc1f41-FRA
Content-Encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H/1.1 200
OK vi-logo.svg
assets.vlitag.com/media/icon/ 11 KB
4 KB 11ms
10ms Image
image/svg+xml 2606:4700:20::681a:fee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://assets.vlitag.com/media/icon/vi-logo.svg

Protocol

HTTP/1.1

Server

2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24a104ef6529cb9bbceaeca4e037ecf14d40db5207009ac23e8224703fa11bb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.goole.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Jul 2021 04:19:24 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 2668637
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
X-XSS-Protection: 1; mode=block
Last-Modified: Fri, 01 Nov 2019 05:04:49 GMT
Server: cloudflare
ETag: W/"5dbbbcf1-2c34"
X-Robots-Tag: noindex, nofollow
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=xCVpLUOFH5waXdmK592IQ6VQFuFjwRnZYUcf44vw85sC%2B9uE8Mu7efJPcllwojLPXYfQYo4biMjzmmbLVMCQ5nR5oBJhfz1SWwZ9L4R1FMozVRB2ioAY5v7Dv6T%2BxapIofdp6CLyywXqdw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/svg+xml
Cache-Control: max-age=16070400
CF-RAY: 66f03140187e4e37-FRA

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame 6076 12 KB
4 KB 26ms
9ms Script
application/javascript 2606:4700::6810:a723
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: assets.vlitag.com
URL: http://assets.vlitag.com/plugins/safeframe/src/html/r.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a723 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 04:19:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-request-id: 0b49fd1cc000002c2ac589e000000001
last-modified: Wed, 07 Jul 2021 15:32:55 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"60e5c927-302c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=N680t2iL%2Fe3uCXMyHH0kyUKwsYOgWN9ChDVsjrfUXu1xeDjVqiUXm97n4ADWzC0Zp%2Ff1C3y0P%2FV7O%2FBCd9980UeI%2Bg2hKjQaT8aiP%2BX3gtyas8pAS6TpsAlvQ5VcSWSc2RELFVmFfEU4fT3r"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 66f031413a322c2a-FRA
expires: Sat, 17 Jul 2021 04:19:24 GMT

GET
H/1.1 200
OK sf_ext.min.js Show response
assets.vlitag.com/plugins/safeframe/src/js/ Frame 6076 23 KB
12 KB 12ms
12ms Script
application/javascript 2606:4700:20::681a:fee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://assets.vlitag.com/plugins/safeframe/src/js/sf_ext.min.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

HTTP/1.1

Server

2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

118b932ce446d673706c274aa65d22e8e2b2fe744187ce16f6656ab7940fb140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://assets.vlitag.com/plugins/safeframe/src/html/r.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Jul 2021 04:19:25 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 1837799
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
X-XSS-Protection: 1; mode=block
Last-Modified: Fri, 01 Nov 2019 05:04:50 GMT
Server: cloudflare
ETag: W/"5dbbbcf2-5aed"
X-Robots-Tag: noindex, nofollow
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=P0QcwbQuSWmfHWeb8KLinGsx3maxJxldcTcYH5FIuMVHOPxW4KAyLwnY2xeH%2B6z3Gry27uC1gVjKbNefZZcGdh%2F29id0MuTjfXom138vZ9oq9Kszi5hAeaeUWkhmhW9WjKJYYAKjLh97jg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=16070400
CF-RAY: 66f031415d3c1f41-FRA
Expires: Wed, 23 Jun 2021 22:19:26 GMT

GET
H/1.1 200
OK /
stats.vlitag.com/pi/ 0
667 B 116ms
103ms Image
image/jpeg 2606:4700:20::681a:fee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://stats.vlitag.com/pi/?e=zdNyPKtUUMY-TPrA-PAUw-MTYw-qBAUAqAaaUweRrNTTUAYRmNPZBYTRwNjxqfzxdrtbRhNAGTAMBPaAAAAAAAAAATRrtNRcsokty_orN
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.goole.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Jul 2021 04:19:25 GMT
CF-Cache-Status: DYNAMIC
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=aEF4lMY2PEtMV49RtuGHZCmCXLhxUTcaItBqoqr5eEPMWpXUpf%2FPWZO7Ib5fQguMFWmBVXtqF%2FwnG8qr4R%2B3iRiYdnAJa1bZhM%2FaX4Y6KgNMABMZ5zFFQCmI66zkf5QBs1EFGBU8PMGG"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
CF-RAY: 66f03141691805e4-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame E9C2 98 KB
39 KB 14ms
14ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-128776493-30

Requested by

Host: tag.vlitag.com
URL: http://tag.vlitag.com/v1/1626280627/60c3873e17b9adefa23c9485ef8a2190.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

df96ba5a4c724f3659fb34110ab41799729ed8439017ffcc76dd9ee555f84c14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: http://www.goole.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 04:19:25 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39653
x-xss-protection: 0
last-modified: Thu, 15 Jul 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 15 Jul 2021 04:19:25 GMT

GET
H/1.1 200
OK ab Show response
nym1-ib.adnxs-simple.com/ Frame 6076 15 KB
8 KB 383ms
116ms Script
application/javascript 68.67.160.26
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://nym1-ib.adnxs-simple.com/ab?an_audit=0&referrer=http%3A%2F%2Fwww.goole.com%2Fsafeview-redirect%2Ftc_frame.html%3Fdt%3DPCFET0NUWVBFIGh0bWw%252B%26n%3D639f7146%26furl%3DaHR0cHM6Ly9kZS50eW50LmNvbS9kZWIvP209eGNoJnJ0PWh0bWwmc2lkPTAwMTBiMDAwMDJDcFloRUFBVg%253D%253D%26turl%3DaHR0cDovL3d3dy5nb29sZS5jb20v&e=wqT_3QK1Hmw1DwAAAwDWAAUBCMzuvocGENDSkuKukNSYcBj_EQF4ASo2Cf66050nnsE_ERJl4KLJvLs_GQAAAOBRuPI_IRESACkRJAAxCRu4nj8wq-GBCjiDWUAdSAhQi-CohgFY9-KIAWAAaI6hrQF4x88FgAEBigEDVVNEkgEBBvQrBZgBygegAVqoAQGwAQC4AQLAAQXIAQLQAQDYAQDgAQDwAQDYAgDgAoHiVuoC2QFodHRwOi8vd3d3Lmdvb2xlLmNvbS9zYWZldmlldy1yZWRpcmVjdC90Y19mcmFtZS5odG1sP2R0PVBDRkVUME5VV1ZCRklHaDBiV3clMkImbj02MzlmNzE0NiZmdXJsPWFIUjBjSE02THk5a1pTNTBlVzUwTG1OdmJTOWtaV0l2UDIwOWVHTm9KbkowUFdoMGJXd21jMmxrUFRBd01UQmlNREF3TURKRGNGbG9SVUZCVmclM0QlM0QmdHVybD1hSFIwY0RvdkwzZDNkeTVuYjI5c1pTNWpiMjB28gKwAQoaW1VORU5DT0RFRF9DTElDS19SRURJUkVDVF0SkQFodHRwczovL3BpeGVsLm1hdGh0YWcuY29tL2NsaWNrL2ltZz9tdF9haWQ9Mzg2OTI5MTY5ODQzMDQzMjMwMyZtdF9pZD02NjIyNDA1Jm10X2FkaWQ9MjE2NTM2Jm10X3NpZD00NTYyMzEyJm10X2V4aWQ9MTMmbXRfaW5hcHA9MCZtdF9vcz0mcmVkaXJlY3Q98gIZChRbQklEX0FUVFIuZ2Rwcl9mbGFnXRIBMfICHgoUW0FEX0FUVFIuYWR2ZXJ0aXNlcl0SBjIxNjUzNvICFwoTW0JJRF9BVFRSLmdkcHJfc3RyXRIA8gIdChJbQURfQVRUUi5jcmVhdGl2ZV0SBzY2MjI0MDXyAigKEVtCSURfQVRUUi5iaWRfaWRdEhMzODY5MjkxNjk4NDMwNDMyMzAz8gIaChNbQklEX0FUVFIuZXhjaGFuZ2VdEgNhcG7yAiYKD1tSQU5ET01fTlVNQkVSXRITMzg2OTI5MTY5ODQzMDQzMjMwM_IC3g4KEltOT1RJRklDQVRJT05fVVJJXRLHDjxpbWcgc3JjPWh0dHBzOi8vdGFncy5tYXRodGFnLmNvbS9ub3RpZnkvaW1nP2V4Y2g9YXBuJnNfZXhjaD1hcG4maWQ9NWFXOTVxMmpMekl6THlBdlRucGpkMWxxUm0xYVJHTjBUVVJCZDAxRE1IZE5SRUYzVEZSQmQwMUVRWFJOUkVGM1RVUkJkMDFFUVhkTlJFRjNMek00TmpreU9URTJPVGcwTXpBME16SXpNRE12TmpZeU1qUXdOUzgwTlRZeU16RXlMekV6TDJkRFEzRTFSVEJQTUc1MlMxbGtjbTEyUVRSNlJqQTFUMXBuVURNMVQwNHdkMDB0YUZCb1RIZFlUVTB2TVM4eE15OHdMekF2T1RVMk9EQXpMekF2TWpFMk5UTTJMelkxTVRnM01TOHhMekF2TUM5TlJFRjNUVVJCZDAxRVFYUk5SRUYzVFVNd2QwMUVRWGRNVkVGM1RVUkJkRTFFUVhkTlJFRjNUVVJCZDAxRVFYY3ZNQzh3THpBdk1DOHdMek00TmpreU9URTJPVGcwTXpBME16SXpNRE12YjNKa0x6QXZOVEF4THpJMkx6azVPUzh6TWpJdk1tRXdNVG8wWmpnNk1Ua3lPalUwTURBNk9pOHdMakF3TUM4eE5qSTJNekl5TnpZMEx6RTJNall6TXpVek5qUXZNVE12TVRFek9UVXYvSkNZOXJjSVpBVGJLbWh3RjhtQVR6RE1DZnVNJm5vZGVpZD0yNjkwJmdyb3VwPXVzLWVhc3QmYXVjdGlvbmlkPTM4NjkyOTE2OTg0MzA0MzIzMDMmc2hhcmRrZXk9Mzg2OTI5MTZdlBgmc2lkPTQ1aa_wcWNpZD02NjIyNDA1JmJwPWFfYmRoZ2RqJm5meV9hY3Q9TEQ1d2V3JmJmaXA9MjE2LjIwMC4yMzIuMTQzJnR5cGU9aW1wJmNsaWVudD1jMnMgd2lkdGg9MSBoZWlnaHQ9MT5ceDNDc2NyaXB0IHNyYz0naI2LTHMudXBkYXRlLm1lZGlhbWF0aHRhSfdQMi82MTk2MjEvYW5hbHl0aWNzLmpzoYoJF7AxNTU2MTQwMjQ2NzQwMDAwJnBkPWF2dCZkaT1odHRwJTNBLy93d3cuZ29vbGWF5ABzduUFHCUzRmR0JTNEUukFMDUyQiUyNm4lM0Q2Mzml7zQlMjZmdXJsJTNEYUhSMP7zBTrzBQwyNTNEDQUANqH5EWYURG92TDNkQvsFMCZ1aT03NzBiMWZkNy0hDToFABEBGCZhcD0mdGlS3QXIcHY9MGM5NmI2ZDMtNzA1NS00YzM5LWJkNjEtMDhhMTJhMjIzZTM5JnBwPTExMzk1JnNyod0YZGU9NDMwMEFOeD01NTE0MDMwJmRtPTk3MHg5MCZhYz02NTE4NzEmY3JVYARhaUFDwTQEYzFVgchyMT0yYTAxOjRmODoxOTI6NTQwMDo6JnIyPSZyMz0nIGFzeW5jPSd0cnVlJz5ceDNDL3NFTgA-AQwMZGl2IElyECcxJyBoSXQBC5BzdHlsZT0nZGlzcGxheTpub25lOyBvdmVyZmxvdzpoaWRkZW4nBUMIaW1nES40bGVmdDotMTBweDt0b3ANCkwgcG9zaXRpb246YWJzb2x1dGUnIKG2ACdBbRhzOi8vcGl4OlQHEGV2ZW508VQkaWQ9MTM2ODg3NS45BxQ3NjQmdjEhSCh2Mj0zODY5MjkxNi6kAwR2MzFBBHY0NSwEdjU1TAxtdF9uJRosMSZub19hdHRyPTEnVgwBAC9W6AAAORHnAQmC5gAQdGFncy4upgMZ5QB0gQdYbW1JbXBUcmFjayZleGNoPWFwbiZiaWRS3AAEc3QV0iR0aW1lPVtJTVBfEggIAQ8wXSZub2RlaWQ9MjY5MHLTAGwvZGl2PoADAYgDAJADAJgDFKADAaoDqQYK4AVoFu0JQrYAFG5vdGlmeSWcFacEc18VCyRpZD01YVc5NXEy_lMH_lMHZlMHyG5wYVkyTjViRTAyTmkxelN6SldSek5PVVY4MWEwMHZNUzh4TXk4d0x6QXZPVFUyT0RBegEMPE1qRTJOVE0yTHpZMU1UZzMBKAUYDEM5TlLlQxxSQmQwMUVRWB4bCARNdwkQCGRNVhEgAEUBIABkOjAADGN2TUMJcAkIBE00XkMIDGIzSmsBdBhOVEF4THpJ_lMHZlMHaGhCTVdZcWExcTB3U0VJN2tPS0dmeXJZejlWNC5eAkQmZ3JvdXA9dXMtZWFzdCZhdWNh6V62AhxoYXJka2V5PU6vA1hwcmljZT0ke0FVQ1RJT05fUFJJQ0V9Ji5GBwxmM1UmUkcHXo8HgWYIYXBp6WcMYnVybPFoDHMycxJOswpAGhM4MDg0MzMxMzI5MzQ2NjQOwgtQIgkyODE2ODYwMjcqBjEwMTkzNjoH7fKowAOsAsgDANgDtIk64AMA6AMA-AMDgAQAkgQJL29wZW5ydGIymAQAogQUMjajBagxNDo6MqgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQA8ASLDsgN8F76BBIJAAAAoJmZSUARAAAAwMzMIkCIBQGYBQCgBcLN7LWqv-bEWqoFJDdjYTBiMGQ1LTZjNTItNDE2MC1iZTYwLTA0MGFmMmQ3N2YyM8AFAMkFAAAAAAAA8D_SBQkJAAUMPAAA2AUB4AUB8AX5yyH6BQQBmCiQBgCYBgC4BgHBBgkkLPA_0Ab5qwHaBhYKEAkSGQEBx0zgBgHyBgIIAIAHAYgHAKAHAaoHBsnICLoHDwFSDeosugZAAMgHx88F0gcNAdoFAQFBCNoHBgknKOAHAOoHAggA8AcA&s=df5ac809827098767dac21106e9f04ab0f320c65&pp=0.10834900000000001

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.26 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

f30e6ef43618682eff961b26d463fe16a6f30145e70032fd4fd332e003b4d15a

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Jul 2021 04:19:25 GMT
Content-Encoding: gzip
X-Creative-ID: 281686027
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.236.42.19; 185.236.42.19; 567.bm-nginx-loadbalancer.mgmt.nym2; adnxs-simple.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 0c179b9a-976f-40ec-a171-5bfca4415191
Server: nginx/1.17.9
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 6a7d34f5-7f7f-494c-8a07-71af85fdab4b
quantumsyndication.com/pixel/ Frame 6076 43 B
588 B 133ms
111ms Image
image/gif 2606:4700:3033::ac43:8e10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quantumsyndication.com/pixel/6a7d34f5-7f7f-494c-8a07-71af85fdab4b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:8e10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: http://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 04:19:25 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=bb8UOzflfwPRs%2F8qbh13ODAoypkIdfUsOXaFGeHSPswRxNDbdIZgFA3pahuZ71vA9pYiCgZZCkmBs6gj8s255H7liECMfsNxrXWd1e9tppXJeDHRx7P4sNz45lja38INibrX8bya6U0ujRYiqxIXzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 66f03141a98c176e-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 43

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame E9C2 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-128776493-30

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.goole.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 17:36:57 GMT
server: Golfe2
age: 5306
date: Thu, 15 Jul 2021 02:50:59 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19661
expires: Thu, 15 Jul 2021 04:50:59 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ Frame E9C2 1 B
21 B 28ms
13ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j91&a=117800076&t=pageview&_s=1&dl=http%3A%2F%2Fwww.goole.com%2Fsafeview-redirect%2Ftc_frame.html%3Fdt%3DPCFET0NUWVBFIGh0bWw%252B%26n%3D639f7146%26furl%3DaHR0cHM6Ly9kZS50eW50LmNvbS9kZWIvP209eGNoJnJ0PWh0bWwmc2lkPTAwMTBiMDAwMDJDcFloRUFBVg%253D%253D%26turl%3DaHR0cDovL3d3dy5nb29sZS5jb20v&ul=en-us&de=UTF-8&dt=quantumdex_goole.com_0.10834900000000001_Default&sd=24-bit&sr=1600x1200&vp=&je=0&cn=0.10834900000000001&cs=goole.com&cm=quantumdex&cc=Default&_u=YEBAAUABAAAAAC~&jid=1738263861&gjid=886663336&cid=1008452097.1626322765&tid=UA-128776493-30&_gid=2129986317.1626322765&_r=1&gtm=2ou7e0&z=428756314

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.goole.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 15 Jul 2021 04:19:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://www.goole.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK knsinarql37c Show response
hal9000.redintelligence.net/zone/ Frame 6076 10 KB
3 KB 108ms
79ms Script
text/html 138.201.63.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://hal9000.redintelligence.net/zone/knsinarql37c?subid=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&rnd=3869291698430432303&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:apn&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D3869291698430432303%26mt_id%3D6622405%26mt_adid%3D216536%26redirect%3D
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Server: 138.201.63.145 Lingenfeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.145.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 93218bfff0972fdb54651d6cd2fe596a9326486073e119241313ab3d811ce2f2

Request headers

Referer: http://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Jul 2021 04:19:25 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 2801
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1

200
OK

ck-confirm
tags.mathtag.com/ Frame 6076
Redirect Chain

https://tags.mathtag.com/notify/img?exch=apn&s_exch=apn&id=5aW95q2jLzIzLyAvTnpjd1lqRm1aRGN0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzM4NjkyOTE2OTg0MzA0MzIzMDMvNjYyMjQwNS80NTYyMzEyLzEzL2dDQ3...
https://tags.mathtag.com/ck-confirm?bid_id=3869291698430432303&node_id=2690&exch_id=13

49 B
330 B

175ms
175ms

Image
image/gif

185.29.133.52
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/ck-confirm?bid_id=3869291698430432303&node_id=2690&exch_id=13
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.133.52 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.202.0 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Referer: http://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Jul 2021 04:19:21 GMT
Server: MMBD/3.202.0
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: zrh-router-x74, ord-bidder-x350
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Thu, 15 Jul 2021 04:19:20 GMT

Redirect headers

Date: Thu, 15 Jul 2021 04:19:20 GMT
x-mm-bid-request-time: 1626322764
Last-Modified: Thu, 15 Jul 2021 04:19:24 GMT
Server: MMBD/3.202.0
x-mm-latency: 230 (0)
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://tags.mathtag.com/ck-confirm?bid_id=3869291698430432303&node_id=2690&exch_id=13
x-mm-dbg: Invalid
Cache-Control: no-cache
x-mm-host: zrh-router-x37, ord-bidder-x350
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Keep-Alive: timeout=360
Content-Length: 86
Expires: Thu, 15 Jul 2021 04:19:19 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/event/ Frame 6076 43 B
506 B 182ms
67ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=13&v2=3869291698430432303&v3=651871&v4=4562312&v5=6622405&mt_nsync=1&no_attr=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 3810 5cb7d7e master cdg-pixel-x30 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Jul 2021 04:19:25 GMT
Server: MT3 3810 5cb7d7e master cdg-pixel-x30
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 15 Jul 2021 04:18:47 GMT

GET
H/1.1 200
OK img
tags.mathtag.com/event/ Frame 6076 49 B
330 B 281ms
168ms Image
image/gif 185.29.133.52
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/event/img?type=mmImpTrack&exch=apn&bid=3869291698430432303&st=4562312&time=[IMP_ATTR.time]&nodeid=2690
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.133.52 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.202.0 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Referer: http://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Jul 2021 04:19:20 GMT
Server: MMBD/3.202.0
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: zrh-router-x42, ord-bidder-x350
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Thu, 15 Jul 2021 04:19:19 GMT

GET
H/1.1 200
OK it
nym1-ib.adnxs-simple.com/ Frame 6076 0
655 B 119ms
119ms Image
text/html 68.67.160.26
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nym1-ib.adnxs-simple.com/it?an_audit=0&referrer=http%3A%2F%2Fwww.goole.com%2Fsafeview-redirect%2Ftc_frame.html%3Fdt%3DPCFET0NUWVBFIGh0bWw%252B%26n%3D639f7146%26furl%3DaHR0cHM6Ly9kZS50eW50LmNvbS9kZWIvP209eGNoJnJ0PWh0bWwmc2lkPTAwMTBiMDAwMDJDcFloRUFBVg%253D%253D%26turl%3DaHR0cDovL3d3dy5nb29sZS5jb20v&e=wqT_3QK3DGw3BgAAAwDWAAUBCMzuvocGENDSkuKukNSYcBj_EQHAASo2CSAy4iEjnsE_Ed_mjZPCvLs_GQAAAOBRuPI_IRJl4KLJvLs_Kf66050nnsE_MQkbuJ4_MKvhgQo4g1lAHUgIUIvgqIYBWPfiiAFgAGiOoa0BeMfPBYABAYoBA1VTRJIBAQb0qAWYAcoHoAFaqAEBsAEAuAECwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKB4lbqAtkBaHR0cDovL3d3dy5nb29sZS5jb20vc2FmZXZpZXctcmVkaXJlY3QvdGNfZnJhbWUuaHRtbD9kdD1QQ0ZFVDBOVVdWQkZJR2gwYld3JTJCJm49NjM5ZjcxNDYmZnVybD1hSFIwY0hNNkx5OWtaUzUwZVc1MExtTnZiUzlrWldJdlAyMDllR05vSm5KMFBXaDBiV3dtYzJsa1BUQXdNVEJpTURBd01ESkRjRmxvUlVGQlZnJTNEJTNEJnR1cmw9YUhSMGNEb3ZMM2QzZHk1bmIyOXNaUzVqYjIwdoADAYgDAJADAJgDFKADAaoDqQYK4AVodHRwOi8vdGFncy5tYXRodGFnLmNvbS9ub3RpZnkvaW1nP2V4Y2g9YXBuJnNfZXhjaD1hcG4maWQ9NWFXOTVxMmpMekl6THlBdlRucGpkMWxxUm0xYVJHTjBUVVJCZDAxRE1IZE5SRUYzVEZSQmQwMUVRWFJOUkVGM1RVUkJkMDFFUVhkTlJFRjNMek00TmpreU9URTJPVGcwTXpBME16SXpNRE12TmpZeU1qUXdOUzgwTlRZeU16RXlMekV6TDJkRFEzRTFSVEJQTUc1MlMxbGtjbTEyUVRSNlJucGFZMk41YkUwMk5pMXpTekpXUnpOT1VWODFhMDB2TVM4eE15OHdMekF2T1RVMk9EQXpMekF2TWpFMk5UTTJMelkxTVRnM01TOHhMekF2TUM5TlJFRjNUVVJCZDAxRVFYUk5SRUYzVFVNd2QwMUVRWGRNVkVGM1RVUkJkRTFFUVhkTlJFRjNUVVJCZDAxRVFYY3ZNQzh3THpBdk1DOHdMek00TmpreU9URTJPVGcwTXpBME16SXpNRE12YjNKa0x6QXZOVEF4THpJMkx6azVPUzh6TWpJdk1tRXdNVG8wWmpnNk1Ua3lPalUwTURBNk9pOHdMakF3TUM4eE5qSTJNekl5TnpZMEx6RTJNall6TXpVek5qUXZNVE12TVRFek9UVXYvaEJNV1lxYTFxMHdTRUk3a09LR2Z5cll6OVY0Jm5vZGVpZD0yNjkwJmdyb3VwPXVzLWVhc3QmYXVjdGlvbmlkPTM4NjkyOTE2OTg0MzA0MzIzMDMmc2hhcmRrZXk9Mzg2OTI5MTY5ODQzMDQzMjMwMyZwcmljZT0ke0FVQ1RJT05fUFJJQ0V9Jm5meV9hY3Q9TEQ1d2YzVSZiZmlwPTIxNi4yMDAuMjMyLjE0MyZzaWQ9NDU2MjMxMiZjaWQ9NjYyMjQwNSZzcmM9YXBpJnR5cGU9YnVybCZjbGllbnQ9czJzEhMzODY5MjkxNjk4NDMwNDMyMzAzGhM4MDg0MzMxMzI5MzQ2NjQ0MzA0IgkyODE2ODYwMjcqBjEwMTkzNjoHNjYyMjQwNcADrALIAwDYA7SJOuADAOgDAPgDA4AEAJIECS9vcGVucnRiMpgEAKIEFDJhMDE6NGY4OjE5Mjo1NDE0OjoyqAQAsgQMCAAQABgAIAAwADgCuAQAwAQAyAQA2gQCCAHgBADwBIvgqIYB-gQSCQAAAKCZmUlAEQAAAMDMzCJAiAUBmAUAoAXCzey1qr_mxFqqBSQ3Y2EwYjBkNS02YzUyLTQxNjAtYmU2MC0wNDBhZjJkNzdmMjPABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AX5yyH6BQQIABAAkAYAmAYAuAYBwQYAAAAAAADwP9AG-asB2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGAggAgAcBiAcAoAcBqgcGNjUxODcxugcPCAAQABgAIAAwADi6BkAAyAfHzwXSBw0JAAAAAAAAAAAQABgA2gcGCAAQABgA4AcA6gcCCADwBwA.&s=c447181ebec1a09ade019f0465e2f8d95f6e94ee

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.26 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 15 Jul 2021 04:19:25 GMT
X-Proxy-Origin: 185.236.42.19; 185.236.42.19; 567.bm-nginx-loadbalancer.mgmt.nym2; adnxs-simple.com
AN-X-Request-Uuid: ba119d0d-653f-4e47-b6da-0bdac5447d1f
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

request.php Show response
hal900024.redintelligence.net/ Frame 6076
Redirect Chain

http://hal900024.redintelligence.net/request.php?zone=knsinarql37c&nw=20&renderingType=javascript&namespace=0212ff1028&subid=&uid=33dd96a4174d57c9&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
http://hal900024.redintelligence.net/request.php?zone=knsinarql37c&nw=20&renderingType=javascript&namespace=0212ff1028&subid=&uid=33dd96a4174d57c9&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...

610 B
910 B

158ms
132ms

Script
application/x-javascript

138.201.84.252
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://hal900024.redintelligence.net/request.php?zone=knsinarql37c&nw=20&renderingType=javascript&namespace=0212ff1028&subid=&uid=33dd96a4174d57c9&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D3869291698430432303%26mt_id%3D6622405%26mt_adid%3D216536%26redirect%3D&documentReferer=http%3A%2F%2Fwww.goole.com%2F&ancestorOrigins=http%3A%2F%2Fwww.goole.com&random=2473166452045&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1
Protocol: HTTP/1.1
Server: 138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.252.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e953fd0eae26bb204e480447ed1d404af7d1d16e36be921ae5e796acce4059c5

Request headers

Referer: http://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 15 Jul 2021 04:19:25 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 34195200011452500951443011656024
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 327
Expires: Thu, 15 Jul 2021 05:19:25 +0200

Redirect headers

Pragma: no-cache
Date: Thu, 15 Jul 2021 04:19:25 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=knsinarql37c&nw=20&renderingType=javascript&namespace=0212ff1028&subid=&uid=33dd96a4174d57c9&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D3869291698430432303%26mt_id%3D6622405%26mt_adid%3D216536%26redirect%3D&documentReferer=http%3A%2F%2Fwww.goole.com%2F&ancestorOrigins=http%3A%2F%2Fwww.goole.com&random=2473166452045&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Thu, 15 Jul 2021 05:19:25 +0200

GET
H/1.1 200
OK request_content.php Show response
hal900024.redintelligence.net/ Frame 00E0 4 KB
2 KB 106ms
79ms Document
text/html 138.201.84.252
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://hal900024.redintelligence.net/request_content.php?s=34195200011452500951443011656024&a=9f00d1ce
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Server: 138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.252.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 21a20702291139df6b76478943fef0cfa8b4e7e7752f6827c76a3b3e89e3d046

Request headers

Host: hal900024.redintelligence.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://assets.vlitag.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://assets.vlitag.com/

Response headers

Date: Thu, 15 Jul 2021 04:19:25 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Thu, 15 Jul 2021 05:19:25 +0200
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1501
Connection: close
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK analytics.js Show response
s.update.mediamathtag.com/2/619621/ Frame 6076 6 KB
3 KB 308ms
67ms Script
text/javascript 52.48.25.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=http%3A//www.goole.com/safeview-redirect/tc_frame.html%3Fdt%3DPCFET0NUWVBFIGh0bWw%252B%26n%3D639f7146%26furl%3DaHR0cHM6Ly9kZS50eW50LmNvbS9kZWIvP209eGNoJnJ0PWh0bWwmc2lkPTAwMTBiMDAwMDJDcFloRUFBVg%253D%253D%26turl%3DaHR0cDovL3d3dy5nb29sZS5jb20v&ui=770b1fd7-0000-0000-0000-000000000000&ap=&ti=3869291698430432303&pv=0c96b6d3-7055-4c39-bd61-08a12a223e39&pp=11395&sr=13&de=43003&si=5514030&dm=970x90&ac=651871&cr=6622405&ai=216536&c1=4562312&r1=2a01:4f8:192:5400::&r2=&r3=

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

52.48.25.212 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-48-25-212.eu-west-1.compute.amazonaws.com

Software

Resource Hash

c3c1c81e7aef8296802799b586e287767b8ad576886b42e5ee91b40fef73653e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 15 Jul 2021 04:19:25 GMT
Content-Encoding: gzip
Accept-Ch: Viewport-Width, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary: *
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, no-transform, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Timing-Allow-Origin: *
Content-Length: 3012
Expires: 0

GET
H/1.1 200
OK rd_log Show response
nym1-ib.adnxs-simple.com/ Frame 6076 0
655 B 129ms
128ms Script
text/html 68.67.160.26
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://nym1-ib.adnxs-simple.com/rd_log?an_audit=0&referrer=http%3A%2F%2Fwww.goole.com%2Fsafeview-redirect%2Ftc_frame.html%3Fdt%3DPCFET0NUWVBFIGh0bWw%252B%26n%3D639f7146%26furl%3DaHR0cHM6Ly9kZS50eW50LmNvbS9kZWIvP209eGNoJnJ0PWh0bWwmc2lkPTAwMTBiMDAwMDJDcFloRUFBVg%253D%253D%26turl%3DaHR0cDovL3d3dy5nb29sZS5jb20v&e=wqT_3QKLGGwLDAAAAwDWAAUBCMzuvocGENDSkuKukNSYcBj_EQHAASo2CSAy4iEjnsE_Ed_mjZPCvLs_GQAAAOBRuPI_IRJl4KLJvLs_Kf66050nnsE_MQkbuJ4_MKvhgQo4g1lAHUgIUIvgqIYBWPfiiAFgAGiOoa0BeMfPBYABAYoBA1VTRJIBAQb0KwWYAcoHoAFaqAEBsAEAuAECwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKB4lbqAtkBaHR0cDovL3d3dy5nb29sZS5jb20vc2FmZXZpZXctcmVkaXJlY3QvdGNfZnJhbWUuaHRtbD9kdD1QQ0ZFVDBOVVdWQkZJR2gwYld3JTJCJm49NjM5ZjcxNDYmZnVybD1hSFIwY0hNNkx5OWtaUzUwZVc1MExtTnZiUzlrWldJdlAyMDllR05vSm5KMFBXaDBiV3dtYzJsa1BUQXdNVEJpTURBd01ESkRjRmxvUlVGQlZnJTNEJTNEJnR1cmw9YUhSMGNEb3ZMM2QzZHk1bmIyOXNaUzVqYjIwdvICsAEKGltVTkVOQ09ERURfQ0xJQ0tfUkVESVJFQ1RdEpEBaHR0cHM6Ly9waXhlbC5tYXRodGFnLmNvbS9jbGljay9pbWc_bXRfYWlkPTM4NjkyOTE2OTg0MzA0MzIzMDMmbXRfaWQ9NjYyMjQwNSZtdF9hZGlkPTIxNjUzNiZtdF9zaWQ9NDU2MjMxMiZtdF9leGlkPTEzJm10X2luYXBwPTAmbXRfb3M9JnJlZGlyZWN0PfICGQoUW0JJRF9BVFRSLmdkcHJfZmxhZ10SATHyAh4KFFtBRF9BVFRSLmFkdmVydGlzZXJdEgYyMTY1MzbyAhcKE1tCSURfQVRUUi5nZHByX3N0cl0SAPICHQoSW0FEX0FUVFIuY3JlYXRpdmVdEgc2NjIyNDA18gIoChFbQklEX0FUVFIuYmlkX2lkXRITMzg2OTI5MTY5ODQzMDQzMjMwM_ICGgoTW0JJRF9BVFRSLmV4Y2hhbmdlXRIDYXBu8gImCg9bUkFORE9NX05VTUJFUl0SEzM4NjkyOTE2OTg0MzA0MzIzMDPyAt4OChJbTk9USUZJQ0FUSU9OX1VSSV0Sxw48aW1nIHNyYz1odHRwczovL3RhZ3MubWF0aHRhZy5jb20vbm90aWZ5L2ltZz9leGNoPWFwbiZzX2V4Y2g9YXBuJmlkPTVhVzk1cTJqTHpJekx5QXZUbnBqZDFscVJtMWFSR04wVFVSQmQwMURNSGROUkVGM1RGUkJkMDFFUVhSTlJFRjNUVVJCZDAxRVFYZE5SRUYzTHpNNE5qa3lPVEUyT1RnME16QTBNekl6TURNdk5qWXlNalF3TlM4ME5UWXlNekV5THpFekwyZERRM0UxUlRCUE1HNTJTMWxrY20xMlFUUjZSakExVDFwblVETTFUMDR3ZDAwdGFGQm9USGRZVFUwdk1TOHhNeTh3THpBdk9UVTJPREF6THpBdk1qRTJOVE0yTHpZMU1UZzNNUzh4THpBdk1DOU5SRUYzVFVSQmQwMUVRWFJOUkVGM1RVTXdkMDFFUVhkTVZFRjNUVVJCZEUxRVFYZE5SRUYzVFVSQmQwMUVRWGN2TUM4d0x6QXZNQzh3THpNNE5qa3lPVEUyT1RnME16QTBNekl6TURNdmIzSmtMekF2TlRBeEx6STJMems1T1M4ek1qSXZNbUV3TVRvMFpqZzZNVGt5T2pVME1EQTZPaTh3TGpBd01DOHhOakkyTXpJeU56WTBMekUyTWpZek16VXpOalF2TVRNdk1URXpPVFV2L0pDWTlyY0laQVRiS21od0Y4bUFUekRNQ2Z1TSZub2RlaWQ9MjY5MCZncm91cD11cy1lYXN0JmF1Y3Rpb25pZD0zODY5MjkxNjk4NDMwNDMyMzAzJnNoYXJka2V5PTM4NjkyOTE2XZQYJnNpZD00NWmv8HFjaWQ9NjYyMjQwNSZicD1hX2JkaGdkaiZuZnlfYWN0PUxENXdldyZiZmlwPTIxNi4yMDAuMjMyLjE0MyZ0eXBlPWltcCZjbGllbnQ9YzJzIHdpZHRoPTEgaGVpZ2h0PTE-XHgzQ3NjcmlwdCBzcmM9J2iNi0xzLnVwZGF0ZS5tZWRpYW1hdGh0YUn3UDIvNjE5NjIxL2FuYWx5dGljcy5qc6GKCRewMTU1NjE0MDI0Njc0MDAwMCZwZD1hdnQmZGk9aHR0cCUzQS8vd3d3Lmdvb2xlheQAc3blBRwlM0ZkdCUzRFLpBTA1MkIlMjZuJTNENjM5pe80JTI2ZnVybCUzRGFIUjD-8wU68wUMMjUzRA0FADah-RFmFERvdkwzZEL7BTAmdWk9NzcwYjFmZDctIQ06BQARARgmYXA9JnRpUt0FyHB2PTBjOTZiNmQzLTcwNTUtNGMzOS1iZDYxLTA4YTEyYTIyM2UzOSZwcD0xMTM5NSZzcqHdGGRlPTQzMDBBTng9NTUxNDAzMCZkbT05NzB4OTAmYWM9NjUxODcxJmNyVWAEYWlBQ8E0BGMxVYHIcjE9MmEwMTo0Zjg6MTkyOjU0MDA6OiZyMj0mcjM9JyBhc3luYz0ndHJ1ZSc-XHgzQy9zRU4APgEMDGRpdiBJchAnMScgaEl0AQuQc3R5bGU9J2Rpc3BsYXk6bm9uZTsgb3ZlcmZsb3c6aGlkZGVuJwVDCGltZxEuNGxlZnQ6LTEwcHg7dG9wDQpMIHBvc2l0aW9uOmFic29sdXRlJyChtgAnQW0YczovL3BpeDpUBxBldmVudPFUJGlkPTEzNjg4NzUuOQcUNzY0JnYxIUgodjI9Mzg2OTI5MTYupAMEdjMxQQR2NDUsBHY1NUwMbXRfbiUaLDEmbm9fYXR0cj0xJ1YMAQAvVugAADkR5wEJguYAEHRhZ3MuLqYDGeUAdIEHWG1tSW1wVHJhY2smZXhjaD1hcG4mYmlkUtwABHN0FdIkdGltZT1bSU1QXxIICAEPMF0mbm9kZWlkPTI2OTBy0wDwQC9kaXY-gAMBiAMAkAMAmAMUoAMBqgMAwAOsAsgDANgDtIk64AMA6AMA-AMDgAQAkgQJL29wZW5ydGIymAQAogQUOnkCqDE0OjoyqAQAsgQMCAAQABgAIAAwADgCuAQAwAQAyAQA2gQCCAHgBADwBIsOngrwXvoEEgkAAACgmZlJQBEAAADAzMwiQIgFAZgFAKAFws3staq_5sRaqgUkN2NhMGIwZDUtNmM1Mi00MTYwLWJlNjAtMDQwYWYyZDc3ZjIzwAUAyQUAAAAAAADwP9IFCQkABQw8AADYBQHgBQHwBfnLIfoFBAGYKJAGAJgGALgGAcEGCSQs8D_QBvmrAdoGFgoQCRIZAQHHTOAGAfIGAggAgAcBiAcAoAcBqgcGaZ4IugcPAVIN6iy6BkAAyAfHzwXSBw0B2gUBAUEI2gcGCSco4AcA6gcCCADwBwA.&s=855692583ca78978db44f899d5159c5c53abf1a3&bdref=http%3A%2F%2Fwww.goole.com%2F&bdtop=true&bdifs=1&bstk=http%3A%2F%2Fwww.goole.com%2F,http%3A%2F%2Fassets.vlitag.com%2Fplugins%2Fsafeframe%2Fsrc%2Fhtml%2Fr.html&

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.26 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 15 Jul 2021 04:19:25 GMT
X-Proxy-Origin: 185.236.42.19; 185.236.42.19; 567.bm-nginx-loadbalancer.mgmt.nym2; adnxs-simple.com
AN-X-Request-Uuid: d0af8aa4-4559-4da3-9022-ee07cf1ff9db
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK S-970x90.gif
cdn.contentspread.net/24i/content/soberfb/DE/ Frame 00E0 24 KB
24 KB 231ms
76ms Image
image/gif 145.239.2.103
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.contentspread.net/24i/content/soberfb/DE/S-970x90.gif
Requested by: Host: hal900024.redintelligence.net
URL: http://hal900024.redintelligence.net/request_content.php?s=34195200011452500951443011656024&a=9f00d1ce
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 145.239.2.103 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3082036.ip-145-239-2.eu
Software: nginx /
Resource Hash: fcb6eec6ad9e415f058503c96d3b39f1732e87a30ecaefe1e638206ecf0dc163

Request headers

Referer: http://hal900024.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Jul 2021 04:19:26 GMT
Last-Modified: Mon, 23 Jul 2018 15:19:53 GMT
Server: nginx
ETag: "5b55f219-5fce"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 24526

GET
H/1.1 200
OK viewability Show response
hal900024.redintelligence.net/ Frame 00E0 0
150 B 105ms
79ms Script
text/html 138.201.84.252
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://hal900024.redintelligence.net/viewability?s=34195200011452500951443011656024&a=ee39e9aa&vb=m
Requested by: Host: hal900024.redintelligence.net
URL: http://hal900024.redintelligence.net/request_content.php?s=34195200011452500951443011656024&a=9f00d1ce
Protocol: HTTP/1.1
Server: 138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.252.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://hal900024.redintelligence.net/request_content.php?s=34195200011452500951443011656024&a=9f00d1ce
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Jul 2021 04:19:26 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame 00E0 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://hal900024.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK addDoubleBorder.js Show response
cdn.contentspread.net/24i/tools/js/ Frame 00E0 851 B
1 KB 100ms
74ms Script
application/javascript 145.239.2.103
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.contentspread.net/24i/tools/js/addDoubleBorder.js
Requested by: Host: hal900024.redintelligence.net
URL: http://hal900024.redintelligence.net/request_content.php?s=34195200011452500951443011656024&a=9f00d1ce
Protocol: HTTP/1.1
Server: 145.239.2.103 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3082036.ip-145-239-2.eu
Software: nginx /
Resource Hash: abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107

Request headers

Referer: http://hal900024.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Jul 2021 04:19:26 GMT
Last-Modified: Tue, 03 May 2016 20:54:50 GMT
Server: nginx
ETag: "5729101a-353"
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 851

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs-simple.com/v/s/213/ Frame 6076 85 KB
29 KB 184ms
70ms Script
application/x-javascript 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs-simple.com/v/s/213/trk.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: ce09be97f6c202dfdd0c605727de8901500539c1c46ca7e30133a4d81e09660e

Request headers

Referer: http://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Jul 2021 04:19:26 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Jul 2021 08:28:54 GMT
Server: AkamaiNetStorage
ETag: "0fd47563c55dc4530e6cc87332ea2610:1626078534.551938"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *, *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29216
Expires: Fri, 15 Jul 2022 04:19:26 GMT

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.14.0/619621/AKd2boIBEPx5XkCb/ Frame 6076 0
145 B 265ms
66ms XHR
text/plain 52.48.25.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.14.0/619621/AKd2boIBEPx5XkCb/postback?oz_pl=1&dt=6196211556140246740000&dm=970x90&r3=&pp=11395&ai=216536&r1=2a01%3A4f8%3A192%3A5400%3A%3A&pd=avt&ui=770b1fd7-0000-0000-0000-000000000000&ap=&ti=3869291698430432303&pv=0c96b6d3-7055-4c39-bd61-08a12a223e39&sr=13&de=43003&cr=6622405&r2=&ci=619621&di=http%3A%2F%2Fwww.goole.com%2Fsafeview-redirect%2Ftc_frame.html%3Fdt%3DPCFET0NUWVBFIGh0bWw%252B%26n%3D639f7146%26furl%3DaHR0cHM6Ly9kZS50eW50LmNvbS9kZWIvP209eGNoJnJ0PWh0bWwmc2lkPTAwMTBiMDAwMDJDcFloRUFBVg%253D%253D%26turl%3DaHR0cDovL3d3dy5nb29sZS5jb20v&si=5514030&ac=651871&c1=4562312
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=http%3A//www.goole.com/safeview-redirect/tc_frame.html%3Fdt%3DPCFET0NUWVBFIGh0bWw%252B%26n%3D639f7146%26furl%3DaHR0cHM6Ly9kZS50eW50LmNvbS9kZWIvP209eGNoJnJ0PWh0bWwmc2lkPTAwMTBiMDAwMDJDcFloRUFBVg%253D%253D%26turl%3DaHR0cDovL3d3dy5nb29sZS5jb20v&ui=770b1fd7-0000-0000-0000-000000000000&ap=&ti=3869291698430432303&pv=0c96b6d3-7055-4c39-bd61-08a12a223e39&pp=11395&sr=13&de=43003&si=5514030&dm=970x90&ac=651871&cr=6622405&ai=216536&c1=4562312&r1=2a01:4f8:192:5400::&r2=&r3=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.48.25.212 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-25-212.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 15 Jul 2021 04:19:25 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H/1.1 200
OK main.js Show response
s.update.mediamathtag.com/2/2.14.0/ Frame 6076 139 KB
43 KB 68ms
67ms Script
text/javascript 52.48.25.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.update.mediamathtag.com/2/2.14.0/main.js

Requested by

Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=http%3A//www.goole.com/safeview-redirect/tc_frame.html%3Fdt%3DPCFET0NUWVBFIGh0bWw%252B%26n%3D639f7146%26furl%3DaHR0cHM6Ly9kZS50eW50LmNvbS9kZWIvP209eGNoJnJ0PWh0bWwmc2lkPTAwMTBiMDAwMDJDcFloRUFBVg%253D%253D%26turl%3DaHR0cDovL3d3dy5nb29sZS5jb20v&ui=770b1fd7-0000-0000-0000-000000000000&ap=&ti=3869291698430432303&pv=0c96b6d3-7055-4c39-bd61-08a12a223e39&pp=11395&sr=13&de=43003&si=5514030&dm=970x90&ac=651871&cr=6622405&ai=216536&c1=4562312&r1=2a01:4f8:192:5400::&r2=&r3=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

52.48.25.212 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-48-25-212.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ccde68dd9648e2fa325026b3e4ded57d2dd60432a4f979cf9ec3f781c1cdc9b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Jul 2021 04:19:25 GMT
Content-Encoding: br
Accept-Ch: Viewport-Width, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary: Origin, Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, no-transform, immutable, max-age=999999999
Strict-Transport-Security: max-age=31536000; includeSubDomains
Timing-Allow-Origin: *
Content-Length: 43830
Expires: Sun, 23 Mar 2053 05:17:40 GMT

POST
H/1.1 200
OK vevent
nym1-ib.adnxs-simple.com/ Frame 6076 0
678 B 116ms
115ms Ping
text/html 68.67.160.26
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://nym1-ib.adnxs-simple.com/vevent?an_audit=0&referrer=http%3A%2F%2Fwww.goole.com%2Fsafeview-redirect%2Ftc_frame.html%3Fdt%3DPCFET0NUWVBFIGh0bWw%252B%26n%3D639f7146%26furl%3DaHR0cHM6Ly9kZS50eW50LmNvbS9kZWIvP209eGNoJnJ0PWh0bWwmc2lkPTAwMTBiMDAwMDJDcFloRUFBVg%253D%253D%26turl%3DaHR0cDovL3d3dy5nb29sZS5jb20v&e=wqT_3QK3DGw3BgAAAwDWAAUBCMzuvocGENDSkuKukNSYcBj_EQHAASo2CSAy4iEjnsE_Ed_mjZPCvLs_GQAAAOBRuPI_IRJl4KLJvLs_Kf66050nnsE_MQkbuJ4_MKvhgQo4g1lAHUgIUIvgqIYBWPfiiAFgAGiOoa0BeMfPBYABAYoBA1VTRJIBAQb0qAWYAcoHoAFaqAEBsAEAuAECwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKB4lbqAtkBaHR0cDovL3d3dy5nb29sZS5jb20vc2FmZXZpZXctcmVkaXJlY3QvdGNfZnJhbWUuaHRtbD9kdD1QQ0ZFVDBOVVdWQkZJR2gwYld3JTJCJm49NjM5ZjcxNDYmZnVybD1hSFIwY0hNNkx5OWtaUzUwZVc1MExtTnZiUzlrWldJdlAyMDllR05vSm5KMFBXaDBiV3dtYzJsa1BUQXdNVEJpTURBd01ESkRjRmxvUlVGQlZnJTNEJTNEJnR1cmw9YUhSMGNEb3ZMM2QzZHk1bmIyOXNaUzVqYjIwdoADAYgDAJADAJgDFKADAaoDqQYK4AVodHRwOi8vdGFncy5tYXRodGFnLmNvbS9ub3RpZnkvaW1nP2V4Y2g9YXBuJnNfZXhjaD1hcG4maWQ9NWFXOTVxMmpMekl6THlBdlRucGpkMWxxUm0xYVJHTjBUVVJCZDAxRE1IZE5SRUYzVEZSQmQwMUVRWFJOUkVGM1RVUkJkMDFFUVhkTlJFRjNMek00TmpreU9URTJPVGcwTXpBME16SXpNRE12TmpZeU1qUXdOUzgwTlRZeU16RXlMekV6TDJkRFEzRTFSVEJQTUc1MlMxbGtjbTEyUVRSNlJucGFZMk41YkUwMk5pMXpTekpXUnpOT1VWODFhMDB2TVM4eE15OHdMekF2T1RVMk9EQXpMekF2TWpFMk5UTTJMelkxTVRnM01TOHhMekF2TUM5TlJFRjNUVVJCZDAxRVFYUk5SRUYzVFVNd2QwMUVRWGRNVkVGM1RVUkJkRTFFUVhkTlJFRjNUVVJCZDAxRVFYY3ZNQzh3THpBdk1DOHdMek00TmpreU9URTJPVGcwTXpBME16SXpNRE12YjNKa0x6QXZOVEF4THpJMkx6azVPUzh6TWpJdk1tRXdNVG8wWmpnNk1Ua3lPalUwTURBNk9pOHdMakF3TUM4eE5qSTJNekl5TnpZMEx6RTJNall6TXpVek5qUXZNVE12TVRFek9UVXYvaEJNV1lxYTFxMHdTRUk3a09LR2Z5cll6OVY0Jm5vZGVpZD0yNjkwJmdyb3VwPXVzLWVhc3QmYXVjdGlvbmlkPTM4NjkyOTE2OTg0MzA0MzIzMDMmc2hhcmRrZXk9Mzg2OTI5MTY5ODQzMDQzMjMwMyZwcmljZT0ke0FVQ1RJT05fUFJJQ0V9Jm5meV9hY3Q9TEQ1d2YzVSZiZmlwPTIxNi4yMDAuMjMyLjE0MyZzaWQ9NDU2MjMxMiZjaWQ9NjYyMjQwNSZzcmM9YXBpJnR5cGU9YnVybCZjbGllbnQ9czJzEhMzODY5MjkxNjk4NDMwNDMyMzAzGhM4MDg0MzMxMzI5MzQ2NjQ0MzA0IgkyODE2ODYwMjcqBjEwMTkzNjoHNjYyMjQwNcADrALIAwDYA7SJOuADAOgDAPgDA4AEAJIECS9vcGVucnRiMpgEAKIEFDJhMDE6NGY4OjE5Mjo1NDE0OjoyqAQAsgQMCAAQABgAIAAwADgCuAQAwAQAyAQA2gQCCAHgBADwBIvgqIYB-gQSCQAAAKCZmUlAEQAAAMDMzCJAiAUBmAUAoAXCzey1qr_mxFqqBSQ3Y2EwYjBkNS02YzUyLTQxNjAtYmU2MC0wNDBhZjJkNzdmMjPABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AX5yyH6BQQIABAAkAYAmAYAuAYBwQYAAAAAAADwP9AG-asB2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGAggAgAcBiAcAoAcBqgcGNjUxODcxugcPCAAQABgAIAAwADi6BkAAyAfHzwXSBw0JAAAAAAAAAAAQABgA2gcGCAAQABgA4AcA6gcCCADwBwA.&s=c447181ebec1a09ade019f0465e2f8d95f6e94ee&type=nv&nvt=5&jm=1140|1141|1143|1003&px=0&py=0&bw=970&bh=90&sid=4500328741866182630&vd=ct~0|rr~0&sv=213&tv=view7-1js&ua=chrome52&pl=win&x=v&tag_id=21000363&sw=1600&sh=1200&pw=970&ph=90&ww=970&wh=90&ft=3

Requested by

Host: cdn.adnxs-simple.com
URL: https://cdn.adnxs-simple.com/v/s/213/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.26 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Thu, 15 Jul 2021 04:19:26 GMT
X-Proxy-Origin: 185.236.42.19; 185.236.42.19; 567.bm-nginx-loadbalancer.mgmt.nym2; adnxs-simple.com
AN-X-Request-Uuid: 0840407e-62c8-46c9-95be-76457bbad076
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://assets.vlitag.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.14.0/619621/AKd2boIBEPx5XkCb/ Frame 6076 0
145 B 151ms
66ms XHR
text/plain 52.48.25.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.14.0/619621/AKd2boIBEPx5XkCb/postback?oz_pl=1&dt=6196211556140246740000&dm=970x90&r3=&pp=11395&ai=216536&r1=2a01%3A4f8%3A192%3A5400%3A%3A&pd=avt&ui=770b1fd7-0000-0000-0000-000000000000&ap=&ti=3869291698430432303&pv=0c96b6d3-7055-4c39-bd61-08a12a223e39&sr=13&de=43003&cr=6622405&r2=&ci=619621&di=http%3A%2F%2Fwww.goole.com%2Fsafeview-redirect%2Ftc_frame.html%3Fdt%3DPCFET0NUWVBFIGh0bWw%252B%26n%3D639f7146%26furl%3DaHR0cHM6Ly9kZS50eW50LmNvbS9kZWIvP209eGNoJnJ0PWh0bWwmc2lkPTAwMTBiMDAwMDJDcFloRUFBVg%253D%253D%26turl%3DaHR0cDovL3d3dy5nb29sZS5jb20v&si=5514030&ac=651871&c1=4562312
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=http%3A//www.goole.com/safeview-redirect/tc_frame.html%3Fdt%3DPCFET0NUWVBFIGh0bWw%252B%26n%3D639f7146%26furl%3DaHR0cHM6Ly9kZS50eW50LmNvbS9kZWIvP209eGNoJnJ0PWh0bWwmc2lkPTAwMTBiMDAwMDJDcFloRUFBVg%253D%253D%26turl%3DaHR0cDovL3d3dy5nb29sZS5jb20v&ui=770b1fd7-0000-0000-0000-000000000000&ap=&ti=3869291698430432303&pv=0c96b6d3-7055-4c39-bd61-08a12a223e39&pp=11395&sr=13&de=43003&si=5514030&dm=970x90&ac=651871&cr=6622405&ai=216536&c1=4562312&r1=2a01:4f8:192:5400::&r2=&r3=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.48.25.212 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-25-212.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 15 Jul 2021 04:19:25 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.14.0/619621/AKd2boIBEPx5XkCb/ Frame 6076 0
145 B 185ms
65ms XHR
text/plain 52.48.25.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.14.0/619621/AKd2boIBEPx5XkCb/postback?dt=6196211556140246740000&dm=970x90&r3=&pp=11395&ai=216536&r1=2a01%3A4f8%3A192%3A5400%3A%3A&pd=avt&ui=770b1fd7-0000-0000-0000-000000000000&ap=&ti=3869291698430432303&pv=0c96b6d3-7055-4c39-bd61-08a12a223e39&sr=13&de=43003&cr=6622405&r2=&ci=619621&di=http%3A%2F%2Fwww.goole.com%2Fsafeview-redirect%2Ftc_frame.html%3Fdt%3DPCFET0NUWVBFIGh0bWw%252B%26n%3D639f7146%26furl%3DaHR0cHM6Ly9kZS50eW50LmNvbS9kZWIvP209eGNoJnJ0PWh0bWwmc2lkPTAwMTBiMDAwMDJDcFloRUFBVg%253D%253D%26turl%3DaHR0cDovL3d3dy5nb29sZS5jb20v&si=5514030&ac=651871&c1=4562312&sid=AKd2boIBEPx5XkCb&oz_sc=0903d9894e9f94de8b459205&oz_df=1626322766324&oz_l=34&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.14.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.48.25.212 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-25-212.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 15 Jul 2021 04:19:25 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H2 200 publishertag.prebid.105.js Show response
static.criteo.net/js/ld/ 80 KB
26 KB 42ms
17ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.105.js
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v5.4.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 83bcdfa5df8e5f84aa8715b0aefb06e9909b30290843475a0ecc6887650f811f

Request headers

Referer: http://www.goole.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 04:19:26 GMT
content-encoding: gzip
last-modified: Tue, 23 Feb 2021 11:00:30 GMT
server: nginx
etag: W/"6034e04e-14008"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 16 Jul 2021 04:19:26 GMT

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.14.0/619621/AKd2boIBEPx5XkCb/ Frame 6076 0
145 B 68ms
68ms XHR
text/plain 52.48.25.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.14.0/619621/AKd2boIBEPx5XkCb/postback?dt=6196211556140246740000&dm=970x90&r3=&pp=11395&ai=216536&r1=2a01%3A4f8%3A192%3A5400%3A%3A&pd=avt&ui=770b1fd7-0000-0000-0000-000000000000&ap=&ti=3869291698430432303&pv=0c96b6d3-7055-4c39-bd61-08a12a223e39&sr=13&de=43003&cr=6622405&r2=&ci=619621&di=http%3A%2F%2Fwww.goole.com%2Fsafeview-redirect%2Ftc_frame.html%3Fdt%3DPCFET0NUWVBFIGh0bWw%252B%26n%3D639f7146%26furl%3DaHR0cHM6Ly9kZS50eW50LmNvbS9kZWIvP209eGNoJnJ0PWh0bWwmc2lkPTAwMTBiMDAwMDJDcFloRUFBVg%253D%253D%26turl%3DaHR0cDovL3d3dy5nb29sZS5jb20v&si=5514030&ac=651871&c1=4562312&sid=AKd2boIBEPx5XkCb&oz_sc=0903d9894e9f94de8b459205&oz_df=1626322766525&oz_l=10593&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.14.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.48.25.212 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-25-212.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 15 Jul 2021 04:19:25 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame CABF 291 B
590 B 45ms
15ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=www.goole.com&gdpr=1&gdpr_consent=

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.105.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

baf437304d79006a4f050b871807483c921e783a2a91808ad4b8f77802cde740

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?topUrl=www.goole.com&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.goole.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.goole.com/

Response headers

cache-control: private, max-age=0
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 403
date: Thu, 15 Jul 2021 04:19:26 GMT
content-length: 321

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 83 KB
27 KB 47ms
23ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.105.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: a98e1f08dd27c121a337ddc31691d4044f56ae83301b574728548b78d3068d3b

Request headers

Referer: http://www.goole.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 04:19:26 GMT
content-encoding: gzip
last-modified: Wed, 02 Jun 2021 14:09:58 GMT
server: nginx
etag: W/"60b79136-14aab"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 16 Jul 2021 04:19:26 GMT

GET
DATA 200
OK truncated Show response
/ Frame 9E87 13 B
13 B Document
text/html

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://assets.vlitag.com/

Response headers

Content-Type: text/html;charset=utf-8

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.14.0/619621/AKd2boIBEPx5XkCb/ Frame 6076 0
145 B 65ms
65ms XHR
text/plain 52.48.25.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.14.0/619621/AKd2boIBEPx5XkCb/postback?dt=6196211556140246740000&dm=970x90&r3=&pp=11395&ai=216536&r1=2a01%3A4f8%3A192%3A5400%3A%3A&pd=avt&ui=770b1fd7-0000-0000-0000-000000000000&ap=&ti=3869291698430432303&pv=0c96b6d3-7055-4c39-bd61-08a12a223e39&sr=13&de=43003&cr=6622405&r2=&ci=619621&di=http%3A%2F%2Fwww.goole.com%2Fsafeview-redirect%2Ftc_frame.html%3Fdt%3DPCFET0NUWVBFIGh0bWw%252B%26n%3D639f7146%26furl%3DaHR0cHM6Ly9kZS50eW50LmNvbS9kZWIvP209eGNoJnJ0PWh0bWwmc2lkPTAwMTBiMDAwMDJDcFloRUFBVg%253D%253D%26turl%3DaHR0cDovL3d3dy5nb29sZS5jb20v&si=5514030&ac=651871&c1=4562312&sid=AKd2boIBEPx5XkCb&oz_sc=0903d9894e9f94de8b459205&oz_df=1626322766681&oz_l=266&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.14.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.48.25.212 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-25-212.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 15 Jul 2021 04:19:25 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.14.0/619621/AKd2boIBEPx5XkCb/ Frame 6076 0
145 B 66ms
65ms XHR
text/plain 52.48.25.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.14.0/619621/AKd2boIBEPx5XkCb/postback?dt=6196211556140246740000&dm=970x90&r3=&pp=11395&ai=216536&r1=2a01%3A4f8%3A192%3A5400%3A%3A&pd=avt&ui=770b1fd7-0000-0000-0000-000000000000&ap=&ti=3869291698430432303&pv=0c96b6d3-7055-4c39-bd61-08a12a223e39&sr=13&de=43003&cr=6622405&r2=&ci=619621&di=http%3A%2F%2Fwww.goole.com%2Fsafeview-redirect%2Ftc_frame.html%3Fdt%3DPCFET0NUWVBFIGh0bWw%252B%26n%3D639f7146%26furl%3DaHR0cHM6Ly9kZS50eW50LmNvbS9kZWIvP209eGNoJnJ0PWh0bWwmc2lkPTAwMTBiMDAwMDJDcFloRUFBVg%253D%253D%26turl%3DaHR0cDovL3d3dy5nb29sZS5jb20v&si=5514030&ac=651871&c1=4562312&sid=AKd2boIBEPx5XkCb&oz_sc=0903d9894e9f94de8b459205&oz_df=1626322766845&oz_l=1149&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.14.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.48.25.212 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-25-212.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 15 Jul 2021 04:19:25 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.14.0/619621/AKd2boIBEPx5XkCb/ Frame 6076 0
145 B 65ms
65ms XHR
text/plain 52.48.25.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.14.0/619621/AKd2boIBEPx5XkCb/postback?dt=6196211556140246740000&dm=970x90&r3=&pp=11395&ai=216536&r1=2a01%3A4f8%3A192%3A5400%3A%3A&pd=avt&ui=770b1fd7-0000-0000-0000-000000000000&ap=&ti=3869291698430432303&pv=0c96b6d3-7055-4c39-bd61-08a12a223e39&sr=13&de=43003&cr=6622405&r2=&ci=619621&di=http%3A%2F%2Fwww.goole.com%2Fsafeview-redirect%2Ftc_frame.html%3Fdt%3DPCFET0NUWVBFIGh0bWw%252B%26n%3D639f7146%26furl%3DaHR0cHM6Ly9kZS50eW50LmNvbS9kZWIvP209eGNoJnJ0PWh0bWwmc2lkPTAwMTBiMDAwMDJDcFloRUFBVg%253D%253D%26turl%3DaHR0cDovL3d3dy5nb29sZS5jb20v&si=5514030&ac=651871&c1=4562312&sid=AKd2boIBEPx5XkCb&oz_sc=0903d9894e9f94de8b459205&oz_df=1626322767028&oz_l=1237&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.14.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.48.25.212 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-25-212.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 15 Jul 2021 04:19:26 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H/1.1 200
OK viewability Show response
hal900024.redintelligence.net/ Frame 00E0 0
150 B 105ms
79ms Script
text/html 138.201.84.252
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://hal900024.redintelligence.net/viewability?s=34195200011452500951443011656024&a=ee39e9aa&vb=v
Requested by: Host: hal900024.redintelligence.net
URL: http://hal900024.redintelligence.net/request_content.php?s=34195200011452500951443011656024&a=9f00d1ce
Protocol: HTTP/1.1
Server: 138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.252.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://hal900024.redintelligence.net/request_content.php?s=34195200011452500951443011656024&a=9f00d1ce
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Jul 2021 04:19:27 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.14.0/619621/AKd2boIBEPx5XkCb/ Frame 6076 0
145 B 65ms
65ms XHR
text/plain 52.48.25.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.14.0/619621/AKd2boIBEPx5XkCb/postback?dt=6196211556140246740000&dm=970x90&r3=&pp=11395&ai=216536&r1=2a01%3A4f8%3A192%3A5400%3A%3A&pd=avt&ui=770b1fd7-0000-0000-0000-000000000000&ap=&ti=3869291698430432303&pv=0c96b6d3-7055-4c39-bd61-08a12a223e39&sr=13&de=43003&cr=6622405&r2=&ci=619621&di=http%3A%2F%2Fwww.goole.com%2Fsafeview-redirect%2Ftc_frame.html%3Fdt%3DPCFET0NUWVBFIGh0bWw%252B%26n%3D639f7146%26furl%3DaHR0cHM6Ly9kZS50eW50LmNvbS9kZWIvP209eGNoJnJ0PWh0bWwmc2lkPTAwMTBiMDAwMDJDcFloRUFBVg%253D%253D%26turl%3DaHR0cDovL3d3dy5nb29sZS5jb20v&si=5514030&ac=651871&c1=4562312&sid=AKd2boIBEPx5XkCb&oz_sc=0903d9894e9f94de8b459205&oz_df=1626322767177&oz_l=773&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.14.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.48.25.212 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-25-212.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 15 Jul 2021 04:19:26 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H/1.1 200
OK vevent
nym1-ib.adnxs-simple.com/ Frame 6076 0
678 B 117ms
117ms Ping
text/html 68.67.160.26
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://nym1-ib.adnxs-simple.com/vevent?an_audit=0&referrer=http%3A%2F%2Fwww.goole.com%2Fsafeview-redirect%2Ftc_frame.html%3Fdt%3DPCFET0NUWVBFIGh0bWw%252B%26n%3D639f7146%26furl%3DaHR0cHM6Ly9kZS50eW50LmNvbS9kZWIvP209eGNoJnJ0PWh0bWwmc2lkPTAwMTBiMDAwMDJDcFloRUFBVg%253D%253D%26turl%3DaHR0cDovL3d3dy5nb29sZS5jb20v&e=wqT_3QK3DGw3BgAAAwDWAAUBCMzuvocGENDSkuKukNSYcBj_EQHAASo2CSAy4iEjnsE_Ed_mjZPCvLs_GQAAAOBRuPI_IRJl4KLJvLs_Kf66050nnsE_MQkbuJ4_MKvhgQo4g1lAHUgIUIvgqIYBWPfiiAFgAGiOoa0BeMfPBYABAYoBA1VTRJIBAQb0qAWYAcoHoAFaqAEBsAEAuAECwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKB4lbqAtkBaHR0cDovL3d3dy5nb29sZS5jb20vc2FmZXZpZXctcmVkaXJlY3QvdGNfZnJhbWUuaHRtbD9kdD1QQ0ZFVDBOVVdWQkZJR2gwYld3JTJCJm49NjM5ZjcxNDYmZnVybD1hSFIwY0hNNkx5OWtaUzUwZVc1MExtTnZiUzlrWldJdlAyMDllR05vSm5KMFBXaDBiV3dtYzJsa1BUQXdNVEJpTURBd01ESkRjRmxvUlVGQlZnJTNEJTNEJnR1cmw9YUhSMGNEb3ZMM2QzZHk1bmIyOXNaUzVqYjIwdoADAYgDAJADAJgDFKADAaoDqQYK4AVodHRwOi8vdGFncy5tYXRodGFnLmNvbS9ub3RpZnkvaW1nP2V4Y2g9YXBuJnNfZXhjaD1hcG4maWQ9NWFXOTVxMmpMekl6THlBdlRucGpkMWxxUm0xYVJHTjBUVVJCZDAxRE1IZE5SRUYzVEZSQmQwMUVRWFJOUkVGM1RVUkJkMDFFUVhkTlJFRjNMek00TmpreU9URTJPVGcwTXpBME16SXpNRE12TmpZeU1qUXdOUzgwTlRZeU16RXlMekV6TDJkRFEzRTFSVEJQTUc1MlMxbGtjbTEyUVRSNlJucGFZMk41YkUwMk5pMXpTekpXUnpOT1VWODFhMDB2TVM4eE15OHdMekF2T1RVMk9EQXpMekF2TWpFMk5UTTJMelkxTVRnM01TOHhMekF2TUM5TlJFRjNUVVJCZDAxRVFYUk5SRUYzVFVNd2QwMUVRWGRNVkVGM1RVUkJkRTFFUVhkTlJFRjNUVVJCZDAxRVFYY3ZNQzh3THpBdk1DOHdMek00TmpreU9URTJPVGcwTXpBME16SXpNRE12YjNKa0x6QXZOVEF4THpJMkx6azVPUzh6TWpJdk1tRXdNVG8wWmpnNk1Ua3lPalUwTURBNk9pOHdMakF3TUM4eE5qSTJNekl5TnpZMEx6RTJNall6TXpVek5qUXZNVE12TVRFek9UVXYvaEJNV1lxYTFxMHdTRUk3a09LR2Z5cll6OVY0Jm5vZGVpZD0yNjkwJmdyb3VwPXVzLWVhc3QmYXVjdGlvbmlkPTM4NjkyOTE2OTg0MzA0MzIzMDMmc2hhcmRrZXk9Mzg2OTI5MTY5ODQzMDQzMjMwMyZwcmljZT0ke0FVQ1RJT05fUFJJQ0V9Jm5meV9hY3Q9TEQ1d2YzVSZiZmlwPTIxNi4yMDAuMjMyLjE0MyZzaWQ9NDU2MjMxMiZjaWQ9NjYyMjQwNSZzcmM9YXBpJnR5cGU9YnVybCZjbGllbnQ9czJzEhMzODY5MjkxNjk4NDMwNDMyMzAzGhM4MDg0MzMxMzI5MzQ2NjQ0MzA0IgkyODE2ODYwMjcqBjEwMTkzNjoHNjYyMjQwNcADrALIAwDYA7SJOuADAOgDAPgDA4AEAJIECS9vcGVucnRiMpgEAKIEFDJhMDE6NGY4OjE5Mjo1NDE0OjoyqAQAsgQMCAAQABgAIAAwADgCuAQAwAQAyAQA2gQCCAHgBADwBIvgqIYB-gQSCQAAAKCZmUlAEQAAAMDMzCJAiAUBmAUAoAXCzey1qr_mxFqqBSQ3Y2EwYjBkNS02YzUyLTQxNjAtYmU2MC0wNDBhZjJkNzdmMjPABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AX5yyH6BQQIABAAkAYAmAYAuAYBwQYAAAAAAADwP9AG-asB2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGAggAgAcBiAcAoAcBqgcGNjUxODcxugcPCAAQABgAIAAwADi6BkAAyAfHzwXSBw0JAAAAAAAAAAAQABgA2gcGCAAQABgA4AcA6gcCCADwBwA.&s=c447181ebec1a09ade019f0465e2f8d95f6e94ee&type=pv&jm=1140|1141|1143|1003&px=0&py=0&bw=970&bh=90&sf=1&sid=4500328741866182630&vd=ct~0|rr~5&sv=213&tv=view7-1js&ua=chrome52&pl=win&x=v&tag_id=21000363&ft=3

Requested by

Host: cdn.adnxs-simple.com
URL: https://cdn.adnxs-simple.com/v/s/213/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.26 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Thu, 15 Jul 2021 04:19:27 GMT
X-Proxy-Origin: 185.236.42.19; 185.236.42.19; 567.bm-nginx-loadbalancer.mgmt.nym2; adnxs-simple.com
AN-X-Request-Uuid: eb63fabb-5140-4b87-9747-3fe941086808
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://assets.vlitag.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 quantumdex Show response
sync.quantumdex.io/usersync/ Frame E68C 3 KB
1 KB 140ms
133ms Document
text/html 2606:4700:20::681a:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.quantumdex.io/usersync/quantumdex
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v5.4.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2478831ef2f50c4af4611462169e591a4b0b36b8dd6c71f4d047a3d6db9f94c

Request headers

:method: GET
:authority: sync.quantumdex.io
:scheme: https
:path: /usersync/quantumdex
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.goole.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.goole.com/

Response headers

date: Thu, 15 Jul 2021 04:19:27 GMT
content-type: text/html
set-cookie: uid=19c3bf7f-74ee-4853-817b-264ca797df9c; expires=Wed, 04 Aug 2021 04:19:27 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Daq2tBt9%2Bk8ryEwaB4vylmaTDK2PZRcnlrJc4O26eeM62diXk%2BGwEQ5DTKAuztvp8RpAFkJW8NrpK9yU5eRpk6nlFXKx7Ll923ydX2h2W1AUnCoYA2k5wsFk3ZgPU8QX4V5Fs8sbydr3mLY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 66f03152e9324a97-FRA
content-encoding: br

GET
H2

200

setuid
sync.quantumdex.io/ Frame E68C
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danswermedia%2526uid%253D%2524UID
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=8885428170809495762

43 B
319 B

127ms
127ms

Image
image/gif

2606:4700:20::681a:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=8885428170809495762
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 04:19:28 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=h1s9FHGJNiNvD%2Bpjh2JUhsEMtZz4bNHRDUcKXWyLpytLklXx5PjLya5KLzt41ObRk%2F%2FXFHR9i4U%2BaYFm%2BuDmjfIc3a6QtUlxunedvfUtM1fIt2Ix0X2qcC4ptAWMspVnXD2T4B4AIe2fmDI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 66f03154fc614a97-FRA
content-length: 43

Redirect headers

Pragma: no-cache
Date: Thu, 15 Jul 2021 04:19:28 GMT
X-Proxy-Origin: 185.236.42.19; 185.236.42.19; 725.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: db983c88-26b2-4974-8588-c1df038f90f0
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=8885428170809495762
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame E68C
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=3d01cf081962f27dddd1e9a4

43 B
318 B

124ms
124ms

Image
image/gif

2606:4700:20::681a:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=3d01cf081962f27dddd1e9a4
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 04:19:28 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2BlI5TgtJm7PVpyO4OCNgG46Psr7BmE4swaIhqqrXQavR3zK79dL07AiFhxZyvVqDrGm6tEPmTrcr2LSVcUQW3TBJm%2B8tPi5QTc44v%2FyBof3WZMACmyQ2aG2hzn6YpMf%2BTcrA19dPqrv8zfg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 66f031551c884a97-FRA
content-length: 43

Redirect headers

Date: Thu, 15 Jul 2021 04:19:28 GMT
Server: nginx
Location: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=3d01cf081962f27dddd1e9a4
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap4ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame E68C
Redirect Chain

https://ups.analytics.yahoo.com/ups/58424/occ
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-RXzR0M5E2uGuru2TQ9rD2xpNOBC3GXe81qHDsS8-~A

43 B
321 B

140ms
140ms

Image
image/gif

2606:4700:20::681a:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-RXzR0M5E2uGuru2TQ9rD2xpNOBC3GXe81qHDsS8-~A
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 04:19:28 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=k%2Feb99dmSY3VIN3yjrrzeKgk9%2Btbbw1%2BDzLWshmGDj86MLNXhgakiRZ6amw5wAO%2FzAYgyHrREEioy7bi9YmjdLMmqVCESEwx9pSIO0JA7L6K6ZPBmsCAK94cEZq7VgrEM%2FxdMI5EvMuAsn8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 66f031551c864a97-FRA
content-length: 43

Redirect headers

Date: Thu, 15 Jul 2021 04:19:28 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-RXzR0M5E2uGuru2TQ9rD2xpNOBC3GXe81qHDsS8-~A
Connection: keep-alive
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame E68C
Redirect Chain

https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-912287a1-82d1-44b9-9bdf-7a9ad914e81b

43 B
321 B

125ms
124ms

Image
image/gif

2606:4700:20::681a:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-912287a1-82d1-44b9-9bdf-7a9ad914e81b
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 04:19:28 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=NCAk2l9RN7Q9R8qgQVC18DDCcqOgGgJGE5I0yfz8%2FsF7M3uyO8j7%2BTcmO1VB8Z%2Fs7x8WbPMIdYbjYVAPmwQUjh5P49%2BcFTkzMwZ54fFDt1QrFMfKQikXr0kq7S%2Bv25reVD6MTHudKqQtBeA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 66f031565e7d4a97-FRA
content-length: 43

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-912287a1-82d1-44b9-9bdf-7a9ad914e81b
date: Thu, 15 Jul 2021 04:19:28 GMT
server: Apache-Coyote/1.1
content-length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame E68C
Redirect Chain

https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=5b8e9332-f538-423b-88a3-defc32a3d095

43 B
316 B

126ms
125ms

Image
image/gif

2606:4700:20::681a:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=5b8e9332-f538-423b-88a3-defc32a3d095
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 04:19:28 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=71hMmskhHaQeSuq8YoyClQdCa%2FeyBz4n0P65nlSk7k1nZFbhYDISIhC6b3HkOE9cFT4mpvg8XgqQ2SIHFSZNVBv0wuUl5iEQ3aAyYE49BTu4Lk9BXFpcXJdZTVdh54ftYnG5mu2w%2Fnmsnyw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 66f03154dc304a97-FRA
content-length: 43

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=5b8e9332-f538-423b-88a3-defc32a3d095
date: Thu, 15 Jul 2021 04:19:28 GMT
content-length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame E68C
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8885428170809495762

43 B
318 B

241ms
240ms

Image
image/gif

2606:4700:20::681a:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8885428170809495762
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 04:19:28 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=65W43TXnAFHjTjBWrn53hQOfflx%2BmZKeRpdsRRKepq8qI7q3W7iC%2FiUwhi8WEenXmYI3LccWlFzzk5W5kjjMsFnE7H1n7dD0OXk%2BDR6pFWYnZH2WVNB8FMQCPvh84QvASeGGnlMQ3qMD1go%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 66f03154fc5e4a97-FRA
content-length: 43

Redirect headers

Pragma: no-cache
Date: Thu, 15 Jul 2021 04:19:28 GMT
X-Proxy-Origin: 185.236.42.19; 185.236.42.19; 725.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 338ea54b-3ff3-4395-96c6-7d48c0bbaac5
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8885428170809495762
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame E68C
Redirect Chain

https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPd854470a-e523-11eb-ab40-02c8ceb1391e
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPd854470a-e523-11eb-ab40-02c8ceb1391e

43 B
318 B

127ms
127ms

Image
image/gif

2606:4700:20::681a:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPd854470a-e523-11eb-ab40-02c8ceb1391e
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 04:19:28 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=5cA5g6y7jxUcbzu6RbB0Lua%2BdYuMsoQupp6ivQPuKv01UGYnxqAkXlYkPpngcUlaG05UwpaktpWPzbwkmMBmXGSCEL%2F%2BzI8m4Y1%2FCxXTBSKwIlVv59b2SIq1rFQq0gv782XgVv0vfCQoweg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 66f03155cd914a97-FRA
content-length: 43

Redirect headers

Date: Thu, 15 Jul 2021 04:19:28 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPd854470a-e523-11eb-ab40-02c8ceb1391e
Connection: keep-alive
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame E68C
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danx152media%2526uid%253D%2524UID
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=8885428170809495762

43 B
316 B

127ms
127ms

Image
image/gif

2606:4700:20::681a:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=anx152media&uid=8885428170809495762
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 04:19:28 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=EDOBySkF9V5JMyjrcX84cB6Bq74w9HwlpG8UNkDL51L%2FLDGTA8AQj2rwdlVTQi1zZuR61OL4jEg3wNZkTPNJ5K03hdlPX5C3qDrYUTC9vhUIgTVg2hQGIh9oWpKxA5ECJURpVqJcwr2cfKs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 66f03154fc5f4a97-FRA
content-length: 43

Redirect headers

Pragma: no-cache
Date: Thu, 15 Jul 2021 04:19:28 GMT
X-Proxy-Origin: 185.236.42.19; 185.236.42.19; 725.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 59e51035-0cd6-440f-9a44-6af5d1415919
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=anx152media&uid=8885428170809495762
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame E68C
Redirect Chain

https://ms.quantumdex.io/user/sync/quantumdex
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=77ec37b6-2723-4c64-9615-22158e0cc70e

43 B
325 B

125ms
124ms

Image
image/gif

2606:4700:20::681a:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=77ec37b6-2723-4c64-9615-22158e0cc70e
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 04:19:28 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=EYQzR79sGssxNjE4YRPerBY1bKSUaaReSkEtDm9CWSg1d07TeMwX2CQSj27kLj3gCrXaivtAfJvoggi8wUruQaJmhsqYSRF5agQbbTQ72spi0%2FKA%2F7xwlVmSdy4ikzKYkHMbnJU3O87TneQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 66f031547bc94a97-FRA
content-length: 43

Redirect headers

date: Thu, 15 Jul 2021 04:19:28 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=I6ujI4Eng7y7mOpgM9KvtTxNQUMXCE5YJBZizw3amPleGodwG7%2Fu6UVQ7k8GpjjYHDh7LYugUC%2F0zWZ3Kmtla4yl6DWwqAXxwJNA1VFCKB0tUGJGPZeoHNHC5%2FZIGPesOPN7QG4fk87d"}],"group":"cf-nel","max_age":604800}
location: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=77ec37b6-2723-4c64-9615-22158e0cc70e
cf-ray: 66f03153dab94a97-FRA
content-length: 0

GET
H/1.1 200
OK us
sync.go.sonobi.com/ Frame E68C 0
478 B 280ms
109ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 15 Jul 2021 04:19:28 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 8147 3 KB
1 KB 160ms
51ms Document
text/html 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2bb78272a859ca6

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

499279be66fa7d967e964c3adcf1d32e495e9955c3c2a9317b683fd79b65aff9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?pubId=2bb78272a859ca6
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
set-cookie: OTP=2yoyGhs9zPEC4FES-ml1bJyIRJORFkU9aKvTKlb0aZ4; path=/; expires=Sat, 15 Jul 2023 04:19:28; domain=onetag-sys.com; SameSite=None; Secure
content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 1161
strict-transport-security: max-age=15552000

GET
H/1.1

200
OK

Cookie set usermatch Show response
ssum-sec.casalemedia.com/ Frame ADC1
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

2 KB
3 KB

88ms
88ms

Document
text/html

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 2b470d0e044e1fe31117af3d304f11621aa4cb43c065b0959ff0a36476a7ecf8

Request headers

Host: ssum-sec.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sync.quantumdex.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMID=YO.3UNWDf2o0uLEw3R28rwAA; CMPS=222
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 39|45|230|241|195|191|13|111
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1931
Expires: Thu, 15 Jul 2021 04:19:28 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 15 Jul 2021 04:19:28 GMT
Connection: keep-alive
Set-Cookie: CMID=YO.3UNWDf2o0uLEw3R28rwAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 15 Jul 2022 04:19:28 GMT CMPS=222;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 13 Oct 2021 04:19:28 GMT CMPRO=226;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 13 Oct 2021 04:19:28 GMT CMRUM3=0d60efb75005a0&2760efb7500b40&e660efb7502760&bf60efb75005a0&2d60efb75005a0&6f60efb75005a0&f160efb75005a0&c360efb75005a00;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 15 Jul 2022 04:19:28 GMT CMST=YO+3UGDvt1AA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 16 Jul 2021 04:19:28 GMT

Redirect headers

Server: Apache
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Thu, 15 Jul 2021 04:19:28 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 15 Jul 2021 04:19:28 GMT
Connection: keep-alive
Set-Cookie: CMID=YO.3UNWDf2o0uLEw3R28rwAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 15 Jul 2022 04:19:28 GMT CMPS=222;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 13 Oct 2021 04:19:28 GMT

GET
H2 400 / Show response
ssc-cms.33across.com/ps/ Frame 0DE7 2 KB
2 KB 402ms
130ms Document
text/html 67.202.110.23
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.110.23 Crown Point, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip23.67-202-110.static.steadfastdns.net
Software: /
Resource Hash: 4b11c95118b3eb3f49d4fbe5a3bf9777846263f72602745e3be775c65e64829d

Request headers

:method: GET
:authority: ssc-cms.33across.com
:scheme: https
:path: /ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

content-type: text/html;charset=utf-8
content-language: en
content-length: 2273
date: Thu, 15 Jul 2021 04:19:27 GMT

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 86F3 14 KB
5 KB 170ms
58ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=71838
expires: Fri, 16 Jul 2021 00:16:46 GMT
date: Thu, 15 Jul 2021 04:19:28 GMT
vary: Accept-Encoding

GET
H/1.1 200
OK Cookie set uc.html Show response
sync.go.sonobi.com/ Frame 3B87 43 B
551 B 220ms
53ms Document
text/html 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Host: sync.go.sonobi.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sync.quantumdex.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

Date: Thu, 15 Jul 2021 04:19:28 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, no-store, private
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma: no-cache
Tcn: Choice
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
X-Xss-Protection: 0
Content-Encoding: gzip
Server: sonobi-go
Set-Cookie: HAPLB5S=s579|YO+3U; path=/; domain=.go.sonobi.com

GET
H2

200

78a760ef-b74f-4500-9a67-bd2a8272471e
onetag-sys.com/sync/i,1/ Frame 8147
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=75&redir=%2F%2Fonetag-sys.com%2Fsync%2Fi%2C1%2F%5BMM_UUID%5D
https://onetag-sys.com/sync/i,1/78a760ef-b74f-4500-9a67-bd2a8272471e

0
290 B

50ms
50ms

Image
text/plain

51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/sync/i,1/78a760ef-b74f-4500-9a67-bd2a8272471e

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-cache, no-transform
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date: Thu, 15 Jul 2021 04:19:28 GMT
Server: MT3 3799 851f7e8 master zrh-pixel-x31
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://onetag-sys.com/sync/i,1/78a760ef-b74f-4500-9a67-bd2a8272471e
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 15 Jul 2021 04:19:27 GMT

GET
H/1.1 204
No Content sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 8147 0
239 B 218ms
51ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
Content-Type: image/gif

GET
H2

200

7560294894533642582
onetag-sys.com/sync/i,34/ Frame 8147
Redirect Chain

https://dmp.adform.net/serving/cookie/match?party=1167&cid=2yoyGhs9zPEC4FES-ml1bJyIRJORFkU9aKvTKlb0aZ4
https://dmp.adform.net/serving/cookie/match?CC=1&party=1167&cid=2yoyGhs9zPEC4FES-ml1bJyIRJORFkU9aKvTKlb0aZ4
https://onetag-sys.com/sync/i,34/7560294894533642582

0
290 B

51ms
50ms

Image
text/plain

51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/sync/i,34/7560294894533642582

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-cache, no-transform
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Thu, 15 Jul 2021 04:19:28 GMT
server: nginx
location: https://onetag-sys.com/sync/i,34/7560294894533642582
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

204

/
onetag-sys.com/sync/i,19/ Frame 8147
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_cm&no_r=1
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_cm=&no_r=1&google_tc=
https://onetag-sys.com/sync/i,19/?no_r=1&google_gid=CAESEM81xlW8tAnBAqkqCTV9qCE&google_cver=1

0
287 B

57ms
57ms

Image
text/plain

51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/sync/i,19/?no_r=1&google_gid=CAESEM81xlW8tAnBAqkqCTV9qCE&google_cver=1

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-cache, no-transform
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Thu, 15 Jul 2021 04:19:28 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://onetag-sys.com/sync/i,19/?no_r=1&google_gid=CAESEM81xlW8tAnBAqkqCTV9qCE&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 298
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame 8147 0
239 B 210ms
52ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=2yoyGhs9zPEC4FES-ml1bJyIRJORFkU9aKvTKlb0aZ4
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
Content-Type: image/gif

GET
H2 204 sync
pixel.advertising.com/ups/58198/ Frame 8147 0
124 B 57ms
53ms Image
text/plain 52.59.28.101
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.advertising.com/ups/58198/sync?&gdpr=1&gdpr_consent=&redir=true

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.59.28.101 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-59-28-101.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 04:19:28 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

/
onetag-sys.com/match/ Frame 8147
Redirect Chain

https://ups.analytics.yahoo.com/ups/58488/occ
https://onetag-sys.com/match/?int_id=92&uid=y-RXzR0M5E2uGuru2TQ9rD2xpNOBC3GXe81qHDsS8-~A

0
291 B

51ms
50ms

Image
text/plain

51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=92&uid=y-RXzR0M5E2uGuru2TQ9rD2xpNOBC3GXe81qHDsS8-~A

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date: Thu, 15 Jul 2021 04:19:28 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://onetag-sys.com/match/?int_id=92&uid=y-RXzR0M5E2uGuru2TQ9rD2xpNOBC3GXe81qHDsS8-~A
Connection: keep-alive
Content-Length: 0

GET
H2

200

/
onetag-sys.com/sync/i,29/ Frame 8147
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
https://onetag-sys.com/sync/i,29/?tdid=248ceec6-e6c4-4879-9aea-c85b2bf0ed31&ttl=1628914768

43 B
379 B

52ms
51ms

Image
image/gif

51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/sync/i,29/?tdid=248ceec6-e6c4-4879-9aea-c85b2bf0ed31&ttl=1628914768

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
cache-control: no-cache, no-transform
content-length: 64
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Thu, 15 Jul 2021 04:19:28 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://onetag-sys.com/sync/i,29/?tdid=248ceec6-e6c4-4879-9aea-c85b2bf0ed31&ttl=1628914768
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 211

GET
H2

200

/
onetag-sys.com/match/ Frame 8147
Redirect Chain

https://x.bidswitch.net/sync?ssp=onetag
https://x.bidswitch.net/ul_cb/sync?ssp=onetag
https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=onetag
https://x.bidswitch.net/sync?dsp_id=70&user_id=7560294894533642582&ssp=onetag
https://onetag-sys.com/match/?int_id=30&uid=472310f4-e831-408f-a52d-0d66ae2b3d1f&gdpr=&gdpr_consent=&us_privacy=

0
291 B

52ms
51ms

Image
text/plain

51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=30&uid=472310f4-e831-408f-a52d-0d66ae2b3d1f&gdpr=&gdpr_consent=&us_privacy=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location: //onetag-sys.com/match/?int_id=30&uid=472310f4-e831-408f-a52d-0d66ae2b3d1f&gdpr=&gdpr_consent=&us_privacy=
date: Thu, 15 Jul 2021 04:19:28 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 setuid
sync.quantumdex.io/ Frame 8147 43 B
464 B 248ms
245ms Image
image/gif 2606:4700:20::681a:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=onetag&uid=2yoyGhs9zPEC4FES-ml1bJyIRJORFkU9aKvTKlb0aZ4
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 04:19:28 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=y7NzqKgmnTFpx3prz1cP8uQPZWj22ZHfUAv4v49J2AwndK%2F%2BmmteJrm9TbFh7A6vg4qZ%2FNIOAad%2BTxP%2FuO%2FbOOjKSUEj%2F%2FxZ%2FrLoIczeyLSWszb5lk28uMnZMOIQPRI1ZPKldqKC57ug3Po%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 66f03154dc2f4a97-FRA
content-length: 43

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 86F3 0
42 B 178ms
59ms Script
text/plain 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=83270204&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 04:19:28 GMT
content-length: 0

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame ADC1 70 B
264 B 112ms
75ms Image
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=70&cm_user_id=YO.3UNWDf2o0uLEw3R28rwAA&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jul 2021 04:19:28 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame ADC1
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YO.3UNWDf2o0uLEw3R28rwAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEsp6abp20b30bqu-j6Ndqk&google_cver=1&gdpr=1&google_hm=2

43 B
1 KB

100ms
98ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEsp6abp20b30bqu-j6Ndqk&google_cver=1&gdpr=1&google_hm=2
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 15 Jul 2021 04:19:28 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 15 Jul 2021 04:19:28 GMT

Redirect headers

pragma: no-cache
date: Thu, 15 Jul 2021 04:19:28 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEsp6abp20b30bqu-j6Ndqk&google_cver=1&gdpr=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 341
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame ADC1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YO-3UNWDf2o0uLEw3R28rwAAAOIAAAIB&gdpr_consent=&us_privacy=&gdpr=1
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YO-3UNWDf2o0uLEw3R28rwAAAOIAAAIB&gdpr_consent=&us_privacy=&gdpr=1&google_tc=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEEdRmKsUZQXz3x8R9ZFFX4k&google_cver=1

43 B
315 B

66ms
65ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEEdRmKsUZQXz3x8R9ZFFX4k&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 15 Jul 2021 04:19:28 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Thu, 15 Jul 2021 04:19:28 GMT

Redirect headers

pragma: no-cache
date: Thu, 15 Jul 2021 04:19:28 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEEdRmKsUZQXz3x8R9ZFFX4k&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame ADC1
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YO-3UNWDf2o0uLEw3R28rwAAAOIAAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YO-3UNWDf2o0uLEw3R28rwAAAOIAAAIB&dcc=t

43 B
645 B

125ms
125ms

Image
image/gif

209.54.176.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YO-3UNWDf2o0uLEw3R28rwAAAOIAAAIB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 15 Jul 2021 04:19:28 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: N050VV7WK6GQJJ4X7ARB
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 15 Jul 2021 04:19:28 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: BJ1FCKNHRY5YVEFJDBT1
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YO-3UNWDf2o0uLEw3R28rwAAAOIAAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame ADC1
Redirect Chain

https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-9084bb74-9a0d-4466-8cae-ba288787ffb2

43 B
1009 B

116ms
64ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-9084bb74-9a0d-4466-8cae-ba288787ffb2
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 15 Jul 2021 04:19:28 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 15 Jul 2021 04:19:28 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-9084bb74-9a0d-4466-8cae-ba288787ffb2
date: Thu, 15 Jul 2021 04:19:28 GMT
server: Apache-Coyote/1.1
content-length: 0

GET
H2 200 index
dmp.brand-display.com/cm/api/ Frame ADC1 43 B
253 B 207ms
148ms Image
image/gif 35.241.40.233
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.40.233 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 233.40.241.35.bc.googleusercontent.com
Software: nginx/1.21.1 /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jul 2021 04:19:28 GMT
via: 1.1 google
last-modified: Thu, 15 Jul 2021 04:19:28 GMT
server: nginx/1.21.1
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
alt-svc: clear
content-length: 43
expires: Thu, 15 Jul 2021 04:19:29 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame ADC1
Redirect Chain

https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=0678220400cea9b4b11ac9cb&expiration=[EXPIRATION]&gdpr=1

43 B
1 KB

74ms
71ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=0678220400cea9b4b11ac9cb&expiration=[EXPIRATION]&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 15 Jul 2021 04:19:28 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 15 Jul 2021 04:19:28 GMT

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=0678220400cea9b4b11ac9cb&expiration=[EXPIRATION]&gdpr=1
Date: Thu, 15 Jul 2021 04:19:28 GMT
Access-Control-Allow-Credentials: true
X-Powered-By: Express
Content-Length: 0
Vary: Origin

GET
H2 403 match
c1.adform.net/serving/cookie/ Frame ADC1 0
330 B 40ms
37ms Image
text/plain 37.157.2.239
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=29&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.239 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jul 2021 04:19:28 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 setuid
sync.quantumdex.io/ Frame ADC1 43 B
338 B 245ms
243ms Image
image/gif 2606:4700:20::681a:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=ix&uid=YO-3UNWDf2o0uLEw3R28rwAAAOIAAAIB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 04:19:28 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=36hFNIx8cc4iTRcQ5eVm9DYI5O%2FJ5Lg68MNnszz4aOBFEPVop9nCv%2FavpS7E74AC%2FgKAehM0TgCl8T8PZa6uAiT7tt5TDu0RgnvEKm8G5wiXRxsqaP2F4LwLDC8n4Jp2AsdqLuwKMxeekeA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 66f031559d584a97-FRA
content-length: 43

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.14.0/619621/AKd2boIBEPx5XkCb/ Frame 6076 0
145 B 66ms
66ms XHR
text/plain 52.48.25.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.14.0/619621/AKd2boIBEPx5XkCb/postback?dt=6196211556140246740000&dm=970x90&r3=&pp=11395&ai=216536&r1=2a01%3A4f8%3A192%3A5400%3A%3A&pd=avt&ui=770b1fd7-0000-0000-0000-000000000000&ap=&ti=3869291698430432303&pv=0c96b6d3-7055-4c39-bd61-08a12a223e39&sr=13&de=43003&cr=6622405&r2=&ci=619621&di=http%3A%2F%2Fwww.goole.com%2Fsafeview-redirect%2Ftc_frame.html%3Fdt%3DPCFET0NUWVBFIGh0bWw%252B%26n%3D639f7146%26furl%3DaHR0cHM6Ly9kZS50eW50LmNvbS9kZWIvP209eGNoJnJ0PWh0bWwmc2lkPTAwMTBiMDAwMDJDcFloRUFBVg%253D%253D%26turl%3DaHR0cDovL3d3dy5nb29sZS5jb20v&si=5514030&ac=651871&c1=4562312&sid=AKd2boIBEPx5XkCb&oz_sc=0903d9894e9f94de8b459205&oz_df=1626322771579&oz_l=481&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.14.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.48.25.212 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-25-212.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 15 Jul 2021 04:19:30 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.14.0/619621/AKd2boIBEPx5XkCb/ Frame 6076 0
145 B 66ms
65ms XHR
text/plain 52.48.25.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.14.0/619621/AKd2boIBEPx5XkCb/postback?dt=6196211556140246740000&dm=970x90&r3=&pp=11395&ai=216536&r1=2a01%3A4f8%3A192%3A5400%3A%3A&pd=avt&ui=770b1fd7-0000-0000-0000-000000000000&ap=&ti=3869291698430432303&pv=0c96b6d3-7055-4c39-bd61-08a12a223e39&sr=13&de=43003&cr=6622405&r2=&ci=619621&di=http%3A%2F%2Fwww.goole.com%2Fsafeview-redirect%2Ftc_frame.html%3Fdt%3DPCFET0NUWVBFIGh0bWw%252B%26n%3D639f7146%26furl%3DaHR0cHM6Ly9kZS50eW50LmNvbS9kZWIvP209eGNoJnJ0PWh0bWwmc2lkPTAwMTBiMDAwMDJDcFloRUFBVg%253D%253D%26turl%3DaHR0cDovL3d3dy5nb29sZS5jb20v&si=5514030&ac=651871&c1=4562312&sid=AKd2boIBEPx5XkCb&oz_sc=0903d9894e9f94de8b459205&oz_df=1626322773233&oz_l=324&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.14.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.48.25.212 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-25-212.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 15 Jul 2021 04:19:32 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

Verdicts & Comments Add Verdict or Comment

66 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.goole.com/	1970-01-19 19:45:22	Name: sf_ck_tst Value: test
			www.goole.com/	1970-01-19 19:45:29	Name: __vliIPL Value: {"value":["2a01:4f8:192:5414::2"],"expiredAt":1626329961322}

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: http://tag.vlitag.com/v1/1626280627/60c3873e17b9adefa23c9485ef8a2190.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	log	URL: http://tag.vlitag.com/v1/1626280627/60c3873e17b9adefa23c9485ef8a2190.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	error	URL: https://assets.vlitag.com/plugins/cmptcf2/cmp-v2.0.1.js(Line 439) Message: TypeError: Cannot read property 'getItem' of null

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.pubmatic.com
ads.us.e-planning.net
ajax.cloudflare.com
ap.lijit.com
assets.vlitag.com
bidder.criteo.com
c1.adform.net
cdn.adnxs-simple.com
cdn.contentspread.net
cdn.jsdelivr.net
cm.g.doubleclick.net
dmp.adform.net
dmp.brand-display.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
gum.criteo.com
hal9000.redintelligence.net
hal900024.redintelligence.net
ib.adnxs-simple.com
ib.adnxs.com
image6.pubmatic.com
imasdk.googleapis.com
match.adsrvr.org
match.sharethrough.com
ms.quantumdex.io
nep.advangelists.com
nym1-ib.adnxs-simple.com
onetag-sys.com
pixel-eu.rubiconproject.com
pixel.advertising.com
pixel.mathtag.com
pixel.rubiconproject.com
prebid-eu.creativecdn.com
prebid.a-mo.net
quantumsyndication.com
s.amazon-adsystem.com
s.update.mediamathtag.com
securepubads.g.doubleclick.net
services.vlitag.com
ssc-cms.33across.com
ssum-sec.casalemedia.com
static.criteo.net
stats.vlitag.com
sync.adotmob.com
sync.go.sonobi.com
sync.mathtag.com
sync.quantumdex.io
tag.vlitag.com
tags.mathtag.com
ups.analytics.yahoo.com
useast.quantumdex.io
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
www.goole.com
x.bidswitch.net
13.248.242.197
136.144.59.88
138.201.63.145
138.201.84.252
142.250.185.194
142.250.74.194
145.239.2.103
178.162.133.149
178.250.0.165
18.158.174.89
185.183.112.148
185.184.8.65
185.29.132.68
185.29.133.52
185.33.221.52
185.64.190.78
2.18.232.130
2.18.233.180
2.18.233.201
2.18.234.21
209.54.176.128
216.52.2.19
217.160.0.201
2606:4700:20::681a:24e
2606:4700:20::681a:eee
2606:4700:20::681a:fee
2606:4700:3033::ac43:8e10
2606:4700::6810:a723
2a00:1450:4001:811::200e
2a00:1450:4001:827::200a
2a00:1450:4001:828::2003
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2008
2a00:1450:4001:830::200a
2a02:2638:1::3
2a02:2638::1c
2a04:4e42:3::485
3.126.56.137
35.156.245.144
35.241.40.233
37.157.2.239
46.249.52.248
51.89.9.251
52.48.25.212
52.59.28.101
54.82.140.85
67.202.110.23
68.67.160.26
69.173.144.139
69.173.144.165
07e4203b9f313b587b1d53f896e63771ec85f9b0d4c2ac5fa64089457784d847
0e0afd44814a75a95764d65cd9911b0430ac0c866ff3c552ffe1c6021719e94d
11458d444f8ea97a460c4a35a676aa0a05e02bb6285af24cdf0b0b0f74157e59
118b932ce446d673706c274aa65d22e8e2b2fe744187ce16f6656ab7940fb140
13f9232b6f933b62da8d95d967cb91859f154fd767332eb22bc0047dfa753f35
17c95dda6af1a7e1e5cf6d3f17df342ab4a3136715e9d470b9285889009c475f
1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0
1a35de37bfd7fd9fccce8f7aaf52966e0d377190ed3a3a75e4e76a9f68dccb1f
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1d3091b35fdfe0a78f4c501cd46aa1044daca73d20a4d740d97694b070d0ff41
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
21a20702291139df6b76478943fef0cfa8b4e7e7752f6827c76a3b3e89e3d046
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
24a104ef6529cb9bbceaeca4e037ecf14d40db5207009ac23e8224703fa11bb8
2b470d0e044e1fe31117af3d304f11621aa4cb43c065b0959ff0a36476a7ecf8
3afef3430b5238f8f850e44b964f4f8145d17a435fc489493d38337eb7d1ca7d
40911888c1e37a6276ede7a9c27b13320d823630c5e1dc0e981518de3a77f4fc
499279be66fa7d967e964c3adcf1d32e495e9955c3c2a9317b683fd79b65aff9
4b11c95118b3eb3f49d4fbe5a3bf9777846263f72602745e3be775c65e64829d
4b51fb8f6cdad9b531fa133bd26014375561d38fb715e7a21f3bab00d8e226d5
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5cce2306a2b7a641280a0e61d53b3cd645edb91d9389edaa2ba961a29337cfc0
62a62e2e05cc6ef890020f2ecc567885895c176880af9dedd3b50ec1c22d6805
645c745c972fa286538b481ff3da9a58bf2a8b2fba6b8a195853f6d221a4775e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554
79b7ce3497106929e70c298eb60d2392b75ef40f61070786ad43ca1844b9a649
7e324ec50dd0bdc10ab4b31e01360bc2bfa154f1479cef066510d5a673e345ca
83bcdfa5df8e5f84aa8715b0aefb06e9909b30290843475a0ecc6887650f811f
87dc5f178d4f356e453783b1e1e0809c8f7d9c95dc78467ecb1ef8e08ce7bcff
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
93218bfff0972fdb54651d6cd2fe596a9326486073e119241313ab3d811ce2f2
98d3a7a1592bf3df2536c588b71074ecd38c1ae4271e8ab279e0c0ea940e8316
a98e1f08dd27c121a337ddc31691d4044f56ae83301b574728548b78d3068d3b
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
b8341f341848ee9eec71870d976b0895ef1084190c2e0b0349d2ba1c9b9ef64e
baf437304d79006a4f050b871807483c921e783a2a91808ad4b8f77802cde740
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c3c1c81e7aef8296802799b586e287767b8ad576886b42e5ee91b40fef73653e
cca4f37b4a4385ecdf4190c9f2be8e2ded15b5ed018bc04d4f63dd42c2eaf2fc
ccde68dd9648e2fa325026b3e4ded57d2dd60432a4f979cf9ec3f781c1cdc9b2
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
ce09be97f6c202dfdd0c605727de8901500539c1c46ca7e30133a4d81e09660e
d9ecacf0e4adcba3a7b7dfa57becbc921434053158e57401578818ab40bab332
df96ba5a4c724f3659fb34110ab41799729ed8439017ffcc76dd9ee555f84c14
e2478831ef2f50c4af4611462169e591a4b0b36b8dd6c71f4d047a3d6db9f94c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8753bff0f25027b918bb6c8276b9b2989e843bd23d4b5cceefaea623b2f5c8b
e8dd6f380841eaa3ba6b546a9c7e9b2f480256b39cfbd10f198831cf4dcdb0ae
e953fd0eae26bb204e480447ed1d404af7d1d16e36be921ae5e796acce4059c5
f1993355f48ad17d8ab9c952def49e1ee2ed56e9a2e38a57634ec00c605e0c33
f30e6ef43618682eff961b26d463fe16a6f30145e70032fd4fd332e003b4d15a
f71624dd073fb29e6776d6b582a818077986356c668992161578205214936119
fcb6eec6ad9e415f058503c96d3b39f1732e87a30ecaefe1e638206ecf0dc163

www.goole.com Open in urlscan Pro 217.160.0.201 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

109 Requests

71 %HTTPS

29 %IPv6

40 Domains

57 Subdomains

45 IPs

7 Countries

1221 kBTransfer

3001 kBSize

2 Cookies

1 Outgoing links

Redirected requests

109 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.goole.com Open in urlscan Pro
217.160.0.201 Public Scan

Screenshot
Live screenshot

Full Image

109
Requests

71 %
HTTPS

29 %
IPv6

40
Domains

57
Subdomains

45
IPs

7
Countries

1221 kB
Transfer

3001 kB
Size

2
Cookies

109 HTTP transactions
2 data transactions